[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <alpine.BSF.2.00.1304291907090.45180@mp2.macomnet.net>
Date: Mon, 29 Apr 2013 19:08:20 +0400 (MSK)
From: Maxim Konovalov <maxim.konovalov@...il.com>
To: bugtraq@...urityfocus.com
Subject: Re: Nginx ngx_http_close_connection function integer overflow
Hello,
Recently a report appeared alleging an integer overflow vulnerability
in nginx, claiming remote code execution impact. We've carefully
investigated the issue, and cannot confirm the alleged vulnerability
exists.
Taking this opportunity to remind: if you think you've found a
security issue in nginx - it's a good idea to report it to
security-alert@...nx.org, as listed at the nginx security advisories
page here:
http://nginx.org/en/security_advisories.html
--
Maxim Konovalov
Powered by blists - more mailing lists