Results 1 to 3 of 3

Thread: Affected by nginx vulnerability?

  1. #1
    ostermmg Guest

    Question Affected by nginx vulnerability?

    We've come across this vulnerability notice:

    US-CERT Vulnerability Note VU#180065 (a.k.a. CVE-2009-2629)

    It's our understanding that ZCS uses nginx for its proxy.

    Does this vulnerability affect ZCS 5.0.x?

  2. #2
    Join Date
    Sep 2006
    Posts
    32
    Rep Power
    9

    Default

    I would like the answer to this too. I have a feeling the answer is yes because the version reported is 0.5.30 on zcs-NETWORK-5.0.16_GA. Zimbra 6.0.0 seems affected too... nginx 0.5.37. Not sure about 6.0.1 but no mention in the release notes so I would guess yes.

  3. #3
    Join Date
    Sep 2006
    Posts
    32
    Rep Power
    9

    Default

    5.0.19 has a fixed version of nginx. 6.0.2 (unreleased) will fix this too.

Similar Threads

  1. Replies: 6
    Last Post: 01-23-2013, 02:10 PM
  2. Replies: 2
    Last Post: 09-05-2008, 02:55 PM
  3. imapsync and nginx
    By Rambo in forum Migration
    Replies: 3
    Last Post: 06-04-2008, 07:54 AM
  4. Security Vulnerability Alert
    By jholder in forum Announcements
    Replies: 0
    Last Post: 04-21-2007, 01:34 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •