; urgency=medium
+
+ * Handle CVE-2019-20372, error page request smuggling
+(Closes: #948579)
+
+ -- Christos Trochalakis Sat, 11 Jan 2020 09:28:05
+0200
+
nginx (1.14.2-2+deb10u1) buster-security; urgency=high
* Backport upstream fixes for 3 CVEs (Closes: #935037)
diff -Nru nginx-1.14.
; urgency=medium
+
+ * Handle CVE-2019-20372, error page request smuggling
+(Closes: #948579)
+
+ -- Christos Trochalakis Sat, 11 Jan 2020 09:28:05
+0200
+
nginx (1.10.3-1+deb9u3) stretch-security; urgency=high
* Backport upstream fixes for 3 CVEs (Closes: #935037)
diff -Nru nginx-1.10.
On Mon, Oct 07, 2019 at 06:16:48PM +0300, Niko Tyni wrote:
This package failed to build from source on arm64, mips64el, ppc64el
and s390x, but earlier versions built there successfully in the past.
This is preventing 1.16.1-1 testing migration and is a blocker for
the ongoing Perl 5.30 transitio
On Wed, Oct 11, 2017 at 04:39:37AM +0300, root wrote:
Package: libnginx-mod-rtmp
Severity: normal
Dear Maintainer,
#apt-get install libnginx-mod-rtmp
The following packages have unmet dependencies:
libnginx-mod-rtmp : Depends: nginx-common (= 1.13.3-1~bpo9+1) but
1.10.3-1+deb9u1 is to be inst
Package: wnpp
Severity: wishlist
Owner: Christos Trochalakis
* Package name: golang-github-datadog-zstd
Version : 1.3.4-1
Upstream Author : Datadog, Inc.
* URL : https://github.com/DataDog/zstd
* License : BSD-3-clause
Programming Lang: Go
Description
On Fri, Nov 23, 2018 at 10:02:15AM +0100, Olaf van der Spek wrote:
Op vr 23 nov. 2018 om 09:52 schreef Christos Trochalakis
:
Yes, restarting Nginx is something that can be avoided, Nginx provides
such utilities.
You can just run something like `nginx -t && nginx -s reload`, that
ch
On Thu, Mar 30, 2017 at 09:05:56PM +0300, Paul Tötterman wrote:
# lsof -p $(systemctl show -pMainPID nginx| cut -d= -f2)|grep /var/log
This actually showed no *.log.1 -files being open, but lsof -c nginx
|grep ... does
Hmm, so the log.1 file is referenced by a worker, and not the master
proc
Hello all,
On Fri, Nov 27, 2015 at 11:55:08AM +0100, Steinar H. Gunderson wrote:
Hi,
ImageMagick supports WebP, and GraphicsMagick in Debian supports it now
(since #789745). Would you please consider enabling it in the Debian package?
I know there were worries about security in the past, but as
Package: wnpp
Severity: wishlist
Owner: Christos Trochalakis
* Package name: golang-github-go-redis-redis
Version : 6.7.0-1
Upstream Author : Vladimir Mihailenco
* URL : https://github.com/go-redis/redis
* License : BSD-2-clause
Programming Lang: Go
859199842fc9 Mon Sep 17 00:00:00 2001
From: Christos Trochalakis
Date: Fri, 1 Sep 2017 10:20:18 +0300
Subject: [PATCH] doc: correct '--allow-releaseinfo-change-*' typos
---
doc/apt-get.8.xml | 4 ++--
doc/po/apt-doc.pot | 2 +-
doc/po/de.po | 2 +-
doc/po/es.po | 2 +-
On Sun, Jul 23, 2017 at 09:42:47PM +0300, Mpampis Kostas wrote:
Package: nginx
Severity: wishlist
Tags: patch
This patch introduces the debian/modules/uscan script and some helper
files which can be used to automate the modules watch & upgrade process.
The main script is executed as '$ debian/m
control: tags -1 wontfix
On Tue, Jun 20, 2017 at 10:25:17AM +0300, Christos Trochalakis wrote:
Hello Angelique,
Closing that.
rgency=medium
+
+ * Rebuild for stretch.
