[atomic] Nginx 1.4.7 with mod_security support
Posted: Wed Apr 09, 2014 11:46 am
Changelog
* Add support for mod_security on EL5 (rhel, centos, cloudlinux)
* Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, FundaciĆ³n Dr.
Manuel Sadosky, Buenos Aires, Argentina.
* Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas.
To upgrade:
yum upgrade nginx
To install:
yum install nginx
* Add support for mod_security on EL5 (rhel, centos, cloudlinux)
* Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, FundaciĆ³n Dr.
Manuel Sadosky, Buenos Aires, Argentina.
* Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas.
To upgrade:
yum upgrade nginx
To install:
yum install nginx