It was discovered that a NULL pointer dereference in the Nginx code
responsible for saving client request bodies to a temporary file might
result in denial of service: Malformed requests could crash worker
processes.
For the stable distribution (jessie), this problem has been fixed in
version 1.6.2-5+deb8u2.
For the unstable distribution (sid), this problem has been fixed in
version 1.10.1-1.
We recommend that you upgrade your nginx packages.
CPE | Name | Operator | Version |
---|---|---|---|
nginx | eq | 1.6.2-5 | |
nginx | eq | 1.6.2-5+a.exp1 | |
nginx | eq | 1.6.2-5+deb8u1 | |
nginx | eq | 1.6.2-5+deb8u1~bpo70+1 | |
nginx | eq | 1.6.2-5+deb8u2~bpo70+1 |