** Description changed:
Upstream: tbd
- Debian: 1.18.0-9
+ Debian: 1.18.0-9
Ubuntu: 1.18.0-6ubuntu14.1
-
+ As part of the merge, please also consider these bugs:
+ LP: #1948699 - + Confirmed [nginx] 24.11.21 Low - Please enable luajit
for arm64
+ LP: #1581864 - Confirmed [nginx] 16.12.21 Low - nginx.service: Failed
to read PID from file /run/nginx.pid:…
### New Debian Changes ###
nginx (1.18.0-9) unstable; urgency=medium
- [ Jan Mojžíš ]
- * http-lua: Downgrade to 0.10.13 (Closes: #1008787).
- * http-lua: Backport upstream bugfix for segfault in nginx core >= 1.15.0
- when libnginx-mod-http-lua is loaded and init_worker_by_lua* is used.
- * d/control: Add mips64el,ppc64,kfreebsd-amd64 to list of luajit platforms.
- * d/control: fix Homepage nginx.net -> nginx.org (Closes: #976158)
-
- [ Thomas Ward ]
- * d/watch: Update watch syntax to match all even versions of NGINX releases
- rather than use a watch syntax that is static to one specific version.
- This will fix the untracked 'New upstream stable versions' problem.
- * d/control: Update 'uploaders' as Thomas Ward is now a maintainer in
- the Salsa repository.
-
- -- Jan Mojžíš <jan.moj...@gmail.com> Tue, 05 Apr 2022 19:11:47 +0200
+ [ Jan Mojžíš ]
+ * http-lua: Downgrade to 0.10.13 (Closes: #1008787).
+ * http-lua: Backport upstream bugfix for segfault in nginx core >= 1.15.0
+ when libnginx-mod-http-lua is loaded and init_worker_by_lua* is used.
+ * d/control: Add mips64el,ppc64,kfreebsd-amd64 to list of luajit platforms.
+ * d/control: fix Homepage nginx.net -> nginx.org (Closes: #976158)
+
+ [ Thomas Ward ]
+ * d/watch: Update watch syntax to match all even versions of NGINX releases
+ rather than use a watch syntax that is static to one specific version.
+ This will fix the untracked 'New upstream stable versions' problem.
+ * d/control: Update 'uploaders' as Thomas Ward is now a maintainer in
+ the Salsa repository.
+
+ -- Jan Mojžíš <jan.moj...@gmail.com> Tue, 05 Apr 2022 19:11:47 +0200
nginx (1.18.0-8) unstable; urgency=medium
- * Restore patch:
- d/p/Resolver-fixed-off-by-one-write-in-ngx_resolver_copy.patch
-
- -- Ondřej Nový <on...@debian.org> Tue, 15 Mar 2022 13:23:06 +0100
+ * Restore patch:
+ d/p/Resolver-fixed-off-by-one-write-in-ngx_resolver_copy.patch
+
+ -- Ondřej Nový <on...@debian.org> Tue, 15 Mar 2022 13:23:06 +0100
nginx (1.18.0-7) unstable; urgency=medium
- [ Ondřej Nový ]
- * d/p/CVE-2019-20372.patch: Drop, applied upstream.
- * http-auth-pam: Upgrade to 1.5.3.
- * http-echo: Upgrade to 0.62.
- * nchan: Upgrade to 1.2.15.
- * http-fancyindex: Upgrade to 0.5.2.
- * rtmp: Upgrade to 1.2.2.
- * http-lua: Upgrade to 0.10.15 (Closes: #994178).
- * http-lua: Rebase patch.
- * nchan: Drop GCC 10 patch, applied upstream.
- * d/watch: Bump version to 4.
- * Bump standards version to 4.6.1 (no changes).
- * d/copyright: Bump my copyright year.
-
- [ Ondřej Surý ]
- * Add arm64 and ppc64el to list of luajit platforms.
-
- [ Athos Ribeiro ]
- * d/nginx-common.nginx.service: Fix service shutdown description to mention
- SIGQUIT instead of SIGSTOP (LP: #1919965).
-
- -- Ondřej Nový <on...@debian.org> Tue, 15 Mar 2022 11:50:18 +0100
+ [ Ondřej Nový ]
+ * d/p/CVE-2019-20372.patch: Drop, applied upstream.
