Comment 11 for bug 1253691

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package nginx - 1.4.1-3ubuntu1.1

---------------
nginx (1.4.1-3ubuntu1.1) saucy-security; urgency=low

  * SECURITY UPDATE: ACL bypass via space character (LP: #1253691)
    - debian/patches/cve-2013-4547.patch: modify src/http/ngx_http_parse.c
      to account for a space character, fixing an issue which could result in
      security restrictions being bypassed
    - CVE-2013-4547
 -- Thomas Ward <email address hidden> Thu, 21 Nov 2013 13:27:20 -0500