Candidate: CVE-2014-0088
PublicDate: 2014-04-29 14:38:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0088
 http://www.securitytracker.com/id/1030150
 http://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html
Description:
 The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10
 before 1.5.11, when running on a 32-bit platform, allows remote attackers
 to execute arbitrary code via a crafted request.
Ubuntu-Description:
Notes:
 mdeslaur> only affects 1.5.x
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_nginx:
upstream_nginx: needs-triage
lucid_nginx: not-affected
precise_nginx: not-affected
quantal_nginx: not-affected
saucy_nginx: not-affected
trusty_nginx: not-affected (1.4.6-1ubuntu3)
trusty/esm_nginx: not-affected (1.4.6-1ubuntu3)
devel_nginx: not-affected (1.4.6-1ubuntu3)