+
+ -- Christos Trochalakis Tue, 08 Aug 2017 10:31:41
+0300
+
+wrk (4.0.2-2) unstable; urgency=medium
+
+ [ Christos Trochalakis ]
+ * Modify previous mips FTBFS patch rendering wrk unusable in all
+architectures. Thanks to Rinat Ibragimov (Closes: #855118)
+
to test
this.
Thank you!
Regards,
Jurica
The patch was applied in 4.0.2-1 but unfortunately due to other changes
in the Makefile the LIBS+=-latomic was dropped.
The attached patch should fix that.
>From a81e6cc12f24f8f980a88fcae9a37c8507abb546 Mon Sep 17 00:00:00 2001
From: Christos Trocha
On Tue, Aug 01, 2017 at 02:10:18AM +0300, Rinat Ibragimov wrote:
Hi.
Looks like patch intended to fix FTBFS was wrong. And rendered wrk unusable.
One can't just replace __sync_val_compare_and_swap by
__atomic_compare_exchange without other changes, since former function returns
previous value o
There were two consecutive uploads to solve this, the correct one is
1.10.3-1+deb9u1~bpo8+2, eventually it will reach all the mirrors.
Sorry for the inconvience.
On Fri, Jul 14, 2017 at 03:38:03PM +0200, Sylvan Heuser wrote:
Package: nginx
Version: 1.10.3-1+deb9u1~bpo8+1
Severity: important
Dea
Source: nginx
Severity: important
Tags: upstream security
A security issue was identified in nginx range filter. A specially
crafted request might result in an integer overflow and incorrect
processing of ranges, potentially resulting in sensitive information
leak (CVE-2017-7529).
When using ng
On Mon, Jul 03, 2017 at 03:17:03PM +0200, Benoît SÉRIE wrote:
Package: nginx-common
Version: 1.13.1-2
Dear Maintainer,
In the default configuration file for nginx.conf, we still see:
gzip_disable "msie6";
As MS IE6 is really deprecated[1], I propose to remove completely this
directive for
Package: libnginx-mod-http-cache-purge
Version: 1.11.6
Severity: important
Tags: upstream
Control: submitter klo...@uber.com
On Fri, Jun 30, 2017 at 10:36:16AM -0600, Mike Klopot wrote:
Hi,
It appears that somewhere between nginx versions 1.10.3 and 1.11.9 the
module provided by the libnginx-mo
Hello Angelique,
On Mon, Jun 19, 2017 at 07:09:22PM +, Angelique Dawnbringer wrote:
Package: nginx
Version: 1.13.1-1~stretch
Severity: important
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
* What exact
Package: varnish
Version: 5.0.0-7
Severity: normal
Hello,
Since Varnish 4.1.1 the shm_reclen varnishd param was no longer honoured
as an alias for vsl_reclen. This was fixed today in the upstrem master
branch.
The patch is still quite fresh, but it might make sense to include it
in stretch to e
Hello Paul,
On Fri, Mar 24, 2017 at 10:14:21AM +0200, Paul Tötterman wrote:
Package: nginx
Version: 1.10.3-1
Severity: normal
Dear Maintainer,
I noticed that access.log.1 kept growing and access.log had size 0. Clearly
logrotate had run, but something doesn't quite work. lsof showed nginx stil
Package: wnpp
Severity: wishlist
Owner: Christos Trochalakis
* Package name: golang-github-confluentinc-confluent-kafka-go
Version : 0.9.4
Upstream Author : Magnus Edenhill, Confluent Inc.
* URL : https://github.com/confluentinc/confluent-kafka-go
* License
On Sat, Mar 04, 2017 at 12:23:40PM +, Joni Orponen wrote:
Package: libnginx-mod-http-headers-more-filter
Version: 1.10.3-1~bpo8+1
Severity: important
https://github.com/openresty/headers-more-nginx-module#more_clear_headers
Nginx headers-more used to ship with more_clear_headers in Debian.
Hello Milo,
On Tue, Mar 07, 2017 at 10:29:27AM +0100, Milo Casagrande wrote:
Package: nginx-extras
Version: 1.10.3-1~bpo8+1
After updating nginx-extras (and nginx) from jessie-backports, nginx
stopped working correctly.
