[ubuntu/xenial-security] nginx 1.10.3-0ubuntu0.16.04.2 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Thu Jul 13 18:01:29 UTC 2017

nginx (1.10.3-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: integer overflow in range filter leading to
    information exposure
    - debian/patches/CVE-2017-7529.patch: add check to ensure size does
      not overflow
    - CVE-2017-7529

nginx (1.10.3-0ubuntu0.16.04.1) xenial; urgency=medium

  * Stable Release Update (LP: #1663937)
  * New upstream release (1.10.3) - full changelog available at upstream
    website - http://nginx.org/en/CHANGES-1.10
  * All Ubuntu specific changes from 1.10.0-0ubuntu1 through
    1.10.0-0ubuntu0.16.04.4 remain included.
  * Additional changes:
    * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.
    * debian/patches/cve-2016-4450.patch: Drop CVE patch as it is already
      included in the upstream source code in this upload.

Date: 2017-07-12 10:32:14.312400+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Xenial-changes mailing list