commit nginx-1.0 for openSUSE:12.1:Update:Test
Hello community,
here is the log from the commit of package nginx-1.0 for
openSUSE:12.1:Update:Test checked in at 2012-03-20 13:22:19
Comparing /work/SRC/openSUSE:12.1:Update:Test/nginx-1.0 (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.nginx-1.0.new (New)
Package is nginx-1.0, Maintainer is sch...@suse.com
Changes:
--- /work/SRC/openSUSE:12.1:Update:Test/nginx-1.0/nginx-1.0.changes
2011-12-02 17:28:50.0 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.nginx-1.0.new/nginx-1.0.changes
2012-03-20 13:22:21.0 +0100
@@ -1,0 +2,6 @@
+Mon Mar 19 11:26:04 UTC 2012 - sch...@suse.com
+
+- Fixed VUL-0: CVE-2012-1180 nginx: information leak
+ (bnc #752482)
+
+---
New:
nginx-CVE-2012-1180.patch
Other differences:
--
++ nginx-1.0.spec ++
--- /var/tmp/diff_new_pack.hdckS9/_old 2012-03-20 13:22:21.0 +0100
+++ /var/tmp/diff_new_pack.hdckS9/_new 2012-03-20 13:22:21.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package nginx-1.0
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -15,6 +15,8 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
+
Name: nginx-1.0
Version:1.0.10
Release:0
@@ -90,7 +92,10 @@
Patch3: nginx-0.4.0-perl_vendor_install.patch
# PATCH-FIX-UPSTREAM nginx-1.0.4_default_config.patch
Patch4: nginx-1.0.4_default_config.patch
+# PATCH CVE-2012-1180
+Patch5: nginx-CVE-2012-1180.patch
Summary:A HTTP server and IMAP/POP3 proxy server
+
%description
nginx [engine x] is a HTTP server and IMAP/POP3 proxy server written by Igor
Sysoev.
It has been running on many heavily loaded Russian sites for more than two
years.
@@ -105,6 +110,7 @@
%patch2
%patch3
%patch4
+%patch5
perl -pi -e 's|\r\n|\n|g' contrib/geo2nginx.pl
++ nginx-CVE-2012-1180.patch ++
--- src/http/modules/ngx_http_fastcgi_module.c
+++ src/http/modules/ngx_http_fastcgi_module.c
@@ -1442,10 +1442,10 @@
h-lowcase_key = h-key.data + h-key.len + 1
+ h-value.len + 1;
-ngx_cpystrn(h-key.data, r-header_name_start,
-h-key.len + 1);
-ngx_cpystrn(h-value.data, r-header_start,
-h-value.len + 1);
+ngx_memcpy(h-key.data, r-header_name_start, h-key.len);
+h-key.data[h-key.len] = '\0';
+ngx_memcpy(h-value.data, r-header_start, h-value.len);
+h-value.data[h-value.len] = '\0';
}
h-hash = r-header_hash;
--- src/http/modules/ngx_http_proxy_module.c
+++ src/http/modules/ngx_http_proxy_module.c
@@ -1277,8 +1277,10 @@
h-value.data = h-key.data + h-key.len + 1;
h-lowcase_key = h-key.data + h-key.len + 1 + h-value.len + 1;
-ngx_cpystrn(h-key.data, r-header_name_start, h-key.len + 1);
-ngx_cpystrn(h-value.data, r-header_start, h-value.len + 1);
+ngx_memcpy(h-key.data, r-header_name_start, h-key.len);
+h-key.data[h-key.len] = '\0';
+ngx_memcpy(h-value.data, r-header_start, h-value.len);
+h-value.data[h-value.len] = '\0';
if (h-key.len == r-lowcase_index) {
ngx_memcpy(h-lowcase_key, r-lowcase_header, h-key.len);
--- src/http/modules/ngx_http_scgi_module.c
+++ src/http/modules/ngx_http_scgi_module.c
@@ -894,8 +894,10 @@
h-value.data = h-key.data + h-key.len + 1;
h-lowcase_key = h-key.data + h-key.len + 1 + h-value.len + 1;
-ngx_cpystrn(h-key.data, r-header_name_start, h-key.len + 1);
-ngx_cpystrn(h-value.data, r-header_start, h-value.len + 1);
+ngx_memcpy(h-key.data, r-header_name_start, h-key.len);
+h-key.data[h-key.len] = '\0';
+ngx_memcpy(h-value.data, r-header_start, h-value.len);
+h-value.data[h-value.len] = '\0';
if (h-key.len == r-lowcase_index) {
ngx_memcpy(h-lowcase_key, r-lowcase_header, h-key.len);
--- src/http/modules/ngx_http_uwsgi_module.c
+++ src/http/modules/ngx_http_uwsgi_module.c
@@ -944,8 +944,10 @@
h-value.data = h-key.data + h-key.len + 1;
h-lowcase_key = h-key.data + h-key.len + 1 + h-value.len + 1;
-ngx_cpystrn(h-key.data, r-header_name_start, h-key.len + 1);
-
commit nginx-1.0 for openSUSE:12.1:Update:Test