Restarting the service, or running "nginx -t", the error message I get is:
On Tue, Feb 14, 2017 at 05:12:00PM +, Niels Thykier wrote:
Control: tags -1 confirmed
Christos Trochalakis:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
*I have not yet uploaded to unstable*, and I am asking for pre-approval
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
*I have not yet uploaded to unstable*, and I am asking for pre-approval
to upload 1.10.3-1.
1.10.3-1 will only include the new upstream release (1.10.2 -> 1.10.3)
and no packaging changes.
On Sat, Jan 21, 2017 at 09:16:07PM +0800, Ñãzãr wrote:
Hello Christos,
Thanks for replying. I'm actually trying to install on a mixed
wheezy/jessie armhf system, a WDMyCloud NAS. Today I re-compiled both
1.10.2-2 and 1.11.8-1~exp1 from the deb-src on my dev system but this time
I removed the "da
Source: nginx
Version: 1.10.2-4
Severity: normal
A nginx *stable* version is released and it handles 8 bugfixes:
*) Bugfix: in the "add_after_body" directive when used with the
"sub_filter" directive.
*) Bugfix: unix domain listen sockets might not be inherited during
binary upgrade on Linu
Hello,
On Fri, Nov 11, 2016 at 09:31:42PM -0500, TC Meggs wrote:
Package: nginx-full
Version: 1.6.2-5+deb8u4
Severity: normal
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
I attempted to use the sub_filter
up to the situation?
Since v1.10.2-2 where dav-ext has been converted to a dynamic module
package (found in the change log, Christos Trochalakis
Sat, 12 Nov 2016 09:18:12 +0200), Nginx no longer starts, configtest failed:
unknown directive "dav_ext_methods". If this directive is rem
Michael, Laurent,
I believe we can close the issue, unless you have an objection.
On Tue, Nov 29, 2016 at 07:02:51PM +0100, Kurt Roeckx wrote:
On Tue, Nov 29, 2016 at 12:56:39PM +0200, Christos Trochalakis wrote:
Hello Piotr,
I am not really familiar with EC, and before digging deeper I am CCing
Kurt, one of the OpenSSL maintainers, who can shed some light into the
issue
Hello Piotr,
I am not really familiar with EC, and before digging deeper I am CCing
Kurt, one of the OpenSSL maintainers, who can shed some light into the
issue.
On Mon, Nov 28, 2016 at 12:38:37PM +0100, Piotr Engelking wrote:
Package: nginx-light
Version: 1.10.2-2
Severity: normal
Tags: securi
Package: nm.debian.org
Severity: normal
Hello,
Τhe "extra info" link for the ftp.debian.org source (fingerprint
identifier) points to:
https://qa.debian.org/developer.php?login=&comaint=yes
instead of:
https://qa.debian.org/developer.php?gpg_key=&comaint=yes
On Fri, Nov 11, 2016 at 12:46:49PM +0100, Moritz Muehlenhoff wrote:
B0;115;0cOn Fri, Nov 04, 2016 at 10:03:02AM +0200, Christos Trochalakis wrote:
On Wed, Nov 02, 2016 at 05:22:21PM +0100, Kurt Roeckx wrote:
>On Wed, Nov 02, 2016 at 10:39:29AM +0100, Moritz Muehlenhoff wrote:
>>
&g
On Thu, Nov 10, 2016 at 10:42:36PM +0100, Michael Biebl wrote:
On Tue, 8 Nov 2016 11:20:45 +0200 Christos Trochalakis
wrote:
On Fri, Apr 15, 2016 at 06:54:55PM +0200, Laurent Bigonville wrote:
>Package: nginx
>Version: 1.6.2-3
>Severity: normal
>User: pkg-syst
On Fri, Apr 15, 2016 at 06:54:55PM +0200, Laurent Bigonville wrote:
Package: nginx
Version: 1.6.2-3
Severity: normal
User: pkg-systemd-maintain...@lists.alioth.debian.org
Hi,
Wouldn't it be better to use KillSignal=SIGQUIT in the .service file
rather than using this hack?
