> On Oct 8, 2015, at 7:52 AM, Jens Rehsack <[email protected]> wrote:
> 
> 
>> Am 02.10.2015 um 03:25 schrieb Khem Raj <[email protected]>:
>> 
>> Jens
>> 
>> 
>>> On Oct 1, 2015, at 11:18 AM, Jens Rehsack <[email protected]> wrote:
>>> 
>>> 
>>> many bux-fixes, optmizations and features added:
>>> 
>>> Changes with nginx 1.9.5                                         22 Sep 2015
>>> 
>>> [...]
>>>  *) Security: a stack-based buffer overflow might occur in a worker
>>>     process while handling a specially crafted request, potentially
>>>     resulting in arbitrary code execution (CVE-2013-2028); the bug had
>>>     appeared in 1.3.9.
>>>     Thanks to Greg MacManus, iSIGHT Partners Labs.
>>> 
>> 
>> 
>> This is good info. Although a link to diff in cgit or web view of whatever 
>> SCM nginx uses would have done too.
> 
> That's simply the Changelog. It's an update, not a fix for a critical issue.
> Do you really ask me to list each fixed bug from nginx' ticket list?

No, on the contrary, I said if the release published the link for all this 
changes somewhere then just include the link
instead of enumerating changes here.

> 
>>> Signed-off-by: Jens Rehsack <[email protected]>
>>> [...]
>>> --- a/meta-webserver/recipes-httpd/nginx/nginx_1.4.4.bb
>>> +++ /dev/null
>> 
>> 
>> please user git format-patch -M to let git work harder on detecting renames, 
>> its way easier to review the changes that way
>> this patch belongs to openembedded-devel list so please resend it there with 
>> prefixing the layer in meta-openembedded repo [meta-webserver] where the 
>> patch is applied.
> 
> Sure, will do when I have feedback regarding above question.
> 
> Regarding the other 6 patches - is just the right layer and "-M" missing?
> Do I have to improve them anyhow (beside what Martin Jansa and Khem 
> criticized: missing description here and there)?
> 
>>> [...]
> 
> Cheers
> --
> Jens Rehsack - [email protected]
> 

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

-- 
_______________________________________________
yocto mailing list
[email protected]
https://lists.yoctoproject.org/listinfo/yocto

Reply via email to