FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

nginx -- a specially crafted request might result in an integer overflow

Affected packages
0.5.6 <= nginx < 1.12.1,2
0.5.6 <= nginx-devel < 1.13.3

Details

VuXML ID b28adc5b-6693-11e7-ad43-f0def16c5c1b
Discovery 2017-07-11
Entry 2017-07-11

Maxim Dounin reports:

A security issue was identified in nginx range filter. A specially crafted request might result in an integer overflow and incorrect processing of ranges, potentially resulting in sensitive information leak (CVE-2017-7529).

References

CVE Name CVE-2017-7529
URL http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html