> On Oct 8, 2015, at 7:52 AM, Jens Rehsack <[email protected]> wrote: > > >> Am 02.10.2015 um 03:25 schrieb Khem Raj <[email protected]>: >> >> Jens >> >> >>> On Oct 1, 2015, at 11:18 AM, Jens Rehsack <[email protected]> wrote: >>> >>> >>> many bux-fixes, optmizations and features added: >>> >>> Changes with nginx 1.9.5 22 Sep 2015 >>> >>> [...] >>> *) Security: a stack-based buffer overflow might occur in a worker >>> process while handling a specially crafted request, potentially >>> resulting in arbitrary code execution (CVE-2013-2028); the bug had >>> appeared in 1.3.9. >>> Thanks to Greg MacManus, iSIGHT Partners Labs. >>> >> >> >> This is good info. Although a link to diff in cgit or web view of whatever >> SCM nginx uses would have done too. > > That's simply the Changelog. It's an update, not a fix for a critical issue. > Do you really ask me to list each fixed bug from nginx' ticket list?
No, on the contrary, I said if the release published the link for all this changes somewhere then just include the link instead of enumerating changes here. > >>> Signed-off-by: Jens Rehsack <[email protected]> >>> [...] >>> --- a/meta-webserver/recipes-httpd/nginx/nginx_1.4.4.bb >>> +++ /dev/null >> >> >> please user git format-patch -M to let git work harder on detecting renames, >> its way easier to review the changes that way >> this patch belongs to openembedded-devel list so please resend it there with >> prefixing the layer in meta-openembedded repo [meta-webserver] where the >> patch is applied. > > Sure, will do when I have feedback regarding above question. > > Regarding the other 6 patches - is just the right layer and "-M" missing? > Do I have to improve them anyhow (beside what Martin Jansa and Khem > criticized: missing description here and there)? > >>> [...] > > Cheers > -- > Jens Rehsack - [email protected] >
signature.asc
Description: Message signed with OpenPGP using GPGMail
-- _______________________________________________ yocto mailing list [email protected] https://lists.yoctoproject.org/listinfo/yocto
