diff -Nru nginx-1.2.6/debian/changelog nginx-1.2.6/debian/changelog --- nginx-1.2.6/debian/changelog 2013-05-28 15:31:04.000000000 -0400 +++ nginx-1.2.6/debian/changelog 2013-11-21 13:25:42.000000000 -0500 @@ -1,3 +1,11 @@ +nginx (1.2.6-1ubuntu3.3) raring-security; urgency=low + + * Security update (closes LP: #1253691): + * Patch to fix an issue which could result in security restrictions being + bypassed (CVE-2013-4547). + + -- Thomas Ward Thu, 21 Nov 2013 13:24:46 -0500 + nginx (1.2.6-1ubuntu3.2) raring-security; urgency=low * Security update (closes LP: #1182586): diff -Nru nginx-1.2.6/debian/patches/cve-2013-4547.patch nginx-1.2.6/debian/patches/cve-2013-4547.patch --- nginx-1.2.6/debian/patches/cve-2013-4547.patch 1969-12-31 19:00:00.000000000 -0500 +++ nginx-1.2.6/debian/patches/cve-2013-4547.patch 2013-11-21 13:23:53.000000000 -0500 @@ -0,0 +1,21 @@ +Description: CVE-2013-4547 - Fix an issue in which an attacker may be able to bypass security restrictions on certain configurations with specially crafted requests. +Origin: upstream http://nginx.org/download/patch.2013.space.txt +Bug-Ubuntu: https://bugs.launchpad.net/bugs/1253691 +--- a/src/http/ngx_http_parse.c ++++ b/src/http/ngx_http_parse.c +@@ -617,6 +617,7 @@ ngx_http_parse_request_line(ngx_http_req + default: + r->space_in_uri = 1; + state = sw_check_uri; ++ p--; + break; + } + break; +@@ -670,6 +671,7 @@ ngx_http_parse_request_line(ngx_http_req + default: + r->space_in_uri = 1; + state = sw_uri; ++ p--; + break; + } + break; diff -Nru nginx-1.2.6/debian/patches/series nginx-1.2.6/debian/patches/series --- nginx-1.2.6/debian/patches/series 2013-05-28 15:31:04.000000000 -0400 +++ nginx-1.2.6/debian/patches/series 2013-11-21 13:23:53.000000000 -0500 @@ -1,3 +1,4 @@ perl-use-dpkg-buildflags.patch ubuntu-branding.patch cve-2013-2070.patch +cve-2013-4547.patch