commit nginx-1.0 for openSUSE:12.1:Update:Test
Hello community, here is the log from the commit of package nginx-1.0 for openSUSE:12.1:Update:Test checked in at 2012-03-20 13:22:19 Comparing /work/SRC/openSUSE:12.1:Update:Test/nginx-1.0 (Old) and /work/SRC/openSUSE:12.1:Update:Test/.nginx-1.0.new (New) Package is nginx-1.0, Maintainer is sch...@suse.com Changes: --- /work/SRC/openSUSE:12.1:Update:Test/nginx-1.0/nginx-1.0.changes 2011-12-02 17:28:50.0 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.nginx-1.0.new/nginx-1.0.changes 2012-03-20 13:22:21.0 +0100 @@ -1,0 +2,6 @@ +Mon Mar 19 11:26:04 UTC 2012 - sch...@suse.com + +- Fixed VUL-0: CVE-2012-1180 nginx: information leak + (bnc #752482) + +--- New: nginx-CVE-2012-1180.patch Other differences: -- ++ nginx-1.0.spec ++ --- /var/tmp/diff_new_pack.hdckS9/_old 2012-03-20 13:22:21.0 +0100 +++ /var/tmp/diff_new_pack.hdckS9/_new 2012-03-20 13:22:21.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package nginx-1.0 # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,6 +15,8 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + + Name: nginx-1.0 Version:1.0.10 Release:0 @@ -90,7 +92,10 @@ Patch3: nginx-0.4.0-perl_vendor_install.patch # PATCH-FIX-UPSTREAM nginx-1.0.4_default_config.patch Patch4: nginx-1.0.4_default_config.patch +# PATCH CVE-2012-1180 +Patch5: nginx-CVE-2012-1180.patch Summary:A HTTP server and IMAP/POP3 proxy server + %description nginx [engine x] is a HTTP server and IMAP/POP3 proxy server written by Igor Sysoev. It has been running on many heavily loaded Russian sites for more than two years. @@ -105,6 +110,7 @@ %patch2 %patch3 %patch4 +%patch5 perl -pi -e 's|\r\n|\n|g' contrib/geo2nginx.pl ++ nginx-CVE-2012-1180.patch ++ --- src/http/modules/ngx_http_fastcgi_module.c +++ src/http/modules/ngx_http_fastcgi_module.c @@ -1442,10 +1442,10 @@ h-lowcase_key = h-key.data + h-key.len + 1 + h-value.len + 1; -ngx_cpystrn(h-key.data, r-header_name_start, -h-key.len + 1); -ngx_cpystrn(h-value.data, r-header_start, -h-value.len + 1); +ngx_memcpy(h-key.data, r-header_name_start, h-key.len); +h-key.data[h-key.len] = '\0'; +ngx_memcpy(h-value.data, r-header_start, h-value.len); +h-value.data[h-value.len] = '\0'; } h-hash = r-header_hash; --- src/http/modules/ngx_http_proxy_module.c +++ src/http/modules/ngx_http_proxy_module.c @@ -1277,8 +1277,10 @@ h-value.data = h-key.data + h-key.len + 1; h-lowcase_key = h-key.data + h-key.len + 1 + h-value.len + 1; -ngx_cpystrn(h-key.data, r-header_name_start, h-key.len + 1); -ngx_cpystrn(h-value.data, r-header_start, h-value.len + 1); +ngx_memcpy(h-key.data, r-header_name_start, h-key.len); +h-key.data[h-key.len] = '\0'; +ngx_memcpy(h-value.data, r-header_start, h-value.len); +h-value.data[h-value.len] = '\0'; if (h-key.len == r-lowcase_index) { ngx_memcpy(h-lowcase_key, r-lowcase_header, h-key.len); --- src/http/modules/ngx_http_scgi_module.c +++ src/http/modules/ngx_http_scgi_module.c @@ -894,8 +894,10 @@ h-value.data = h-key.data + h-key.len + 1; h-lowcase_key = h-key.data + h-key.len + 1 + h-value.len + 1; -ngx_cpystrn(h-key.data, r-header_name_start, h-key.len + 1); -ngx_cpystrn(h-value.data, r-header_start, h-value.len + 1); +ngx_memcpy(h-key.data, r-header_name_start, h-key.len); +h-key.data[h-key.len] = '\0'; +ngx_memcpy(h-value.data, r-header_start, h-value.len); +h-value.data[h-value.len] = '\0'; if (h-key.len == r-lowcase_index) { ngx_memcpy(h-lowcase_key, r-lowcase_header, h-key.len); --- src/http/modules/ngx_http_uwsgi_module.c +++ src/http/modules/ngx_http_uwsgi_module.c @@ -944,8 +944,10 @@ h-value.data = h-key.data + h-key.len + 1; h-lowcase_key = h-key.data + h-key.len + 1 + h-value.len + 1; -ngx_cpystrn(h-key.data, r-header_name_start, h-key.len + 1); -
commit nginx-1.0 for openSUSE:12.1:Update:Test
