Public bug reported: For 20.04, we are in the process of running the 'latest' NGINX ahead of Release with a version-string change post-release as we've done in the past.
To that end, we need an FFe to allow 1.17.9 to be in the repository. Upstream, this is the newly introduced changes (from http://nginx.org/en/CHANGES): ---- Changes with nginx 1.17.9 03 Mar 2020 *) Change: now nginx does not allow several "Host" request header lines. *) Bugfix: nginx ignored additional "Transfer-Encoding" request header lines. *) Bugfix: socket leak when using HTTP/2. *) Bugfix: a segmentation fault might occur in a worker process if OCSP stapling was used. *) Bugfix: in the ngx_http_mp4_module. *) Bugfix: nginx used status code 494 instead of 400 if errors with code 494 were redirected with the "error_page" directive. *) Bugfix: socket leak when using subrequests in the njs module and the "aio" directive. ---- Most of these are bugfixes, but the change to not permit multiple Host request headers is a 'new' change. The bugfixes are good to have because it's needed to fix bugs especially HTTP/2 leaks. The change that's proposed is more for compliance to what network standards for webservers should be - in that only one Host request header should be permitted. This new functionality requires an FFe, however, for the Change, as it wasn't previously in any NGINX version. This is currently being built in a Test PPA for all archs - https://launchpad.net/~teward/+archive/ubuntu/build-tests This was locally built and installed without issue on upgrade and clean, and doesn't have any installation differences from 1.17.8 to 1.17.9. ** Affects: nginx (Ubuntu) Importance: Undecided Status: New ** Description changed: For 20.04, we are in the process of running the 'latest' NGINX ahead of Release with a version-string change post-release as we've done in the past. To that end, we need an FFe to allow 1.17.9 to be in the repository. - Upstream, this is the newly introduced changes: + Upstream, this is the newly introduced changes (from + http://nginx.org/en/CHANGES): - Changes with nginx 1.17.9 03 Mar - 2020 + ---- - *) Change: now nginx does not allow several "Host" request header - lines. + Changes with nginx 1.17.9 03 Mar 2020 - *) Bugfix: nginx ignored additional "Transfer-Encoding" request header - lines. + *) Change: now nginx does not allow several "Host" request header lines. + *) Bugfix: nginx ignored additional "Transfer-Encoding" request header + lines. + *) Bugfix: socket leak when using HTTP/2. + *) Bugfix: a segmentation fault might occur in a worker process if OCSP + stapling was used. + *) Bugfix: in the ngx_http_mp4_module. + *) Bugfix: nginx used status code 494 instead of 400 if errors with code + 494 were redirected with the "error_page" directive. + *) Bugfix: socket leak when using subrequests in the njs module and the + "aio" directive. - *) Bugfix: socket leak when using HTTP/2. + ---- - *) Bugfix: a segmentation fault might occur in a worker process if OCSP - stapling was used. - - *) Bugfix: in the ngx_http_mp4_module. - - *) Bugfix: nginx used status code 494 instead of 400 if errors with code - 494 were redirected with the "error_page" directive. - - *) Bugfix: socket leak when using subrequests in the njs module and the - "aio" directive. - - - Most of these are bugfixes, but the change to not permit multiple Host request headers is a 'new' change. + Most of these are bugfixes, but the change to not permit multiple Host + request headers is a 'new' change. The bugfixes are good to have because it's needed to fix bugs especially HTTP/2 leaks. The change that's proposed is more for compliance to what network standards for webservers should be - in that only one Host request header should be permitted. This new functionality requires an FFe, however, for the Change, as it wasn't previously in any NGINX version. This is currently being built in a Test PPA for all archs - https://launchpad.net/~teward/+archive/ubuntu/build-tests This was locally built and installed without issue on upgrade and clean, and doesn't have any installation differences from 1.17.8 to 1.17.9. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1865902 Title: [FFe] Please update NGINX to 1.17.9 (latest mainline release) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1865902/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