ExecStop=-/sbin/start
On Wed, Nov 02, 2016 at 05:22:21PM +0100, Kurt Roeckx wrote:
On Wed, Nov 02, 2016 at 10:39:29AM +0100, Moritz Muehlenhoff wrote:
The issue hasn't been diagnosed upstream, but this will likely also affect nginx
once rebuilt against openssl 1.1.
It seems it was fixed in OpenSSL in the mean time
On Sat, Oct 29, 2016 at 11:21:05AM +0200, Kurt Roeckx wrote:
On Sat, Oct 29, 2016 at 11:04:33AM +0300, Christos Trochalakis wrote:
On Tue, Oct 11, 2016 at 10:41:01AM +0300, Christos Trochalakis wrote:
> On Fri, Sep 02, 2016 at 10:52:15PM +0200, Kurt Roeckx wrote:
> > Hi,
> >
&
On Sat, Oct 29, 2016 at 11:29:12AM +0200, Kurt Roeckx wrote:
On Sat, Oct 29, 2016 at 11:04:33AM +0300, Christos Trochalakis wrote:
I am not sure if the first lua patch is safe (regarding the
"ssl_conn->tlsext_status_expected = 1;" removal).
I'm not sure which patch you&#
On Tue, Oct 11, 2016 at 10:41:01AM +0300, Christos Trochalakis wrote:
On Fri, Sep 02, 2016 at 10:52:15PM +0200, Kurt Roeckx wrote:
Hi,
It seems the version in experimental needs this patch to build
nginx itself:
http://hg.nginx.org/nginx/rev/1891b2892b68
You might also want this one:
http
On Fri, Sep 02, 2016 at 10:52:15PM +0200, Kurt Roeckx wrote:
Hi,
It seems the version in experimental needs this patch to build
nginx itself:
http://hg.nginx.org/nginx/rev/1891b2892b68
You might also want this one:
http://hg.nginx.org/nginx/rev/3eb1a92a2f05
But then there some files in debian/
Hello Thomas,
On Wed, Sep 07, 2016 at 03:17:31PM +0200, Thomas Goirand wrote:
On 09/07/2016 01:14 PM, Christos Trochalakis wrote:
Package: wnpp
Severity: wishlist
Owner: Christos Trochalakis
* Package name: python-confluent-kafka
Version : 0.9.1.2
Upstream Author : Magnus
Package: wnpp
Severity: wishlist
Owner: Christos Trochalakis
* Package name: python-confluent-kafka
Version : 0.9.1.2
Upstream Author : Magnus Edenhill
* URL : https://github.com/confluentinc/confluent-kafka-python
* License : Apache-2.0
Programming Lang
Hello,
On Tue, Aug 30, 2016 at 07:54:00PM +, nobody wrote:
Package: nginx
Version: 1.10.1-1
The current nginx-extras package includes a very outdated
nginx_http_push_module (by about 2 years). It has since been renamed to
Nchan, and vastly updated. I am the developer (of both Nchan and the
tags 835291 wontfix
thanks
Hello,
On Sun, Apr 03, 2016 at 06:24:12PM +0200, Robert Bartl wrote:
Source: nginx
Version: 1.6.2-5+deb8u2
Severity: wishlist
Dear Maintainer,
We need consistent hash upstream support to connect multiple HTTP cache
nodes (varnish)
it seems this is currently disabled
reassign 834747 src:nginx
forcemerge 790623 834747
thanks
On Thu, Aug 18, 2016 at 05:39:14PM +0300, Roman V. Nikolaev wrote:
Package: nginx-extras
Version: 1.10.1-1
Severity: wishlist
Dear Maintainer,
Please add new module to nginx-extras:
graphite-nginx-module - an nginx module for collecting
Hello Nicolas, Zlatan,
On Wed, Jul 20, 2016 at 10:12:06PM -0400, Nicolas Braud-Santoni wrote:
Hi Zlatan,
I'm taking the liberty to start packaging caddy and its dependencies,
as part of the pkg-go team.
I would be happy to see this package be co-maintained, though,
whether it is by you or Iain
of the tr elements.
