USN-4235-1 fixed a vulnerability in nginx. This update provides the corresponding update for Ubuntu 14.04 ESM.
Original advisory details:
Bert JW Regeer and Francisco Oca Gonzalez discovered that nginx incorrectly handled certain error_page configurations. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks and access resources contrary to expectations.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "nginx-extras", "binary_version": "1.4.6-1ubuntu3.9+esm1" }, { "binary_name": "nginx-core", "binary_version": "1.4.6-1ubuntu3.9+esm1" }, { "binary_name": "nginx-common", "binary_version": "1.4.6-1ubuntu3.9+esm1" }, { "binary_name": "nginx-full", "binary_version": "1.4.6-1ubuntu3.9+esm1" }, { "binary_name": "nginx", "binary_version": "1.4.6-1ubuntu3.9+esm1" }, { "binary_name": "nginx-doc", "binary_version": "1.4.6-1ubuntu3.9+esm1" }, { "binary_name": "nginx-naxsi", "binary_version": "1.4.6-1ubuntu3.9+esm1" }, { "binary_name": "nginx-naxsi-ui", "binary_version": "1.4.6-1ubuntu3.9+esm1" }, { "binary_name": "nginx-light", "binary_version": "1.4.6-1ubuntu3.9+esm1" } ] }