nginx 1.14.1

Thu, 08 Nov 2018 23:52:57 -0800 

Hi,

here's an untested diff for 1.14.1, for:

    *) Security: when using HTTP/2 a client might cause excessive memory
       consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).

    *) Security: processing of a specially crafted mp4 file with the
       ngx_http_mp4_module might result in worker process memory
disclosure
       (CVE-2018-16845).

    *) Bugfix: working with gRPC backends might result in excessive memory
       consumption.

still have to build it locally but it seems ruby passenger pkgs are not
available on the mirrors right now.

Landry

Index: Makefile
===================================================================
RCS file: /cvs/ports/www/nginx/Makefile,v
retrieving revision 1.126
diff -u -r1.126 Makefile
--- Makefile    6 Nov 2018 14:57:47 -0000       1.126
+++ Makefile    9 Nov 2018 07:49:38 -0000
@@ -15,7 +15,7 @@
 COMMENT-perl=          nginx perl scripting module
 COMMENT-passenger=     nginx passenger (ruby/python/nodejs) integration module
 
-VERSION=       1.14.0
+VERSION=       1.14.1
 DISTNAME=      nginx-${VERSION}
 CATEGORIES=    www
 
@@ -31,8 +31,6 @@
 PKGNAME-headers_more=  nginx-headers-more-${VERSION}
 PKGNAME-perl=          nginx-perl-${VERSION}
 PKGNAME-passenger=     nginx-passenger-${VERSION}
-REVISION=              2
-REVISION-passenger=    3
 
 MASTER_SITES=  https://nginx.org/download/
 MASTER_SITES0= https://github.com/simpl/ngx_devel_kit/archive/
@@ -114,7 +112,7 @@
                -I "${LOCALBASE}/include" \
                -L "${X11BASE}/lib"
 
-PATCHFILES+=           nginx-${VERSION}-chroot.patch:3
+PATCHFILES+=           nginx-1.14.0-chroot.patch:3
 PATCH_DIST_STRIP=      -p1
 
 CONFIGURE_STYLE=       simple
Index: distinfo
===================================================================
RCS file: /cvs/ports/www/nginx/distinfo,v
retrieving revision 1.66
diff -u -r1.66 distinfo
--- distinfo    28 Sep 2018 14:36:16 -0000      1.66
+++ distinfo    9 Nov 2018 07:49:38 -0000
@@ -2,13 +2,13 @@
 SHA256 (lua-nginx-module-v0.10.11.tar.gz) = 
wPuR/P0cbn3sNMpkgm74H/66/e9hdNJURnY284BWZiY=
 SHA256 (naxsi-0.55.3.tar.gz) = CzyV0lB3Lcia2LSeR8HgJMWuLHbAz/pEXp/gXE3RNJU=
 SHA256 (nginx-1.14.0-chroot.patch) = 
6dERcspRpgEau5QbXHC+K0r5C9Ogy/df6j8BpYrStL0=
-SHA256 (nginx-1.14.0.tar.gz) = XRW+y/aauh/jP41BbZft2V6okZ6prFGe/5uv67YCLLU=
+SHA256 (nginx-1.14.1.tar.gz) = vwmXQTDA1BwKgR3swXqW7C9Yzci7rLdx3o04yboUpKQ=
 SHA256 (nginx-auth-ldap-0.20170725.tar.gz) = 
gNbM6amHfVHewvhaEc580l7b0tYFwovChofsxWlSKe4=
 SHA256 (ngx_devel_kit-v0.3.0.tar.gz) = 
iOBamainQZBm9a51lm+x78QJutRSLRSYbaB0VUrmFhk=
 SIZE (headers-more-nginx-module-v0.33.tar.gz) = 28130
 SIZE (lua-nginx-module-v0.10.11.tar.gz) = 616653
 SIZE (naxsi-0.55.3.tar.gz) = 187416
 SIZE (nginx-1.14.0-chroot.patch) = 8220
-SIZE (nginx-1.14.0.tar.gz) = 1016272
+SIZE (nginx-1.14.1.tar.gz) = 1014040
 SIZE (nginx-auth-ldap-0.20170725.tar.gz) = 18457
 SIZE (ngx_devel_kit-v0.3.0.tar.gz) = 66455

Reply via email to