Matthew Daley discovered a security problem which may lead to a disclosure of previously freed memory on specially crafted response from an upstream server, potentially resulting in sensitive information leak. The issue was addressed in Nginx 1.0.14 stable and 1.1.17 development versions. A patch was created by Nginx developers for previous software versions. We updated the Axivo RPM's to latest stable version since March 15th, when we received the security advisory from Nginx development team. To further improve the security, we compiled Nginx against OpenSSL 1.0.1 and enabled SNI support. The new Nginx and OpenSSL (1.0.1, 0.9.8e backlevel) RPM's are available into Axivo Redhat 5 repository. We will also make available the Redhat 6 RPM's within a week.