Hello community, here is the log from the commit of package nginx for openSUSE:Factory checked in at 2016-05-24 09:35:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nginx (Old) and /work/SRC/openSUSE:Factory/.nginx.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nginx" Changes: -------- --- /work/SRC/openSUSE:Factory/nginx/nginx.changes 2016-02-03 10:19:31.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.nginx.new/nginx.changes 2016-05-24 09:35:18.000000000 +0200 @@ -1,0 +2,236 @@ +Sun May 15 05:34:35 UTC 2016 - [email protected] + +- enable slice and stream module + +------------------------------------------------------------------- +Fri May 6 07:05:56 UTC 2016 - [email protected] + +- update to version 1.10.0 stable + * Bugfix: "recv() failed" errors might occur when using HHVM as a + FastCGI server. + * Bugfix: when using HTTP/2 and the "limit_req" or "auth_request" + directives a timeout or a "client violated flow control" error might + occur while reading client request body; the bug had appeared in + 1.9.14. + * Workaround: a response might not be shown by some browsers if HTTP/2 + was used and client request body was not fully read; the bug had + appeared in 1.9.14. + * Bugfix: connections might hang when using the "aio threads" + directive. + Thanks to Mindaugas Rasiukevicius. + * Feature: OpenSSL 1.1.0 compatibility. + * Feature: the "proxy_request_buffering", "fastcgi_request_buffering", + "scgi_request_buffering", and "uwsgi_request_buffering" directives + now work with HTTP/2. + * Bugfix: "zero size buf in output" alerts might appear in logs when + using HTTP/2. + * Bugfix: the "client_max_body_size" directive might work incorrectly + when using HTTP/2. + * Bugfix: of minor bugs in logging. + * Change: non-idempotent requests (POST, LOCK, PATCH) are no longer + passed to the next server by default if a request has been sent to a + backend; the "non_idempotent" parameter of the "proxy_next_upstream" + directive explicitly allows retrying such requests. + * Feature: the ngx_http_perl_module can be built dynamically. + * Feature: UDP support in the stream module. + * Feature: the "aio_write" directive. + * Feature: now cache manager monitors number of elements in caches and + tries to avoid cache keys zone overflows. + * Bugfix: "task already active" and "second aio post" alerts might + appear in logs when using the "sendfile" and "aio" directives with + subrequests. + * Bugfix: "zero size buf in output" alerts might appear in logs if + caching was used and a client closed a connection prematurely. + * Bugfix: connections with clients might be closed needlessly if + caching was used. + Thanks to Justin Li. + * Bugfix: nginx might hog CPU if the "sendfile" directive was used on + Linux or Solaris and a file being sent was changed during sending. + * Bugfix: connections might hang when using the "sendfile" and "aio + threads" directives. + * Bugfix: in the "proxy_pass", "fastcgi_pass", "scgi_pass", and + "uwsgi_pass" directives when using variables. + Thanks to Piotr Sikora. + * Bugfix: in the ngx_http_sub_filter_module. + * Bugfix: if an error occurred in a cached backend connection, the + request was passed to the next server regardless of the + proxy_next_upstream directive. + * Bugfix: "CreateFile() failed" errors when creating temporary files on + Windows. + * Feature: Huffman encoding of response headers in HTTP/2. + Thanks to Vlad Krasnov. + * Feature: the "worker_cpu_affinity" directive now supports more than + 64 CPUs. + * Bugfix: compatibility with 3rd party C++ modules; the bug had + appeared in 1.9.11. + Thanks to Piotr Sikora. + * Bugfix: nginx could not be built statically with OpenSSL on Linux; + the bug had appeared in 1.9.11. + * Bugfix: the "add_header ... always" directive with an empty value did + not delete "Last-Modified" and "ETag" header lines from error + responses. + * Workaround: "called a function you should not call" and "shutdown + while in init" messages might appear in logs when using OpenSSL + 1.0.2f. + * Bugfix: invalid headers might be logged incorrectly. + * Bugfix: socket leak when using HTTP/2. + * Bugfix: in the ngx_http_v2_module. + * Feature: TCP support in resolver. + * Feature: dynamic modules. + * Bugfix: the $request_length variable did not include size of request + headers when using HTTP/2. + * Bugfix: in the ngx_http_v2_module. + * Security: invalid pointer dereference might occur during DNS server + response processing if the "resolver" directive was used, allowing an + attacker who is able to forge UDP packets from the DNS server to + cause segmentation fault in a worker process (CVE-2016-0742). + * Security: use-after-free condition might occur during CNAME response + processing if the "resolver" directive was used, allowing an attacker + who is able to trigger name resolution to cause segmentation fault in + a worker process, or might have potential other impact + (CVE-2016-0746). + * Security: CNAME resolution was insufficiently limited if the + "resolver" directive was used, allowing an attacker who is able to + trigger arbitrary name resolution to cause excessive resource + consumption in worker processes (CVE-2016-0747). + * Feature: the "auto" parameter of the "worker_cpu_affinity" directive. + * Bugfix: the "proxy_protocol" parameter of the "listen" directive did + not work with IPv6 listen sockets. + * Bugfix: connections to upstream servers might be cached incorrectly + when using the "keepalive" directive. + * Bugfix: proxying used the HTTP method of the original request after + an "X-Accel-Redirect" redirection. + * Bugfix: proxying to unix domain sockets did not work when using + variables; the bug had appeared in 1.9.8. + * Feature: pwritev() support. + * Feature: the "include" directive inside the "upstream" block. + * Feature: the ngx_http_slice_module. + * Bugfix: a segmentation fault might occur in a worker process when + using LibreSSL; the bug had appeared in 1.9.6. + * Bugfix: nginx could not be built on OS X in some cases. + * Feature: the "nohostname" parameter of logging to syslog. + * Feature: the "proxy_cache_convert_head" directive. + * Feature: the $realip_remote_addr variable in the + ngx_http_realip_module. + * Bugfix: the "expires" directive might not work when using variables. + * Bugfix: a segmentation fault might occur in a worker process when + using HTTP/2; the bug had appeared in 1.9.6. + * Bugfix: if nginx was built with the ngx_http_v2_module it was + possible to use the HTTP/2 protocol even if the "http2" parameter of + the "listen" directive was not specified. + * Bugfix: in the ngx_http_v2_module. + * Bugfix: a segmentation fault might occur in a worker process when + using HTTP/2. + Thanks to Piotr Sikora and Denis Andzakovic. + * Bugfix: the $server_protocol variable was empty when using HTTP/2. + * Bugfix: backend SSL connections in the stream module might be timed + out unexpectedly. + * Bugfix: a segmentation fault might occur in a worker process if + different ssl_session_cache settings were used in different virtual + servers. + * Bugfix: nginx/Windows could not be built with MinGW gcc; the bug had + appeared in 1.9.4. + Thanks to Kouhei Sutou. + * Bugfix: time was not updated when the timer_resolution directive was + used on Windows. + * Miscellaneous minor fixes and improvements. + Thanks to Markus Linnala, Kurtis Nusbaum and Piotr Sikora. + * Feature: the ngx_http_v2_module (replaces ngx_http_spdy_module). + Thanks to Dropbox and Automattic for sponsoring