+ * http-auth-pam: Upgrade to 1.5.3.
+ * http-echo: Upgrade to 0.62.
+ * nchan: Upgrade to 1.2.15.
+ * http-fancyindex: Upgrade to 0.5.2.
+ * rtmp: Upgrade to 1.2.2.
+ * http-lua: Upgrade to 0.10.15 (Closes: #994178).
+ * http-lua: Rebase patch.
+ * nchan: Drop GCC 10 patch, applied upstream.
+ * d/watch: Bump version to 4.
+ * Bump standards version to 4.6.1 (no changes).
+ * d/copyright: Bump my copyright year.
+
+ [ Ondřej Surý ]
+ * Add arm64 and ppc64el to list of luajit platforms.
+
+ [ Athos Ribeiro ]
+ * d/nginx-common.nginx.service: Fix service shutdown description to mention
+ SIGQUIT instead of SIGSTOP (LP: #1919965).
+
+ -- Ondřej Nový <on...@debian.org> Tue, 15 Mar 2022 11:50:18 +0100
nginx (1.18.0-6.1) unstable; urgency=high
- * Non-maintainer upload.
- * Resolver: fixed off-by-one write in ngx_resolver_copy() (CVE-2021-23017)
- (Closes: #989095)
-
- -- Salvatore Bonaccorso <car...@debian.org> Sat, 29 May 2021 16:21:37
+ * Non-maintainer upload.
+ * Resolver: fixed off-by-one write in ngx_resolver_copy() (CVE-2021-23017)
+ (Closes: #989095)
+
+ -- Salvatore Bonaccorso <car...@debian.org> Sat, 29 May 2021 16:21:37
+0200
nginx (1.18.0-6) unstable; urgency=medium
- * Fix GCC-10 compatibility (Closes: #957605).
-
- -- Ondřej Nový <on...@debian.org> Wed, 19 Aug 2020 15:27:02 +0200
+ * Fix GCC-10 compatibility (Closes: #957605).
+
+ -- Ondřej Nový <on...@debian.org> Wed, 19 Aug 2020 15:27:02 +0200
nginx (1.18.0-5) unstable; urgency=medium
- * Prevented request smuggling in LUA
- CVE-2020-11724
- Closes: #964950
-
- -- Ondřej Nový <on...@debian.org> Tue, 14 Jul 2020 10:08:15 +0200
+ * Prevented request smuggling in LUA
+ CVE-2020-11724
+ Closes: #964950
+
+ -- Ondřej Nový <on...@debian.org> Tue, 14 Jul 2020 10:08:15 +0200
nginx (1.18.0-4) unstable; urgency=medium
- * Revert: libnginx-mod-* now depends on nginx-<any flavour> (Closes:
#963860).
- * Update ngx_http_auth_pam_module upstream URL.
- * libnginx-mod-* recommends nginx now.
- * http-auth-pam: Upgrade to 1.5.2 (Closes: #963567).
- * d/copyright: Bump year of http-auth-pam.
-
- -- Ondřej Nový <on...@debian.org> Fri, 03 Jul 2020 09:34:49 +0200
+ * Revert: libnginx-mod-* now depends on nginx-<any flavour> (Closes:
#963860).
+ * Update ngx_http_auth_pam_module upstream URL.
+ * libnginx-mod-* recommends nginx now.
+ * http-auth-pam: Upgrade to 1.5.2 (Closes: #963567).
+ * d/copyright: Bump year of http-auth-pam.
+
+ -- Ondřej Nový <on...@debian.org> Fri, 03 Jul 2020 09:34:49 +0200
nginx (1.18.0-3) unstable; urgency=medium
- * Source-only upload to allow migration.
-
- -- Ondřej Nový <on...@debian.org> Thu, 11 Jun 2020 15:14:59 +0200
+ * Source-only upload to allow migration.
+
+ -- Ondřej Nový <on...@debian.org> Thu, 11 Jun 2020 15:14:59 +0200
nginx (1.18.0-2) unstable; urgency=medium
- [ Ondřej Nový ]
- * d/copyright:
- - Update for upstream release
- - Add Thomas Ward from Ubuntu for debian/*
- * d/conf/sites-available/default: Update PHP path for PHP 7.4
- * d/conf/nginx.conf:
- - Enable TLSv1.3
- - Remove tcp_nodelay on, which is same as default
- - Remove keepalive_timeout 65 and use default value 75s.
