Hello community, here is the log from the commit of package patchinfo.2264 for openSUSE:12.3:Update checked in at 2013-11-22 04:34:20 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/patchinfo.2264 (Old) and /work/SRC/openSUSE:12.3:Update/.patchinfo.2264.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "patchinfo.2264" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo> <issue id="851295" tracker="bnc">VUL-0: CVE-2013-4547: nginx: security restriction bypass flaw due to whitespace parsing</issue> <issue id="CVE-2013-4547" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>elvigia</packager> <description> The nginx webserver was fixed to avoid a restriction bypass when a space in not correctly escaped. (CVE-2013-4547) On openSUSE 12.2, nginx was updated to version 1.4.4 stable * CVE-2013-4547 a character following an unescaped space in a request line was handled incorrectly [bnc#851295] * bugfix: segmentation fault might occur in the spdy module * bugfix: segmentation fault might occur on start if if the "try_files" directive was used with an empty parameter. </description> <summary>nginx: fixed restriction bypass problem</summary> </patchinfo> -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org