this work. + * Change: now the "output_buffers" directive uses two buffers by + default. + * Change: now nginx limits subrequests recursion, not simultaneous + subrequests. + * Change: now nginx checks the whole cache key when returning a + response from cache. + Thanks to Gena Makhomed and Sergey Brester. + * Bugfix: "header already sent" alerts might appear in logs when using + cache; the bug had appeared in 1.7.5. + * Bugfix: "writev() failed (4: Interrupted system call)" errors might + appear in logs when using CephFS and the "timer_resolution" directive + on Linux. + * Bugfix: in invalid configurations handling. + Thanks to Markus Linnala. + * Bugfix: a segmentation fault occurred in a worker process if the + "sub_filter" directive was used at http level; the bug had appeared + in 1.9.4. + * Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer" + directives of the stream module are replaced with the + "proxy_buffer_size" directive. + * Feature: the "tcp_nodelay" directive in the stream module. + * Feature: multiple "sub_filter" directives can be used simultaneously. + * Feature: variables support in the search string of the "sub_filter" + directive. + * Workaround: configuration testing might fail under Linux OpenVZ. + Thanks to Gena Makhomed. + * Bugfix: old worker processes might hog CPU after reconfiguration with + a large number of worker_connections. + * Bugfix: a segmentation fault might occur in a worker process if the + "try_files" and "alias" directives were used inside a location given + by a regular expression; the bug had appeared in 1.7.1. + * Bugfix: the "try_files" directive inside a nested location given by a + regular expression worked incorrectly if the "alias" directive was + used in the outer location. + * Bugfix: in hash table initialization error handling. + * Bugfix: nginx could not be built with Visual Studio 2015. + * Change: duplicate "http", "mail", and "stream" blocks are now + disallowed. + * Feature: connection limiting in the stream module. + * Feature: data rate limiting in the stream module. + * Bugfix: the "zone" directive inside the "upstream" block did not work + on Windows. + * Bugfix: compatibility with LibreSSL in the stream module. + Thanks to Piotr Sikora. + * Bugfix: in the "--builddir" configure parameter. + Thanks to Piotr Sikora. + * Bugfix: the "ssl_stapling_file" directive did not work; the bug had + appeared in 1.9.2. + Thanks to Faidon Liambotis and Brandon Black. + * Bugfix: a segmentation fault might occur in a worker process if the + "ssl_stapling" directive was used; the bug had appeared in 1.9.2. + Thanks to Matthew Baldwin. + * Feature: the "backlog" parameter of the "listen" directives of the + mail proxy and stream modules. + * Feature: the "allow" and "deny" directives in the stream module. + * Feature: the "proxy_bind" directive in the stream module. + * Feature: the "proxy_protocol" directive in the stream module. + * Feature: the -T switch. ++++ 402 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/nginx/nginx.changes ++++ and /work/SRC/openSUSE:Factory/.nginx.new/nginx.changes Old: ---- nginx-0.4.0-no_Werror.patch nginx-0.6.38-html.patch nginx-1.0.15_docs.patch nginx-1.8.1.tar.gz New: ---- nginx-1.10.0-html.patch nginx-1.10.0-no_Werror.patch nginx-1.10.