Package: nginx Version: 1.2.1-2.2 Severity: serious Tags: security patch Hi,
A buffer overflow in the proxy_pass module has been reported by Nginx upstream, and a patch made available. Please see: http://www.openwall.com/lists/oss-security/2013/05/13/3 The issue is already fixed in the version in sid, and as far as I can see the code is not present in squeeze. Can you ensure that (a) the RC bug against nginx in sid is dealt with so the fixed package can migrate to jessie, and (b) prepare an update to wheezy? Thanks, Thijs -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