The attached patch should fix the issue.
>From 06c240a6aa39a03589ec031cf965bda7908b0fd3 Mon Sep 17 00:00:00 2001
From: Christos Trochalakis
Date: Wed, 20 Jul 2016 15:50:28 +0300
Subject: [PATCH] Fix clickable table row cursor
Although rows are clickable in the auto expand
On Sun, Jun 26, 2016 at 03:42:15PM +0200, Elrond wrote:
Hi,
probably related:
https://trac.nginx.org/nginx/ticket/860
Cheers
Elrond
Ticket is closed and upstream seems frustrated on the way openssl
handled the release, but they are willing to reconsider it when
openssl 1.1.0 is released.
On Thu, Jun 02, 2016 at 06:31:57PM +0200, Frederic Pauget wrote:
Package: nginx-extras
Version: 1.6.2-5+deb8u2
Severity: normal
Hi,
With the last security update the nginx binary is linked to liblua5.1.so.0, in
the previous version (1.6.2-5+deb8u1 and stable release) it is linked to
libluajit
Source: nginx
Version: 1.10.0-1
Severity: important
Tags: security
A problem was identified in nginx code responsible for saving
client request body to a temporary file. A specially crafted request
might result in worker process crash due to a NULL pointer dereference
while writing client reques
Hello all,
On Wed, Mar 30, 2016 at 07:40:24PM +0200, Moritz Muehlenhoff wrote:
On Tue, Mar 01, 2016 at 02:35:39PM -0800, Michael Lustfield wrote:
Control: tags -1 + wontfix
I have three significant issues with adding systemd confinement to
nginx out of the box:
I disagree with these:
1) Th
On Wed, Mar 23, 2016 at 11:45:27AM +0100, Sergio Talens-Oliag wrote:
Package: nginx
Version: 1.9.10-1
Severity: normal
Dear Maintainer,
I'm the upstream maintainer of the ngx_http_auth_pam_module and I've just
published a new version with minimal changes (added support to build
dynamically and
the attached patch that switches
imports to python-six.
>From 6937c1065204cd6801f6cefe9fa7b5d9a37fe4e3 Mon Sep 17 00:00:00 2001
From: Christos Trochalakis
Date: Mon, 7 Mar 2016 12:16:39 +0200
Subject: [PATCH] Use six library instead of the one embedded in urllib3
---
requirements.txt
Source: nginx
Severity: important
Tags: security upstream
Several problems in nginx resolver were identified, which might
allow an attacker to cause worker process crash, or might have
potential other impact:
- Invalid pointer dereference might occur during DNS server response
processing, allow
On Thu, Jan 14, 2016 at 10:36:55AM -0800, Michael Lustfield wrote:
This should have gone in the Recommends or Suggests section instead of
Depends. Additionally, fcgiwrap should absolutely be removed because
it's a dirty hack that should no longer exist.
The python dependency exists because of th
Hello Gerardo,
On Fri, Dec 11, 2015 at 08:14:45AM -0400, Gerardo Esteban Malazdrewicz wrote:
Package: nginx-common
Version: 1.9.6-2
Severity: wishlist
The need for a custom fastcgi_split_path_info renders snippet unusable.
fastcgi-php.conf is there to capture 90% of all the PHP configuration
Hello Konstantin and thank you for the patch,
On Tue, Dec 01, 2015 at 11:07:34AM +0300, Konstantin Demin wrote:
Source: nginx
Version: 1.9.6-2
Severity: wishlist
introduce build flavour "standard"
* introduce "standard" build: only vanilla source, no 3rd-party modules at all.
