For Yakkety, the only missing additional changelog would be 1.10.2's
changelog:
Changes with nginx 1.10.2 18 Oct 2016
*) Change: the "421 Misdirected Request" response now used when
rejecting requests to a virtual server different from one negotiated
during an SSL handshake; this improves interoperability with some
HTTP/2 clients when using client certificates.
*) Change: HTTP/2 clients can now start sending request body
immediately; the "http2_body_preread_size" directive controls size of
the buffer used before nginx will start reading client request body.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2 and the "proxy_request_buffering" directive.
*) Bugfix: the "Content-Length" request header line was always added to
requests passed to backends, including requests without body, when
using HTTP/2.
*) Bugfix: "http request count is zero" alerts might appear in logs when
using HTTP/2.
*) Bugfix: unnecessary buffering might occur when using the "sub_filter"
directive; the issue had appeared in 1.9.4.
*) Bugfix: socket leak when using HTTP/2.
*) Bugfix: an incorrect response might be returned when using the "aio
threads" and "sendfile" directives; the bug had appeared in 1.9.13.
*) Workaround: OpenSSL 1.1.0 compatibility.
** Changed in: nginx (Ubuntu)
Status: Triaged => New
** Description changed:
+ *** This bug will be set to Triaged status when it is submitted for SRU
+ review; ignore this until that status is set please! ***
+
[Impact]
Two releases are affected: Xenial and Yakkety.
There are a bunch of bugfixes in 1.10.3, including HTTP/2 fixes, that
should be included in Ubuntu. This is detailed here in the upstream
changelog from nginx:
Changes with nginx 1.10.3 (31 Jan 2017)
*) Bugfix: in the "add_after_body" directive when used with the
"sub_filter" directive.
*) Bugfix: unix domain listen sockets might not be inherited during
binary upgrade on Linux.
*) Bugfix: graceful shutdown of old worker processes might require
infinite time when using HTTP/2.
*) Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
directives client request body might be corrupted; the bug had
appeared in 1.10.2.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2; the bug had appeared in 1.10.2.
*) Bugfix: an incorrect response might be returned when using the
"sendfile" directive on FreeBSD and macOS; the bug had appeared in
1.7.8.
*) Bugfix: a truncated response might be stored in cache when using the
"aio_write" directive.
*) Bugfix: a socket leak might occur when using the "aio_write"
directive.
[Test Case]
No test cases available as there are no bugs filed for any of these in
Ubuntu. However, due to HTTP/2, any 'bugs' in these which may corrupt
data or not kill worker processes correctly, or segfault, should be
addressed.
[Regression Potential]
All these bugfixes were tested upstream by the nginx team, and do not
pose a regression risk to the existing software versions or features of
Ubuntu in affected releases.
[Other Info]
I will be uploading nginx 1.10.3 directly to Zesty today, and then have
a merge ready by the end of the week for Zesty from Debian, which pulls
in dynamic module support, etc. This SRU is written here ahead of
having the Zesty update done, because this happens to be on my list of
things to get done before the Zesty update.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1663937
Title:
[SRU] Please update nginx in Xenial and Yakkety to 1.10.3
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1663937/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
