On Wed, February 13, 2013 15:42, Cyril LAVIER wrote:
> Le 2013-02-13 15:36, Thijs Kinkhorst a écrit :
>> Hi Cyril,
>>
>> On Wed, February 13, 2013 14:55, Cyril LAVIER wrote:
>>> Thanks for this report.
>>>
>>> I think we have to include this patch in the nginx packages (stable
>>> and
>>> unstable).
>>>
>>> I don't actually know if you already prepared an upload, so I did it
>>> by
>>> myself (and it was a great time to relearn how to use quilt).
>>>
>>> The packages are here :
>>> * Stable :
>>> http://sources.davromaniak.eu/nginx/nginx_0.7.67-3+squeeze3.dsc
>>> * Unstable : http://sources.davromaniak.eu/nginx/nginx_1.2.1-3.dsc
>>>
>>> In case you already prepared an upload, just ignore the last lines
>>> ;).
>>>
>>> When the 1.2.1 package will arrive on the unstable repo, I will
>>> backport it to squeeze.
>>
>> Thanks!
>>
>> Unstable however is already fixed, according to my information, in
>> 1.2.2.
>> See http://forum.nginx.org/read.php?2,231067,231068
>>
>> So it does need to be fixed in wheezy, which has 1.2.1, and in stable
>> indeed. Your package for stable looks good. I'll upload that to
>> security
>> master so it can get built.
>>
>> Can you take care of the process of updating wheezy? I think you need
>> to
>> sollicit input from the release team before you can upload to
>> testing-proposed-updates.
>>
>>
>> Cheers,
>> Thijs
>
> Actually, when I typed "Unstable :" or "unstable", I meant "Testing :"
> or "testing". I don't know why I mistyped a big part of this mail :(.
>
> So the nginx_1.2.1-3.dsc source package is for testing (wheezy).
>
> Sorry for this mistake.

Right, I see that now: I skipped it because of the label ;-)

OK, I took a closer look at the version in wheezy and no action is
necessary. Code is already present in the version in wheezy that disables
the compression for openssl>=1.0.0+ (using SSL_OP_NO_COMPRESSION), which
is the version we have in wheezy. The additional code is only needed when
running with openssl 0.9.

So for wheezy and unstable we're done.

What's left is indeed squeeze, as discussed above, I'll handle that with
your package.

And the version of nginx in backports: because it has been backported to
squeeze, meaning openssl 0.9, it doesn't have the fix, so the patch does
need to be added there.


Cheers,
Thijs


--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Reply via email to