Ivan Fratric of the Google Security Team discovered a bug in nginx, a web server, which might allow an attacker to bypass security restrictions by using a specially crafted request. The oldstable distribution (squeeze) is not affected by this problem. For the stable distribution (wheezy), this problem has been fixed in version 1.2.1-2.2+wheezy2. For the unstable distribution (sid), this problem has been fixed in version 1.4.4-1. We recommend that you upgrade your nginx packages.
Ivan Fratric of the Google Security Team discovered a bug in nginx, a web server, which might allow an attacker to bypass security restrictions by using a specially crafted request.
The oldstable distribution (squeeze) is not affected by this problem.
For the stable distribution (wheezy), this problem has been fixed in version 1.2.1-2.2+wheezy2.
For the unstable distribution (sid), this problem has been fixed in version 1.4.4-1.
We recommend that you upgrade your nginx packages.