- - Remove trailing whitespaces
-
+ [ Ondřej Nový ]
+ * d/copyright:
+ - Update for upstream release
+ - Add Thomas Ward from Ubuntu for debian/*
+ * d/conf/sites-available/default: Update PHP path for PHP 7.4
+ * d/conf/nginx.conf:
+ - Enable TLSv1.3
+ - Remove tcp_nodelay on, which is same as default
+ - Remove keepalive_timeout 65 and use default value 75s.
+ - Remove trailing whitespaces
### Old Ubuntu Delta ###
nginx (1.18.0-6ubuntu14) jammy; urgency=medium
- * No-change rebuild to update maintainer scripts, see LP: 1959054
-
- -- Dave Jones <dave.jo...@canonical.com> Wed, 16 Feb 2022 17:10:20
+ * No-change rebuild to update maintainer scripts, see LP: 1959054
+
+ -- Dave Jones <dave.jo...@canonical.com> Wed, 16 Feb 2022 17:10:20
+0000
nginx (1.18.0-6ubuntu13) jammy; urgency=medium
- * No-change rebuild for the perl update.
-
- -- Matthias Klose <d...@ubuntu.com> Sun, 06 Feb 2022 13:48:12 +0100
+ * No-change rebuild for the perl update.
+
+ -- Matthias Klose <d...@ubuntu.com> Sun, 06 Feb 2022 13:48:12 +0100
nginx (1.18.0-6ubuntu12) jammy; urgency=medium
- * No-change rebuild against openssl3
-
- -- Simon Chopin <simon.cho...@canonical.com> Wed, 24 Nov 2021 13:59:50
+ * No-change rebuild against openssl3
+
+ -- Simon Chopin <simon.cho...@canonical.com> Wed, 24 Nov 2021 13:59:50
+0000
nginx (1.18.0-6ubuntu11) impish; urgency=medium
- * No-change rebuild to build packages with zstd compression.
-
- -- Matthias Klose <d...@ubuntu.com> Thu, 07 Oct 2021 12:21:36 +0200
+ * No-change rebuild to build packages with zstd compression.
+
+ -- Matthias Klose <d...@ubuntu.com> Thu, 07 Oct 2021 12:21:36 +0200
nginx (1.18.0-6ubuntu10) impish; urgency=medium
- * SECURITY UPDATE: DNS Resolver issues
- - debian/patches/CVE-2021-23017-1.patch: fixed off-by-one write in
- src/core/ngx_resolver.c.
- - debian/patches/CVE-2021-23017-2.patch: fixed off-by-one read in
- src/core/ngx_resolver.c.
- - debian/patches/CVE-2021-23017.patch: removed, replaced with upstream
- commits.
- - CVE-2021-23017
-
- -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Wed, 26 May 2021
+ * SECURITY UPDATE: DNS Resolver issues
+ - debian/patches/CVE-2021-23017-1.patch: fixed off-by-one write in
+ src/core/ngx_resolver.c.
+ - debian/patches/CVE-2021-23017-2.patch: fixed off-by-one read in
+ src/core/ngx_resolver.c.
+ - debian/patches/CVE-2021-23017.patch: removed, replaced with upstream
+ commits.
+ - CVE-2021-23017
+
+ -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Wed, 26 May 2021
06:59:42 -0400
nginx (1.18.0-6ubuntu9) impish; urgency=medium
- * SECURITY UPDATE: DNS Resolver Off-by-One Heap Write
- - debian/patches/CVE-2021-23017.patch: fix logic in
- src/core/ngx_resolver.c.
- - CVE-2021-23017
-
- -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Tue, 25 May 2021
+ * SECURITY UPDATE: DNS Resolver Off-by-One Heap Write
+ - debian/patches/CVE-2021-23017.patch: fix logic in
+ src/core/ngx_resolver.c.
