Ubuntu
nginx package

  1. Utopic (14.10)
  2. Bug #1370478
  3. Comment #1

Comment 1 for bug 1370478

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package nginx - 1.4.6-1ubuntu3.1

---------------
nginx (1.4.6-1ubuntu3.1) trusty-security; urgency=medium

  * SECURITY UPDATE: incorrect cached SSL session reuse (LP: #1370478)
    - debian/patches/CVE-2014-3616.patch: include hash of certificate in
      session id context in src/event/ngx_event_openssl.c.
    - CVE-2014-3616
 -- Marc Deslauriers <email address hidden> Wed, 17 Sep 2014 08:56:46 -0400