Hello community, here is the log from the commit of package nginx-1.0 for openSUSE:12.1:Update:Test checked in at 2011-12-02 17:28:49 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.1:Update:Test/nginx-1.0 (Old) and /work/SRC/openSUSE:12.1:Update:Test/.nginx-1.0.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nginx-1.0", Maintainer is "sch...@suse.com" Changes: -------- --- /work/SRC/openSUSE:12.1:Update:Test/nginx-1.0/nginx-1.0.changes 2011-12-02 17:28:48.000000000 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.nginx-1.0.new/nginx-1.0.changes 2011-12-02 17:28:50.000000000 +0100 @@ -1,0 +2,174 @@ +Fri Dec 2 14:48:35 UTC 2011 - sch...@suse.com + +- 1.0.10 includes a fix for: + Fixed VUL-0: CVE-2011-4315: nginx: heap overflow (bnc #731084) + +------------------------------------------------------------------- +Fri Nov 18 12:56:55 UTC 2011 - sch...@suse.com + +- Uppstream update to 1.0.10 + Changes with nginx 1.0.10 + + *) Bugfix: a segmentation fault might occur in a worker process if + resolver got a big DNS response. + Thanks to Ben Hawkes. + + *) Bugfix: in cache key calculation if internal MD5 implementation was + used; the bug had appeared in 1.0.4. + + *) Bugfix: the module ngx_http_mp4_module sent incorrect + "Content-Length" response header line if the "start" argument was + used. + Thanks to Piotr Sikora. + + + Changes with nginx 1.0.9 + + *) Change: now the 0x7F-0x1F characters are escaped as \xXX in an + access_log. + + *) Change: now SIGWINCH signal works only in daemon mode. + + *) Feature: "proxy/fastcgi/scgi/uwsgi_ignore_headers" directives support + the following additional values: X-Accel-Limit-Rate, + X-Accel-Buffering, X-Accel-Charset. + + *) Feature: decrease of memory consumption if SSL is used. + + *) Feature: accept filters are now supported on NetBSD. + + *) Feature: the "uwsgi_buffering" and "scgi_buffering" directives. + Thanks to Peter Smit. + + *) Bugfix: a segmentation fault occurred on start or while + reconfiguration if the "ssl" directive was used at http level and + there was no "ssl_certificate" defined. + + *) Bugfix: some UTF-8 characters were processed incorrectly. + Thanks to Alexey Kuts. + + *) Bugfix: the ngx_http_rewrite_module directives specified at "server" + level were executed twice if no matching locations were defined. + + *) Bugfix: a socket leak might occurred if "aio sendfile" was used. + + *) Bugfix: connections with fast clients might be closed after + send_timeout if file AIO was used. + + *) Bugfix: in the ngx_http_autoindex_module. + + *) Bugfix: the module ngx_http_mp4_module did not support seeking on + 32-bit platforms. + + *) Bugfix: non-cacheable responses might be cached if + "proxy_cache_bypass" directive was used. + Thanks to John Ferlito. + + *) Bugfix: cached responses with an empty body were returned + incorrectly; the bug had appeared in 0.8.31. + + *) Bugfix: 201 responses of the ngx_http_dav_module were incorrect; the + bug had appeared in 0.8.32. + + *) Bugfix: in the "return" directive. + + *) Bugfix: the "ssl_verify_client", "ssl_verify_depth", and + "ssl_prefer_server_ciphers" directives might work incorrectly if SNI + was used. + + + Changes with nginx 1.0.8 + + *) Bugfix: nginx could not be built --with-http_mp4_module and without + --with-debug option. + + + Changes with nginx 1.0.7 + + *) Change: now if total size of all ranges is greater than source + response size, then nginx disables ranges and returns just the source + response. + + *) Feature: the "max_ranges" directive. + + *) Feature: the module ngx_http_mp4_module. + + *) Feature: the "worker_aio_requests" directive. + + *) Bugfix: if nginx was built --with-file-aio it could not