[update] nginx 1.28.2

Landry Breuil Wed, 04 Feb 2026 23:49:24 -0800

hi,

trivial update for bugfixes and a cve, ok ?


Changes with nginx 1.28.2                                        04 Feb 2026

    *) Security: an attacker might inject plain text data in the response
       from an SSL backend (CVE-2026-1642).

    *) Bugfix: use-after-free might occur after switching to the next gRPC
       or HTTP/2 backend.


Index: Makefile
===================================================================
RCS file: /cvs/ports/www/nginx/Makefile,v
diff -u -r1.199 Makefile
--- Makefile    27 Dec 2025 18:03:48 -0000      1.199
+++ Makefile    5 Feb 2026 07:45:43 -0000
@@ -19,7 +19,7 @@
 COMMENT-stream=                nginx TCP/UDP proxy module
 COMMENT-xslt=          nginx XSLT filter module

-VERSION=       1.28.1
+VERSION=       1.28.2
 DISTNAME=      nginx-${VERSION}
 CATEGORIES=    www

@@ -39,8 +39,6 @@
 PKGNAME-securelink=    nginx-securelink-${VERSION}
 PKGNAME-stream=                nginx-stream-${VERSION}
 PKGNAME-xslt=          nginx-xslt-${VERSION}
-
-REVISION-mailproxy=    0

 SITES= https://nginx.org/download/
 SITES.p=https://raw.githubusercontent.com/rnagy/nginx_chroot_patch/master/ \
Index: distinfo
===================================================================
RCS file: /cvs/ports/www/nginx/distinfo,v
diff -u -r1.94 distinfo
--- distinfo    25 Dec 2025 14:10:19 -0000      1.94
+++ distinfo    5 Feb 2026 07:45:43 -0000
@@ -4,7 +4,7 @@
 SHA256 (leev-ngx_http_geoip2_module-3.4.tar.gz) = 
rXL8IzSNcVozCZSYRTH6ubNgbhYEgyNnN/mkppV9lFI=
 SHA256 (nbs-system-naxsi-d714f1636ea49a9a9f4f06dba14aee003e970834.tar.gz) = 
2+IXdBFFfxy6mO5Gc84xh2mUrQa9zl7MDuZjhO8OQg4=
 SHA256 (nginx-1.20.1-chroot.patch) = 
SS1TB0j8N4/dn5pUTGT6WvkN3aAUuKz5+R0Nt+MG0gk=
-SHA256 (nginx-1.28.1.tar.gz) = QOegkW0SHokF71Dypzi2dVmeQrIiSlgt2ThgP+0VeI4=
+SHA256 (nginx-1.28.2.tar.gz) = IOXg8skXrPtREg7sL7qaS6Th4Q/ShGUGfMh6fYGoKaM=
 SHA256 
(nginx-modules-ngx_http_hmac_secure_link_module-48c4625fbbf51ed5a95bfec23fa444f6c3702e50.tar.gz)
 = ZXpA2rODS1enIREzlD1OqWwpWcv3NOUXH4eUOgOAmqg=
 SHA256 (nginx-njs-0.9.1.tar.gz) = YTZe6mnGhi/IpbXfUxUDrklJn2vNWvkySWuEhQooJKQ=
 SHA256 (openresty-headers-more-nginx-module-v0.34.tar.gz) = 
DA0s7SzolbP0XrKyMM2QUIqyp3MpnxU94UpD5EwSCbM=
@@ -17,7 +17,7 @@
 SIZE (leev-ngx_http_geoip2_module-3.4.tar.gz) = 8877
 SIZE (nbs-system-naxsi-d714f1636ea49a9a9f4f06dba14aee003e970834.tar.gz) = 
237272
 SIZE (nginx-1.20.1-chroot.patch) = 8783
-SIZE (nginx-1.28.1.tar.gz) = 1282057
+SIZE (nginx-1.28.2.tar.gz) = 1282351
 SIZE 
(nginx-modules-ngx_http_hmac_secure_link_module-48c4625fbbf51ed5a95bfec23fa444f6c3702e50.tar.gz)
 = 6159
 SIZE (nginx-njs-0.9.1.tar.gz) = 966480
 SIZE (openresty-headers-more-nginx-module-v0.34.tar.gz) = 28827

[update] nginx 1.28.2

Reply via email to