![]() |
|
Date: Fri, 20 Nov 2009 02:32:13 +0100 From: Craig <craig@...uarter.de> To: OSS Security <oss-security@...ts.openwall.com> Subject: CVEs for nginx Hi, are the CVEs for 1.) nginx webdav: http://secunia.com/advisories/36818/ 2.) nginx Null Pointer dereference: http://sysoev.ru/nginx/patch.null.pointer.txt 3.) nginx SSL Renegotiation: http://sysoev.ru/nginx/patch.cve-2009-3555.txt I know the last one contains a CVE number, nginx uses openssl and the patch will disable renegotiation, maybe this deserves an own CVE? Best regards, Craig
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.