+ - CVE-2021-23017
+
+ -- Marc Deslauriers <marc.deslauri...@ubuntu.com> Tue, 25 May 2021
13:06:54 -0400
nginx (1.18.0-6ubuntu8) hirsute; urgency=medium
- * d/modules/control: Remove Lua module from definitions
- * d/tests/:
- - control: Remove Lua test, remove dependencies on any test which
- request libnginx-mod-http-lua as it's gone.
- - lua: Remove the lua test entirely.
-
- -- Thomas Ward <tew...@ubuntu.com> Wed, 10 Mar 2021 10:50:43 -0500
+ * d/modules/control: Remove Lua module from definitions
+ * d/tests/:
+ - control: Remove Lua test, remove dependencies on any test which
+ request libnginx-mod-http-lua as it's gone.
+ - lua: Remove the lua test entirely.
+
+ -- Thomas Ward <tew...@ubuntu.com> Wed, 10 Mar 2021 10:50:43 -0500
nginx (1.18.0-6ubuntu7) hirsute; urgency=medium
- * d/control:
- - Fix dependencies issue for libnginx-mod-http-geoip2 - missing a
- character in the depends.
-
- -- Thomas Ward <tew...@ubuntu.com> Tue, 09 Mar 2021 19:03:55 -0500
+ * d/control:
+ - Fix dependencies issue for libnginx-mod-http-geoip2 - missing a
+ character in the depends.
+
+ -- Thomas Ward <tew...@ubuntu.com> Tue, 09 Mar 2021 19:03:55 -0500
nginx (1.18.0-6ubuntu6) hirsute; urgency=medium
- * d/control:
- - Update dependencies for nginx-light, etc. to include
- libnginx-mod-http-geoip2 as it's in the 'common build flags' for
- all flavors of the builds.
- - Update nginx-core package description to list third party HTTP
- modules. GeoIP2 is not included for Stream by default, so we
- have to adjust this because the Stream part isn't MIR'd.
-
- -- Thomas Ward <tew...@ubuntu.com> Tue, 09 Mar 2021 12:41:36 -0500
+ * d/control:
+ - Update dependencies for nginx-light, etc. to include
+ libnginx-mod-http-geoip2 as it's in the 'common build flags' for
+ all flavors of the builds.
+ - Update nginx-core package description to list third party HTTP
+ modules. GeoIP2 is not included for Stream by default, so we
+ have to adjust this because the Stream part isn't MIR'd.
+
+ -- Thomas Ward <tew...@ubuntu.com> Tue, 09 Mar 2021 12:41:36 -0500
nginx (1.18.0-6ubuntu5) hirsute; urgency=medium
- * d/control: (GeoIP2 related changes)
- - Update dependencies for http-geoip2 package.
- - Update nginx-core to include http-geoip2 module due to approved bin-MIR
- (LP: #1867198)
- - Update description to nginx-core to indicate geoip2 is included.
- * d/control: move geoip2 module build flags to the common flags so all
- package flavors have it.
- * d/modules/http-geoip2: Update to upstream version 3.3.
- * Remove the Lua modules from NGINX (Server Team Decision) - future support
- for Lua module now requires resty-core from OpenResty, meaning that if
- we want to continue to support the Lua module, we have to start becoming
- OpenResty - users should just use OpenResty at this point for Lua.
- Changes made for this removal:
- - d/control:
- - Remove lua module from dependencies, and binary build item.
- - Add 'Breaks' line for nginx-lua for older versions of NGINX.
- This is added to the nginx metapackage and nginx-extras.
- - d/copyright: Remove lua module.
- - d/modules/{,patches/,watch/}nginx-lua: Remove Lua module, watch file,
- module patches.
- - d/rules: Remove Lua module from the build flags for -extras.
-
- -- Thomas Ward <tew...@ubuntu.com> Mon, 08 Mar 2021 09:59:56 -0500
+ * d/control: (GeoIP2 related changes)
+ - Update dependencies for http-geoip2 package.
+ - Update nginx-core to include http-geoip2 module due to approved bin-MIR
+ (LP: #1867198)
+ - Update description to nginx-core to indicate geoip2 is included.
+ * d/control: move geoip2 module build flags to the common flags so all
+ package flavors have it.
+ * d/modules/http-geoip2: Update to upstream version 3.3.