Hello community, here is the log from the commit of package nginx-1.0 for openSUSE:12.1:Update:Test checked in at 2011-12-02 17:28:49 Comparing /work/SRC/openSUSE:12.1:Update:Test/nginx-1.0 (Old) and /work/SRC/openSUSE:12.1:Update:Test/.nginx-1.0.new (New) Package is nginx-1.0, Maintainer is sch...@suse.com Changes: --- /work/SRC/openSUSE:12.1:Update:Test/nginx-1.0/nginx-1.0.changes 2011-12-02 17:28:48.0 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.nginx-1.0.new/nginx-1.0.changes 2011-12-02 17:28:50.0 +0100 @@ -1,0 +2,174 @@ +Fri Dec 2 14:48:35 UTC 2011 - sch...@suse.com + +- 1.0.10 includes a fix for: + Fixed VUL-0: CVE-2011-4315: nginx: heap overflow (bnc #731084) + +--- +Fri Nov 18 12:56:55 UTC 2011 - sch...@suse.com + +- Uppstream update to 1.0.10 +Changes with nginx 1.0.10 + +*) Bugfix: a segmentation fault might occur in a worker process if + resolver got a big DNS response. + Thanks to Ben Hawkes. + +*) Bugfix: in cache key calculation if internal MD5 implementation was + used; the bug had appeared in 1.0.4. + +*) Bugfix: the module ngx_http_mp4_module sent incorrect + Content-Length response header line if the start argument was + used. + Thanks to Piotr Sikora. + + +Changes with nginx 1.0.9 + +*) Change: now the 0x7F-0x1F characters are escaped as \xXX in an + access_log. + +*) Change: now SIGWINCH signal works only in daemon mode. + +*) Feature: proxy/fastcgi/scgi/uwsgi_ignore_headers directives support + the following additional values: X-Accel-Limit-Rate, + X-Accel-Buffering, X-Accel-Charset. + +*) Feature: decrease of memory consumption if SSL is used. + +*) Feature: accept filters are now supported on NetBSD. + +*) Feature: the uwsgi_buffering and scgi_buffering directives. + Thanks to Peter Smit. + +*) Bugfix: a segmentation fault occurred on start or while + reconfiguration if the ssl directive was used at http level and + there was no ssl_certificate defined. + +*) Bugfix: some UTF-8 characters were processed incorrectly. + Thanks to Alexey Kuts. + +*) Bugfix: the ngx_http_rewrite_module directives specified at server + level were executed twice if no matching locations were defined. + +*) Bugfix: a socket leak might occurred if aio sendfile was used. + +*) Bugfix: connections with fast clients might be closed after + send_timeout if file AIO was used. + +*) Bugfix: in the ngx_http_autoindex_module. + +*) Bugfix: the module ngx_http_mp4_module did not support seeking on + 32-bit platforms. + +*) Bugfix: non-cacheable responses might be cached if + proxy_cache_bypass directive was used. + Thanks to John Ferlito. + +*) Bugfix: cached responses with an empty body were returned + incorrectly; the bug had appeared in 0.8.31. + +*) Bugfix: 201 responses of the ngx_http_dav_module were incorrect; the + bug had appeared in 0.8.32. + +*) Bugfix: in the return directive. + +*) Bugfix: the ssl_verify_client, ssl_verify_depth, and + ssl_prefer_server_ciphers directives might work incorrectly if SNI + was used. + + +Changes with nginx 1.0.8 + +*) Bugfix: nginx could not be built --with-http_mp4_module and without + --with-debug option. + + +Changes with nginx 1.0.7 + +*) Change: now if total size of all ranges is greater than source + response size, then nginx disables ranges and returns just the source + response. + +*) Feature: the max_ranges directive. + +*) Feature: the module ngx_http_mp4_module. + +*) Feature: the worker_aio_requests directive. + +*) Bugfix: if nginx was built --with-file-aio it could not be run on + Linux kernel which did not support AIO. + +*) Bugfix: in Linux AIO error processing. + Thanks to Hagai Avrahami. + +*) Bugfix: in Linux AIO combined with open_file_cache. + +*) Bugfix: open_file_cache did not update file info on retest if file + was not atomically changed. + +*) Bugfix: reduced memory consumption for long-lived requests. + +*) Bugfix: in the proxy/fastcgi/scgi/uwsgi_ignore_client_abort + directives. + +*) Bugfix: nginx could not be built on MacOSX 10.7. + +*) Bugfix: request body might be processed incorrectly if client used + pipelining. + +*) Bugfix: in the request_body_in_single_buf directive. + +*) Bugfix: in proxy_set_body and proxy_pass_request_body directives + if SSL connection to backend was used. + +*) Bugfix: nginx hogged CPU if all servers in an upstream were marked as + down. + +*) Bugfix: a segmentation fault might occur during
