Hello!
On Wed, May 8, 2013 at 12:35 AM, Florian Tham wrote:
> I'm using chunkin-nginx-module v0.23 with nginx v1.2.3. Is this combination
> also vulnerable to the issue referenced in CVE-2013-2028, or does this
> really only affect the chunked transfer encoding support in nginx v1.3.9 and
> onwards?
>
ngx_chunkin has a very different implementation from nginx's builtin
one. And I don't think this affects ngx_chunkin.
Best regards,
-agentzh