+ * Remove the Lua modules from NGINX (Server Team Decision) - future support
+ for Lua module now requires resty-core from OpenResty, meaning that if
+ we want to continue to support the Lua module, we have to start becoming
+ OpenResty - users should just use OpenResty at this point for Lua.
+ Changes made for this removal:
+ - d/control:
+ - Remove lua module from dependencies, and binary build item.
+ - Add 'Breaks' line for nginx-lua for older versions of NGINX.
+ This is added to the nginx metapackage and nginx-extras.
+ - d/copyright: Remove lua module.
+ - d/modules/{,patches/,watch/}nginx-lua: Remove Lua module, watch file,
+ module patches.
+ - d/rules: Remove Lua module from the build flags for -extras.
+
+ -- Thomas Ward <tew...@ubuntu.com> Mon, 08 Mar 2021 09:59:56 -0500
nginx (1.18.0-6ubuntu4) hirsute; urgency=medium
- * No-change rebuild for the perl update.
-
- -- Matthias Klose <d...@ubuntu.com> Mon, 09 Nov 2020 12:46:47 +0100
+ * No-change rebuild for the perl update.
+
+ -- Matthias Klose <d...@ubuntu.com> Mon, 09 Nov 2020 12:46:47 +0100
nginx (1.18.0-6ubuntu3) hirsute; urgency=medium
- * No-change rebuild for the perl update.
-
- -- Matthias Klose <d...@ubuntu.com> Mon, 09 Nov 2020 10:51:27 +0100
+ * No-change rebuild for the perl update.
+
+ -- Matthias Klose <d...@ubuntu.com> Mon, 09 Nov 2020 10:51:27 +0100
nginx (1.18.0-6ubuntu2) groovy; urgency=medium
- * d/control: make nginx and nginx-full arch any, so that nginx-full
- is no longer pulled into main because of i386 (LP: #1893267)
-
- -- Andreas Hasenack <andr...@canonical.com> Thu, 27 Aug 2020 16:59:57
+ * d/control: make nginx and nginx-full arch any, so that nginx-full
+ is no longer pulled into main because of i386 (LP: #1893267)
+
+ -- Andreas Hasenack <andr...@canonical.com> Thu, 27 Aug 2020 16:59:57
-0300
nginx (1.18.0-6ubuntu1) groovy; urgency=medium
- * Merge with Debian unstable. Remaining changes:
- - d/p/ubuntu-branding.patch: add Ubuntu branding
- - d/apport/source_nginx.py: Add apport hooks for additional bug
- information gathering.
- - d/nginx-common.install: Add install rule for apport hooks.
- - d/p/nginx-fix-pidfile.patch: Fix NGINX PIDfile handling to avoid
- SystemD race condition - thanks to Tj for the patch. (LP #1581864)
- - d/control: drop GeoIP from nginx-core due to demotion of libgeoip
- (LP #1861101, LP #1867150):
- + remove libnginx-mod-http-geoip from nginx-core dependency
- + have nginx-core depend on libnginx-mod-stream-geoip2
- instead of libnginx-mod-stream-geoip
- + adjust package descriptions accordingly
-
- -- Andreas Hasenack <andr...@canonical.com> Tue, 25 Aug 2020 11:11:41
+ * Merge with Debian unstable. Remaining changes:
+ - d/p/ubuntu-branding.patch: add Ubuntu branding
+ - d/apport/source_nginx.py: Add apport hooks for additional bug
+ information gathering.
+ - d/nginx-common.install: Add install rule for apport hooks.
+ - d/p/nginx-fix-pidfile.patch: Fix NGINX PIDfile handling to avoid
+ SystemD race condition - thanks to Tj for the patch. (LP #1581864)
+ - d/control: drop GeoIP from nginx-core due to demotion of libgeoip
+ (LP #1861101, LP #1867150):
+ + remove libnginx-mod-http-geoip from nginx-core dependency
+ + have nginx-core depend on libnginx-mod-stream-geoip2
+ instead of libnginx-mod-stream-geoip
+ + adjust package descriptions accordingly
+
+ -- Andreas Hasenack <andr...@canonical.com> Tue, 25 Aug 2020 11:11:41
-0300
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1971297
Title:
Merge nginx from Debian unstable for kinetic
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1971297/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