reason: Nginx In
Control: tags -1 moreinfo
On Sun, Nov 08, 2015 at 04:27:50PM -0500, Andrew Siplas wrote:
Package: nginx-extras
Version: 1.9.6-1
Severity: grave
Justification: renders package unusable
Upon upgrade to nginx, it did not restart successfully due to the following:
/usr/sbin/nginx: error while load
Package: softhsm-common
Version: 1.3.7-2
Severity: normal
Dear maintainer,
/etc/softhsm/softhsm.conf and /usr/share/softhsm/softhsm.conf contain
the following line:
0:/var/lib/lib/softhsm/slot0.db
This is because of the --localstatedir configure parameter, we use
use /var/lib instead of /var i
rom e206191a03a315c6a29af4e35103796f5a991f9f Mon Sep 17 00:00:00 2001
From: Christos Trochalakis
Date: Mon, 20 Jul 2015 14:37:45 +0300
Subject: [PATCH] Switch from RuntimeDirectory to systemd-tempfiles
Both redis-server and redis-sentinel use the the same `RuntimeDirectory`
(/run/redis). This is wrong since systemd remo
On Wed, Jul 15, 2015 at 02:45:48AM +, Jonathon Anderson wrote:
Package: nginx-extras
Version: 1.6.2-5
Severity: normal
Dear Maintainer,
* What led up to the situation?
I recently upgraded to debian 8 and, after doing so, realized that auth_pam in
nginx no longer
prompted me for a passwo
Source: nginx
Version: 1.9.2-1
Severity: important
Fellows from wikimedia discoved that 1.9.2 breaks OCSP stapling with
`ssl_stapling_file`.
http://trac.nginx.org/nginx/ticket/769
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Co
Source: ruby2.2
Severity: wishlist
Dear ruby maintainers,
Could you consider providing debug symbols for ruby? We had a segfault
issue and it'd make debugging a lot easier.
thanks,
chris
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Tro
Package: libmariadb-client-lgpl-dev
Version: 2.0.0-1
Severity: normal
Hello,
There is a new upstream GA version (2.1.0), fixing various issues. It'd
be great if it can be packaged.
We have migrated our jenkins test suite to build against
libmariadb-client-lgpl-dev 2.0.0 and we are getting some
On Sun, 23 Nov 2014 07:36:26 -0800 Daniel Schepler wrote:
On Mon, Oct 27, 2014 at 6:48 AM, Rene Engelhard wrote:
> -> it should also ship a mysql_config -> mariadb_config link.
>
I've forwarded the bug report to maria-developers and had no objections to
this, so I've added this link to the pa
erver
diff -Nru nginx-1.6.2/debian/changelog nginx-1.6.3/debian/changelog
--- nginx-1.6.2/debian/changelog2014-12-01 13:12:00.0 +0200
+++ nginx-1.6.3/debian/changelog2015-04-09 11:00:03.0 +0300
@@ -1,3 +1,11 @@
+nginx (1.6.3-1) unstable; urgency=medium
+
+ [ Christos Tr
Package: wnpp
Severity: wishlist
Owner: Christos Trochalakis
* Package name: svgwrite
Version : 1.1.16
Upstream Author : Manfred Moitzi
* URL : http://pythonhosted.org/svgwrite/
* License : Expat
Programming Lang: Python
Description : Python library to
On Mon, Mar 09, 2015 at 10:58:52PM +0530, shirish शिरीष wrote:
at bottom :-
On 3/9/15, Ivan Baldo wrote:
Ok, decided to check current Debian Policy Manual and there isn't a
specific mention of what to do when starting a service after dpkg's
configuration phase and that service fails.
Package: file
Version: 1:5.22+15-1
Severity: normal
Hello we are seeing a jpeg miss-detection in our image downloaders
running jessie. Some valid jpeg images are reported as octet-stream.
We have opened an upstream bug report[0] that was fixed in master
(c5d7f4).
Since jpeg (and image handling)
On Tue, Mar 03, 2015 at 12:12:44PM +0100, Michael Gebetsroither wrote:
Package: nginx-full
Version: 1.6.2-5~bpo70+1
Severity: normal
Dear Maintainer,
After upgrading to nginx-full from backports `service nginx
reload/restart` does not work anymore.
17:20:17 [alert] 502#0: *6580993 open socket
severity 774087 serious
thanks
I believe that it's pretty important to fix this before jessie is
released. It 'll potentially break all non-localhost memcached servers.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listma
:00 2001
From: Christos Trochalakis
Date: Sat, 7 Feb 2015 09:23:19 +0200
Subject: [PATCH] networkd: link - fix stopping v4 dhcpclient when the carrier
is lost
The check for a running v4 dhcpclient was using DHCP_SUPPORT_V6 flag
instead of DHCP_SUPPORT_V4.
