{"id":"MGASA-2013-0160","summary":"Updated nginx package fixes security vulnerability","details":"A security problem related to CVE-2013-2028 was identified, affecting some\nprevious nginx versions if proxy_pass to untrusted upstream HTTP servers is\nused.  The problem may lead to a denial of service or a disclosure of a\nworker process memory on a specially crafted response from an upstream\nproxied server (CVE-2013-2070).\n","modified":"2026-04-16T00:08:57.031330359Z","published":"2013-06-06T12:24:33Z","upstream":["CVE-2013-2070"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2013-0160.html"},{"type":"WEB","url":"http://mailman.nginx.org/pipermail/nginx-announce/2013/000114.html"},{"type":"WEB","url":"http://nginx.org/en/CHANGES-1.2"},{"type":"WEB","url":"http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html"}],"affected":[{"package":{"name":"nginx","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/nginx?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.9-1.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0160.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}