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nginx.spec ++++++ --- /var/tmp/diff_new_pack.bLG1b1/_old 2016-05-24 09:35:19.000000000 +0200 +++ /var/tmp/diff_new_pack.bLG1b1/_new 2016-05-24 09:35:19.000000000 +0200 @@ -63,7 +63,7 @@ %endif # Name: nginx -Version: 1.8.1 +Version: 1.10.0 Release: 0 %define fancyindex_version 0.3.5 Summary: A HTTP server and IMAP/POP3 proxy server @@ -76,18 +76,16 @@ Source3: nginx.service Source4: https://github.com/aperezdc/ngx-fancyindex/archive/v%{fancyindex_version}/ngx-fancyindex-%{fancyindex_version}.tar.gz Source100: nginx.rpmlintrc -# PATCH-FIX-UPSTREAM nginx-0.4.0-no_Werror.patch -Patch0: nginx-0.4.0-no_Werror.patch -# PATCH-FIX-UPSTREAM nginx-0.6.38-html.patch -Patch2: nginx-0.6.38-html.patch +# PATCH-FIX-UPSTREAM nginx-1.10.0-no_Werror.patch +Patch0: nginx-1.10.0-no_Werror.patch +# PATCH-FIX-OPENSUSE nginx-1.10.0-html.patch +Patch1: nginx-1.10.0-html.patch # PATCH-FIX-UPSTREAM nginx-1.2.4-perl_vendor_install.patch -Patch3: nginx-1.2.4-perl_vendor_install.patch +Patch2: nginx-1.2.4-perl_vendor_install.patch # PATCH-FIX-UPSTREAM fix /etc/nginx/nginx.conf to suit Linux env -Patch4: nginx-1.6.1-default_config.patch -# PATCH for fixing docs/html path -Patch5: nginx-1.0.15_docs.patch +Patch3: nginx-1.6.1-default_config.patch # PATCH-FIX-UPSTREAM nginx-aio.patch fix support for Linux AIO -Patch6: nginx-aio.patch +Patch4: nginx-aio.patch BuildRequires: gcc-c++ BuildRequires: gd-devel BuildRequires: libxslt-devel @@ -130,12 +128,11 @@ %else %setup -q -n %{pkg_name}-%{version} %endif -%patch0 +%patch0 -p1 +%patch1 -p1 %patch2 %patch3 -%patch4 -%patch5 -%patch6 -p1 +%patch4 -p1 perl -pi -e 's|\r\n|\n|g' contrib/geo2nginx.pl @@ -172,7 +169,7 @@ --with-ipv6 \ --with-http_ssl_module \ %if %{with http2} - --with-http_spdy_module \ + --with-http_v2_module \ %endif --with-http_realip_module \ --with-http_addition_module \ @@ -189,10 +186,12 @@ --with-http_random_index_module \ --with-http_secure_link_module \ --with-http_degradation_module \ + --with-http_slice_module \ --with-http_stub_status_module \ --with-http_perl_module \ --with-perl=%{_bindir}/perl \ --with-mail \ + --with-stream \ --with-mail_ssl_module \ --with-pcre \ %if %{with libatomic} ++++++ nginx-0.6.38-html.patch -> nginx-1.10.0-html.patch ++++++ --- /work/SRC/openSUSE:Factory/nginx/nginx-0.6.38-html.patch 2015-07-03 01:20:12.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.nginx.new/nginx-1.10.0-html.patch 2016-05-24 09:35:18.000000000 +0200 @@ -1,14 +1,13 @@ -Index: auto/install -=================================================================== ---- auto/install.orig -+++ auto/install -@@ -147,8 +147,7 @@ install: $NGX_OBJS${ngx_dirsep}nginx${ng - test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' || \ - mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' +diff -ur nginx-1.10.0.orig/auto/install nginx-1.10.0/auto/install +--- nginx-1.10.0.orig/auto/install 2016-05-06 09:12:12.617492168 +0200 ++++ nginx-1.10.0/auto/install 2016-05-06 09:30:12.164261301 +0200 +@@ -154,8 +154,7 @@ + test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' \\ + || mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' -- test -d '\$(DESTDIR)$NGX_PREFIX/html' \ +- test -d '\$(DESTDIR)$NGX_PREFIX/html' \\ - || cp -R $NGX_HTML '\$(DESTDIR)$NGX_PREFIX' -+ test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r docs/html '\$(DESTDIR)/srv/www/htdocs' ++ test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r html '\$(DESTDIR)/srv/www/htdocs' END ++++++ nginx-0.4.0-no_Werror.patch -> nginx-1.10.0-no_Werror.patch ++++++ --- /work/SRC/openSUSE:Factory/nginx/nginx-0.4.0-no_Werror.patch 2015-07-03 01:20:12.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.nginx.new/nginx-1.10.0-no_Werror.patch 2016-05-24 09:35:18.000000000 +0200 @@ -1,8 +1,6 @@ -Index: auto/cc/gcc -=================================================================== ---- auto/cc/gcc.orig -+++ auto/cc/gcc -@@ -168,7 +168,7 @@ esac +--- nginx-1.10.0.orig/auto/cc/gcc 2016-05-06 09:12:12.617492168 +0200 ++++ nginx-1.10.0/auto/cc/gcc 2016-05-06 10:07:04.218072918 +0200 +@@ -173,7 +173,7 @@ # stop on warning ++++++ nginx-1.8.1.tar.gz -> nginx-1.10.0.tar.gz ++++++ ++++ 48086 lines of diff (skipped)
