Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page Affected by nginx vulnerability?

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 09-21-2009, 10:32 AM
Junior Member
  
Posts: 9
Question Affected by nginx vulnerability?
We've come across this vulnerability notice:

US-CERT Vulnerability Note VU#180065 (a.k.a. CVE-2009-2629)

It's our understanding that ZCS uses nginx for its proxy.

Does this vulnerability affect ZCS 5.0.x?
Reply With Quote
  #2 (permalink)  
Old 09-28-2009, 04:06 AM
Active Member
  
Posts: 32
Default
I would like the answer to this too. I have a feeling the answer is yes because the version reported is 0.5.30 on zcs-NETWORK-5.0.16_GA. Zimbra 6.0.0 seems affected too... nginx 0.5.37. Not sure about 6.0.1 but no mention in the release notes so I would guess yes.
Reply With Quote
  #3 (permalink)  
Old 09-30-2009, 01:11 AM
Active Member
  
Posts: 32
Default
5.0.19 has a fixed version of nginx. 6.0.2 (unreleased) will fix this too.
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.