As a result, when the carrier was lost syst
I am attaching the patch now :)
>From 82f9545715332d78be921a1e6456eeca23f22086 Mon Sep 17 00:00:00 2001
From: Christos Trochalakis
Date: Tue, 30 Dec 2014 11:30:31 +0200
Subject: [PATCH 1/2] Use /etc/memcached.conf on systemd systems.
We do that by introducing a systemd wrapper that reads
/
We are also having this problem. On systemd systems /etc/memcached.conf
is not honoured. Instead of that, all command line options are hardcoded
in the service file (/lib/systemd/system/memcached.service).
The attached patch attempts to fix that by introducing a
systemd-memcached-wrapper script,
Control: tags -1 - moreinfo
On Sun, Nov 30, 2014 at 12:38:05PM +0100, Ivo De Decker wrote:
Please go ahead and remove the moreinfo tag from this bug once the upload to
unstable is done.
Removing moreinfo tag as requested.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.or
+0300
+++ nginx-1.6.2/debian/changelog2014-11-30 11:05:49.0 +0200
@@ -1,3 +1,18 @@
+nginx (1.6.2-5) unstable; urgency=medium
+
+ [ Christos Trochalakis ]
+ * debian/conf/nginx.conf:
++ Drop SSLv3 protocol (POODLE), and prefer server ciphers
+ by default. (Closes: #767456)
+
Hello Thijs,
On Sat, Nov 22, 2014 at 05:36:46PM +0100, Thijs Kinkhorst wrote:
Hi,
Could you please make an upload with only this change to sid? Then we can
ask the release team to unblock it for jessie.
It's still tagged pending. Do you need help to get this change uploaded?
I was realy b
Hello Thisjs,
On Fri, Oct 31, 2014 at 08:37:51AM +0100, Thijs Kinkhorst wrote:
Package: nginx
Version: 1.6.2-2
Severity: important
Hi,
Please disable the legacy SSLv3 protocol by default for installations of
nginx. It doesn't need to be disabled completely per se, but should not
be available o
On Wed, Oct 08, 2014 at 06:16:16AM -0700, Tyler Riddle wrote:
I think that gracefully stopping nginx is a better default the forcibly
stopping the process.
I certainly don't - both cases have uses. Please do not force sysadmins
to wait for end user behavior *by default*. When I want end users t
On Wed, Sep 24, 2014 at 09:21:15AM -0700, Tyler Riddle wrote:
Package: nginx-common
Version: 1.6.2-1
Severity: wishlist
Tags: patch
Dear Maintainer,
When clustering nginx behind a load balancer it is useful to take the listen
socket offline while allowing connected clients to finish their reque
Package: ftp.debian.org
Severity: normal
The nginx maintainers have decided to drop nginx-naxsi related packages.
The relevant commit, and reasoning can be found here:
http://anonscm.debian.org/cgit/collab-maint/nginx.git/commit/?id=80cda8
Thank you
--
To UNSUBSCRIBE, email to debian-bugs-dis
Package: ftp.debian.org
Severity: normal
The nginx maintainers have decided to drop nginx-naxsi related packages.
The relevant commit, and reasoning can be found here:
http://anonscm.debian.org/cgit/collab-maint/nginx.git/commit/?id=80cda8
Thank you
--
To UNSUBSCRIBE, email to debian-bugs-dis
Package: ftp.debian.org
Severity: normal
The nginx maintainers have decided to drop nginx-naxsi related packages.
The relevant commit, and reasoning can be found here:
http://anonscm.debian.org/cgit/collab-maint/nginx.git/commit/?id=80cda8
Thank you
--
To UNSUBSCRIBE, email to debian-bugs-dis
on Sep 17 00:00:00 2001
From: Christos Trochalakis
Date: Thu, 2 Oct 2014 15:49:20 +0300
Subject: [PATCH] start-stop-daemon: Don't abort on stop when only pid or ppid
options are specified
When running with `--stop` and only pid or ppid as matching
options, start-stop-daemon aborts with a &q
Hello all,
I wanted to ask if there is any update on the 2.6 upgrade. Is there any plan to
package mongodb-2.6 for jessie?
