Comment 10 for bug 1538165

This bug was fixed in the package nginx - 1.4.6-1ubuntu3.4

---------------
nginx (1.4.6-1ubuntu3.4) trusty-security; urgency=medium

  * SECURITY UPDATE: multiple resolver security issues (LP: #1538165)
    - debian/patches/CVE-2016-074x-1.patch: fix possible segmentation fault
      on DNS format error.
    - debian/patches/CVE-2016-074x-2.patch: fix crashes in timeout handler.
    - debian/patches/CVE-2016-074x-3.patch: fixed CNAME processing for
      several requests.
    - debian/patches/CVE-2016-074x-4.patch: change the
      ngx_resolver_create_*_query() arguments.
    - debian/patches/CVE-2016-074x-5.patch: fix use-after-free memory
      accesses with CNAME.
    - debian/patches/CVE-2016-074x-6.patch: limited CNAME recursion.
    - CVE-2016-0742
    - CVE-2016-0743
    - CVE-2016-0744

 -- Marc Deslauriers <email address hidden> Wed, 03 Feb 2016 09:12:00 -0500