• A vulnerability has been discovered in all the latest releases of NGiNX.

    This is a quote from Securityfocus.com

    Source: Securityfocus.com

    I will update this thread as soon as more information is out.

  • First response from the NGiNX team so far:

    As it seems they can't get this 100% confirmed and the reporting person/team didn't go through the correct channels.

    Still waiting for a valid response if this is a real threat or false.

    Source: Openwall.com

  • The NGiNX team can not confirm this vulnerability. A last statement from the team:

    Source: Openwall.com

    This probably means it can be related to a package provided by a distribution or an alternative mirror like dotdeb (.deb, .rpm etc) , which one is unknown.