Important: nginx

2014-09-16T21:55:00
ID ALAS-2013-249
Type amazon
Reporter Amazon
Modified 2014-09-16T21:55:00

Description

Issue Overview:

nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI.

Affected Packages:

nginx

Issue Correction:
Run yum update nginx to update your system.

New Packages:

i686:  
    nginx-debuginfo-1.4.3-1.14.amzn1.i686  
    nginx-1.4.3-1.14.amzn1.i686

src:  
    nginx-1.4.3-1.14.amzn1.src

x86_64:  
    nginx-1.4.3-1.14.amzn1.x86_64  
    nginx-debuginfo-1.4.3-1.14.amzn1.x86_64