Comment 9 for bug 1253691

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package nginx - 1.2.6-1ubuntu3.3

nginx (1.2.6-1ubuntu3.3) raring-security; urgency=low

  * SECURITY UPDATE: ACL bypass via space character (LP: #1253691)
    - debian/patches/cve-2013-4547.patch: modify src/http/ngx_http_parse.c
      to account for a space character, fixing an issue which could result in
      security restrictions being bypassed
    - CVE-2013-4547
 -- Thomas Ward <email address hidden> Thu, 21 Nov 2013 13:24:46 -0500