be run on + Linux kernel which did not support AIO. + + *) Bugfix: in Linux AIO error processing. + Thanks to Hagai Avrahami. + + *) Bugfix: in Linux AIO combined with open_file_cache. + + *) Bugfix: open_file_cache did not update file info on retest if file + was not atomically changed. + + *) Bugfix: reduced memory consumption for long-lived requests. + + *) Bugfix: in the "proxy/fastcgi/scgi/uwsgi_ignore_client_abort" + directives. + + *) Bugfix: nginx could not be built on MacOSX 10.7. + + *) Bugfix: request body might be processed incorrectly if client used + pipelining. + + *) Bugfix: in the "request_body_in_single_buf" directive. + + *) Bugfix: in "proxy_set_body" and "proxy_pass_request_body" directives + if SSL connection to backend was used. + + *) Bugfix: nginx hogged CPU if all servers in an upstream were marked as + "down". + + *) Bugfix: a segmentation fault might occur during reconfiguration if + ssl_session_cache was defined but not used in previous configuration. + + *) Bugfix: a segmentation fault might occur in a worker process if many + backup servers were used in an upstream. + + + Changes with nginx 1.0.6 + + *) Feature: cache loader run time decrease. + + *) Feature: loading time decrease of configuration with large number of + HTTPS sites. + + *) Feature: now nginx supports ECDHE key exchange ciphers. + Thanks to Adrian Kotelba. + + *) Feature: the "lingering_close" directive. + + *) Feature: now shared zones and caches use POSIX semaphores on Solaris. + Thanks to Den Ivanov. + + *) Bugfix: nginx could not be built on Linux 3.0. + + *) Bugfix: a segmentation fault might occur in a worker process if + "fastcgi/scgi/uwsgi_param" directives were used with values starting + with "HTTP_"; the bug had appeared in 0.8.40. + + *) Bugfix: in closing connection for pipelined requests. + + *) Bugfix: nginx did not disable gzipping if client sent "gzip;q=0" in + "Accept-Encoding" request header line. + + *) Bugfix: in timeout in unbuffered proxied mode. + + *) Bugfix: memory leaks when a "proxy_pass" directive contains variables + and proxies to an HTTPS backend. + + *) Bugfix: in parameter validaiton of a "proxy_pass" directive with + variables. + Thanks to Lanshun Zhou. + + *) Bugfix: SSL did not work on QNX. + + *) Bugfix: SSL modules could not be built by gcc 4.6 without + --with-debug option. + +------------------------------------------------------------------- Old: ---- nginx-1.0.5.tar.gz nginx-svn4003.diff New: ---- nginx-1.0.10.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nginx-1.0.spec ++++++ --- /var/tmp/diff_new_pack.Ew87oT/_old 2011-12-02 17:28:51.000000000 +0100 +++ /var/tmp/diff_new_pack.Ew87oT/_new 2011-12-02 17:28:51.000000000 +0100 @@ -16,7 +16,7 @@ # Name: nginx-1.0 -Version: 1.0.5 +Version: 1.0.10 Release: 0 # %define pkg_name nginx @@ -79,7 +79,7 @@ %requires_eq perl # Url: http://nginx.net/ -Source: http://sysoev.ru/nginx/nginx-%{version}.tar.gz +Source: nginx-1.0.10.tar.gz Source1: nginx.init Source2: nginx.logrotate # PATCH-FIX-UPSTREAM nginx-0.4.0-no_Werror.patch @@ -90,8 +90,6 @@ Patch3: nginx-0.4.0-perl_vendor_install.patch # PATCH-FIX-UPSTREAM nginx-1.0.4_default_config.patch Patch4: nginx-1.0.4_default_config.patch -# backport r4003: catch up with new Linux version numbering (ticket #5) -Patch5: nginx-svn4003.diff Summary: A HTTP server and IMAP/POP3 proxy server %description nginx [engine x] is a HTTP server and IMAP/POP3 proxy server written by Igor Sysoev. @@ -107,7 +105,6 @@ %patch2 %patch3 %patch4 -%patch5 -p3 perl -pi -e 's|\r\n|\n|g' contrib/geo2nginx.pl ++++++ nginx-1.0.5.tar.gz -> nginx-1.0.10.tar.gz ++++++ ++++ 22065 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
