[update] nginx 1.14.2

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[update] nginx 1.14.2

Landry Breuil-5
Hi,

trivial update for 3 CVEs (CVE-2018-16843, CVE-2018-16844 &
CVE-2018-16845), see http://nginx.org/en/CHANGES-1.14 for
other changes. Remove a libressl patch merged upstream in
http://hg.nginx.org/nginx/rev/2cf1d945bbb3

builds and runs locally on amd64.

Landry

nginx-1.14.2.diff (2K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [update] nginx 1.14.2

Robert Nagy
Hi

go ahead

On 06/12/18 09:15 +0100, Landry Breuil wrote:

> Hi,
>
> trivial update for 3 CVEs (CVE-2018-16843, CVE-2018-16844 &
> CVE-2018-16845), see http://nginx.org/en/CHANGES-1.14 for
> other changes. Remove a libressl patch merged upstream in
> http://hg.nginx.org/nginx/rev/2cf1d945bbb3
>
> builds and runs locally on amd64.
>
> Landry

> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/www/nginx/Makefile,v
> retrieving revision 1.128
> diff -u -r1.128 Makefile
> --- Makefile 27 Nov 2018 14:55:07 -0000 1.128
> +++ Makefile 6 Dec 2018 08:12:05 -0000
> @@ -15,7 +15,7 @@
>  COMMENT-perl= nginx perl scripting module
>  COMMENT-passenger= nginx passenger (ruby/python/nodejs) integration module
>  
> -VERSION= 1.14.1
> +VERSION= 1.14.2
>  DISTNAME= nginx-${VERSION}
>  CATEGORIES= www
>  
> @@ -31,7 +31,6 @@
>  PKGNAME-headers_more= nginx-headers-more-${VERSION}
>  PKGNAME-perl= nginx-perl-${VERSION}
>  PKGNAME-passenger= nginx-passenger-${VERSION}
> -REVISION-perl=0
>  
>  MASTER_SITES= https://nginx.org/download/
>  MASTER_SITES0= https://github.com/simpl/ngx_devel_kit/archive/
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/www/nginx/distinfo,v
> retrieving revision 1.67
> diff -u -r1.67 distinfo
> --- distinfo 10 Nov 2018 08:43:34 -0000 1.67
> +++ distinfo 6 Dec 2018 08:12:05 -0000
> @@ -2,13 +2,13 @@
>  SHA256 (lua-nginx-module-v0.10.11.tar.gz) = wPuR/P0cbn3sNMpkgm74H/66/e9hdNJURnY284BWZiY=
>  SHA256 (naxsi-0.55.3.tar.gz) = CzyV0lB3Lcia2LSeR8HgJMWuLHbAz/pEXp/gXE3RNJU=
>  SHA256 (nginx-1.14.0-chroot.patch) = 6dERcspRpgEau5QbXHC+K0r5C9Ogy/df6j8BpYrStL0=
> -SHA256 (nginx-1.14.1.tar.gz) = vwmXQTDA1BwKgR3swXqW7C9Yzci7rLdx3o04yboUpKQ=
> +SHA256 (nginx-1.14.2.tar.gz) = AC2fYVTjMYhqLdTmBlhjycHPgpGul6ElUwhXLAK+l5c=
>  SHA256 (nginx-auth-ldap-0.20170725.tar.gz) = gNbM6amHfVHewvhaEc580l7b0tYFwovChofsxWlSKe4=
>  SHA256 (ngx_devel_kit-v0.3.0.tar.gz) = iOBamainQZBm9a51lm+x78QJutRSLRSYbaB0VUrmFhk=
>  SIZE (headers-more-nginx-module-v0.33.tar.gz) = 28130
>  SIZE (lua-nginx-module-v0.10.11.tar.gz) = 616653
>  SIZE (naxsi-0.55.3.tar.gz) = 187416
>  SIZE (nginx-1.14.0-chroot.patch) = 8220
> -SIZE (nginx-1.14.1.tar.gz) = 1014040
> +SIZE (nginx-1.14.2.tar.gz) = 1015384
>  SIZE (nginx-auth-ldap-0.20170725.tar.gz) = 18457
>  SIZE (ngx_devel_kit-v0.3.0.tar.gz) = 66455
> Index: patches/patch-src_event_ngx_event_openssl_h
> ===================================================================
> RCS file: patches/patch-src_event_ngx_event_openssl_h
> diff -N patches/patch-src_event_ngx_event_openssl_h
> --- patches/patch-src_event_ngx_event_openssl_h 28 Sep 2018 14:36:16 -0000 1.4
> +++ /dev/null 1 Jan 1970 00:00:00 -0000
> @@ -1,20 +0,0 @@
> -$OpenBSD: patch-src_event_ngx_event_openssl_h,v 1.4 2018/09/28 14:36:16 sthen Exp $
> -
> -LibreSSL now has enough of the 1.1 API for nginx
> -
> -Index: src/event/ngx_event_openssl.h
> ---- src/event/ngx_event_openssl.h.orig
> -+++ src/event/ngx_event_openssl.h
> -@@ -34,12 +34,6 @@
> - #define NGX_SSL_NAME     "OpenSSL"
> -
> -
> --#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
> --#undef OPENSSL_VERSION_NUMBER
> --#define OPENSSL_VERSION_NUMBER  0x1000107fL
> --#endif
> --
> --
> - #if (OPENSSL_VERSION_NUMBER >= 0x10100001L)
> -
> - #define ngx_ssl_version()       OpenSSL_version(OPENSSL_VERSION)