Nginx buffer overflow

Pascal Cuoq - 18th Mar 2014

A buffer overflow has been discovered in recent versions of the HTTP server Nginx.

Hacker News user jmnicolas pondered out loud: “I wonder if this discovery is a result of OpenBSD switching its focus from Apache to Nginx?”

It took me one minute to understand what ey meant. I was actually wondering why OpenBSD would be putting buffer overflows in Nginx now that they are done putting buffer overflows in Apache. I mean surely there is room for one more buffer overflow in Apache?

The analysis of what this means about this industry and/or me is left as an exercise to the reader.

Pascal Cuoq
18th Mar 2014