Comment 8 for bug 1253691

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package nginx - 1.2.1-2.2ubuntu0.2

nginx (1.2.1-2.2ubuntu0.2) quantal-security; urgency=low

  * SECURITY UPDATE: ACL bypass via space character (LP: #1253691)
    - debian/patches/cve-2013-4547.patch: modify src/http/ngx_http_parse.c
      to account for a space character, fixing an issue which could result in
      security restrictions being bypassed
    - CVE-2013-4547
 -- Thomas Ward <email address hidden> Thu, 21 Nov 2013 13:19:37 -0500