Amazon Linux 1 Security Advisory: ALAS-2014-308
Advisory Release Date: 2014-03-24 23:32 Pacific
Advisory Updated Date: 2014-09-17 22:53 Pacific
Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute arbitrary code via a crafted request.
Affected Packages:
nginx
Issue Correction:
Run yum update nginx to update your system.
i686:
nginx-debuginfo-1.4.7-1.17.amzn1.i686
nginx-1.4.7-1.17.amzn1.i686
src:
nginx-1.4.7-1.17.amzn1.src
x86_64:
nginx-debuginfo-1.4.7-1.17.amzn1.x86_64
nginx-1.4.7-1.17.amzn1.x86_64