From secunia security advisory at $URL: Description: The weakness is caused due to an error when parsing header responses from servers and can be exploited to disclose the contents of previously freed memory. The weakness is reported in versions prior to 1.0.14. Solution Update to version 1.0.14. Fixed also in 1.1.17 for testing.
+ 15 Mar 2012; Patrick Lauer <patrick@gentoo.org> +nginx-1.0.14.ebuild, + +nginx-1.1.17.ebuild: + Bump for #408367
+ 15 Mar 2012; Patrick Lauer <patrick@gentoo.org> -nginx-1.0.11.ebuild, + -nginx-1.0.12.ebuild, -nginx-1.1.14.ebuild, -nginx-1.1.16.ebuild: + Removing old versions 1.0.10 is stable, recommend stabling 1.0.14 so it can be removed.
Thanks for the fast bump Arches, please test and mark stable: =www-servers/nginx-1.0.14 Target keywords : "amd64 x86"
both stable @security, please vote.
Thanks, everyone. GLSA Vote: yes.
GLSA vote: yes. Adding to existing GLSA request.
Also, FreeBSD reports this (just as information) http://www.vuxml.org/freebsd/29194cb8-6e9f-11e1-8376-f0def16c5c1b.html That's where I found it. It's already stable, but not in GLSA, is that right?
(In reply to comment #7) > It's already stable, but not in GLSA, is that right? The advisory will be done.
This issue was resolved and addressed in GLSA 201203-22 at http://security.gentoo.org/glsa/glsa-201203-22.xml by GLSA coordinator Sean Amoss (ackle).
CVE-2012-1180 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1180): Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