Hello community, here is the log from the commit of package nginx-1.0 for openSUSE:12.1:Update:Test checked in at 2011-12-02 17:28:49 Comparing /work/SRC/openSUSE:12.1:Update:Test/nginx-1.0 (Old) and /work/SRC/openSUSE:12.1:Update:Test/.nginx-1.0.new (New) Package is nginx-1.0, Maintainer is sch...@suse.com Changes: --- /work/SRC/openSUSE:12.1:Update:Test/nginx-1.0/nginx-1.0.changes 2011-12-02 17:28:48.0 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.nginx-1.0.new/nginx-1.0.changes 2011-12-02 17:28:50.0 +0100 @@ -1,0 +2,174 @@ +Fri Dec 2 14:48:35 UTC 2011 - sch...@suse.com + +- 1.0.10 includes a fix for: + Fixed VUL-0: CVE-2011-4315: nginx: heap overflow (bnc #731084) + +--- +Fri Nov 18 12:56:55 UTC 2011 - sch...@suse.com + +- Uppstream update to 1.0.10 +Changes with nginx 1.0.10 + +*) Bugfix: a segmentation fault might occur in a worker process if + resolver got a big DNS response. + Thanks to Ben Hawkes. + +*) Bugfix: in cache key calculation if internal MD5 implementation was + used; the bug had appeared in 1.0.4. + +*) Bugfix: the module ngx_http_mp4_module sent incorrect + Content-Length response header line if the start argument was + used. + Thanks to Piotr Sikora. + + +Changes with nginx 1.0.9 + +*) Change: now the 0x7F-0x1F characters are escaped as \xXX in an + access_log. + +*) Change: now SIGWINCH signal works only in daemon mode. + +*) Feature: proxy/fastcgi/scgi/uwsgi_ignore_headers directives support + the following additional values: X-Accel-Limit-Rate, + X-Accel-Buffering, X-Accel-Charset. + +*) Feature: decrease of memory consumption if SSL is used. + +*) Feature: accept filters are now supported on NetBSD. + +*) Feature: the uwsgi_buffering and scgi_buffering directives. + Thanks to Peter Smit. + +*) Bugfix: a segmentation fault occurred on start or while + reconfiguration if the ssl directive was used at http level and + there was no ssl_certificate defined. + +*) Bugfix: some UTF-8 characters were processed incorrectly. + Thanks to Alexey Kuts. + +*) Bugfix: the ngx_http_rewrite_module directives specified at server + level were executed twice if no matching locations were defined. + +*) Bugfix: a socket leak might occurred if aio sendfile was used. + +*) Bugfix: connections with fast clients might be closed after + send_timeout if file AIO was used. + +*) Bugfix: in the ngx_http_autoindex_module. + +*) Bugfix: the module ngx_http_mp4_module did not support seeking on + 32-bit platforms. + +*) Bugfix: non-cacheable responses might be cached if + proxy_cache_bypass directive was used. + Thanks to John Ferlito. + +*) Bugfix: cached responses with an empty body were returned + incorrectly; the bug had appeared in 0.8.31. + +*) Bugfix: 201 responses of the ngx_http_dav_module were incorrect; the + bug had appeared in 0.8.32. + +*) Bugfix: in the return directive. + +*) Bugfix: the ssl_verify_client, ssl_verify_depth, and + ssl_prefer_server_ciphers directives might work incorrectly if SNI + was used. + + +Changes with nginx 1.0.8 + +*) Bugfix: nginx could not be built --with-http_mp4_module and without + --with-debug option. + + +Changes with nginx 1.0.7 + +*) Change: now if total size of all ranges is greater than source + response size, then nginx disables ranges and returns just the source + response. + +*) Feature: the max_ranges directive. + +*) Feature: the module ngx_http_mp4_module. + +*) Feature: the worker_aio_requests directive. + +*) Bugfix: if nginx was built --with-file-aio it could not be run on + Linux kernel which did not support AIO. + +*) Bugfix: in Linux AIO error processing. + Thanks to Hagai Avrahami. + +*) Bugfix: in Linux AIO combined with open_file_cache. + +*) Bugfix: open_file_cache did not update file info on retest if file + was not atomically changed. + +*) Bugfix: reduced memory consumption for long-lived requests. + +*) Bugfix: in the proxy/fastcgi/scgi/uwsgi_ignore_client_abort + directives. + +*) Bugfix: nginx could not be built on MacOSX 10.7. + +*) Bugfix: request body might be processed incorrectly if client used + pipelining. + +*) Bugfix: in the request_body_in_single_buf directive. + +*) Bugfix: in proxy_set_body and proxy_pass_request_body directives + if SSL connection to backend was used. + +*) Bugfix: nginx hogged CPU if all servers in an upstream were marked as + down. + +*) Bugfix: a segmentation fault might occur during