Thank you,
chris
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
severity 762531 normal
thanks
On Tue, Sep 23, 2014 at 08:55:45AM +0200, shugen wrote:
Package: nginx-common
Version: 1.2.1-2.2+wheezy2
Severity: serious
Justification: must
Dear Maintainer,
our nginx configuration at startup opens many files (many vhost etc). Normally
is not a problem, we can
Hello Alberto,
On Wed, Sep 10, 2014 at 09:07:52AM -0500, Jaime Alberto Silva wrote:
Package: nginx-full
Version: 1.6.1-2
Severity: important
When calling a PHP file the browser returns WSOD immediately while nginx
log says it is still working, after a few seconds log says "client closed
connect
Hello Thomas,
On Mon, Sep 22, 2014 at 03:58:52PM -0400, Thomas Ward (Dark-Net) wrote:
Source: nginx
Severity: wishlist
Hello.
I would like to request that the Lua module be updated to the version in
its latest git master branch. I am requesting this early, ahead of future
upstream versions of
Hello Thomas,
On Wed, Sep 10, 2014 at 02:20:31PM -0400, Thomas Ward wrote:
Okay, that is an understandable solution, and as I personally don't
use nginx-naxsi at all, I agree with that decision to drop the
packages.
Is there an estimated timeline for the dropping of the nginx-naxsi
packages? I
After discussing it with the fellow maintainers we have decided that it is
better to remove the nginx-naxsi package before jessie is freezed.
Packaging naxsi is not trivial and, unfortunately, none of the maintainers uses
it. That's the reason nginx-naxsi is not in a good shape and we are not fee
On Wed, 27 Aug 2014 09:06:04 -0400 "Brent S. Elmer Ph.D."
wrote:
On Wed, 2014-08-27 at 13:26 +0300, Christos Trochalakis wrote:
> Hello,
>
> nginx seems to install correctly for me. Based on your logs, it
> seems
> that another process has already binded port 80
Hello,
nginx seems to install correctly for me. Based on your logs, it seems
that another process has already binded port 80 when you are trying to
install nginx.
nginx-full postinst script can't start nginx since the port is binded
and fails. This is expected behaviour.
Could check that nobody
Source: nginx
Severity: important
Tags: security
A bug in nginx SMTP proxy was found, which allows an attacker in a
privileged network position to inject commands into SSL sessions started
with the STARTTLS command, potentially making it possible to steal
sensitive information sent by clients (CV
On Tue, Jul 22, 2014 at 10:17:28PM -0500, Karl O. Pinc wrote:
Package: nginx-full
Version: 1.6.0-1~bpo70+1
Severity: minor
Hi,
I notice that the wheezy-backports version of nginx-full
does not list Auth Request in the modules built, but I
looked at the debian/rules file and the module does
seem
forwarded 745921 https://github.com/slact/nginx_http_push_module/issues/90
tags 745921 + upstream
thanks
On Sat, Apr 26, 2014 at 03:39:12PM +0100, Alexander Clouter wrote:
Package: nginx
Version: 1.4.6-1~bpo70+1
Severity: important
Tags: upstream
Dear Maintainer,
We are using nginx-extras (whe
On Fri, Apr 18, 2014 at 01:31:33PM -0400, Thomas Ward wrote:
An upstream commit addressing this was made, and the upstream nginx
trac ticket has been closed.
Refer to
http://trac.nginx.org/nginx/changeset/060c2e692b96a150b584b8e30d596be1f2defa9c/nginx
for the changes.
Yes, that's good news.
On Thu, Mar 13, 2014 at 05:54:54PM +0900, Alexey Kopytko wrote:
Fixed in the upstream:
https://github.com/slact/nginx_http_push_module/issues/83#issuecomment-37508708
https://github.com/slact/nginx_http_push_module/commit/836e8319c93681386fb00e6bd34d9e37612f3334
WBR
Great, we will update the m
1 - 100 of 130 matches
Mail list logo
