[update] nginx 1.16.1

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[update] nginx 1.16.1

Landry Breuil-5
Hi,

here's an update to nginx 1.16.1 for a bunch of CVEs in HTTP/2 (cf
http://nginx.org/en/security_advisories.html)

    *) Security: when using HTTP/2 a client might cause excessive memory
       consumption and CPU usage (CVE-2019-9511, CVE-2019-9513,
       CVE-2019-9516).

Landry

nginx-1.16.1.diff (2K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: [update] nginx 1.16.1

Daniel Jakots-6
On Fri, 16 Aug 2019 08:46:25 +0200, Landry Breuil <[hidden email]>
wrote:

> here's an update to nginx 1.16.1

I have
nginx-ldap_auth-1.16.1(www/nginx,-ldap_auth):
Missing: ldap.13 from openldap-client-2.4.48 (/var/www/modules/ngx_http_auth_ldap_module.so)
Extra:  ldap-2.4.13
WANTLIB += ldap
Scanning: ok


and some patches need to be regen

Patching file src/core/ngx_cycle.c using Plan A...
Hunk #1 succeeded at 1173 (offset 64 lines).
Patching file src/core/ngx_string.c using Plan A...
Hunk #1 succeeded at 2035 (offset 8 lines).
Patching file src/core/ngx_string.h using Plan A...
Hunk #1 succeeded at 234 (offset 2 lines).


with that solved, ok danj@

Cheers,
Daniel

Reply | Threaded
Open this post in threaded view
|

Re: [update] nginx 1.16.1

Robert Nagy
In reply to this post by Landry Breuil-5
Hi

I've updated teh chroot patch for the 1.16.1 release, please
change that as well in the Makefile.
Other than that, ok.

On 16/08/19 08:46 +0200, Landry Breuil wrote:

> Hi,
>
> here's an update to nginx 1.16.1 for a bunch of CVEs in HTTP/2 (cf
> http://nginx.org/en/security_advisories.html)
>
>     *) Security: when using HTTP/2 a client might cause excessive memory
>        consumption and CPU usage (CVE-2019-9511, CVE-2019-9513,
>        CVE-2019-9516).
>
> Landry

> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/www/nginx/Makefile,v
> retrieving revision 1.134
> diff -u -r1.134 Makefile
> --- Makefile 12 Jul 2019 20:50:48 -0000 1.134
> +++ Makefile 16 Aug 2019 06:43:09 -0000
> @@ -15,7 +15,7 @@
>  COMMENT-perl= nginx perl scripting module
>  COMMENT-passenger= nginx passenger (ruby/python/nodejs) integration module
>  
> -VERSION= 1.16.0
> +VERSION= 1.16.1
>  DISTNAME= nginx-${VERSION}
>  CATEGORIES= www
>  
> @@ -31,9 +31,6 @@
>  PKGNAME-headers_more= nginx-headers-more-${VERSION}
>  PKGNAME-perl= nginx-perl-${VERSION}
>  PKGNAME-passenger= nginx-passenger-${VERSION}
> -
> -REVISION-passenger= 0
> -REVISION-stream= 0
>  
>  MASTER_SITES= https://nginx.org/download/
>  MASTER_SITES0= https://github.com/simpl/ngx_devel_kit/archive/
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/www/nginx/distinfo,v
> retrieving revision 1.69
> diff -u -r1.69 distinfo
> --- distinfo 25 Apr 2019 14:56:32 -0000 1.69
> +++ distinfo 16 Aug 2019 06:43:09 -0000
> @@ -2,13 +2,13 @@
>  SHA256 (lua-nginx-module-v0.10.11.tar.gz) = wPuR/P0cbn3sNMpkgm74H/66/e9hdNJURnY284BWZiY=
>  SHA256 (naxsi-0.55.3.tar.gz) = CzyV0lB3Lcia2LSeR8HgJMWuLHbAz/pEXp/gXE3RNJU=
>  SHA256 (nginx-1.14.0-chroot.patch) = 6dERcspRpgEau5QbXHC+K0r5C9Ogy/df6j8BpYrStL0=
> -SHA256 (nginx-1.16.0.tar.gz) = T9N2uteHl+fxgJSgDw8QiCWTJkNrU361r2mwG+LKE0U=
> +SHA256 (nginx-1.16.1.tar.gz) = 8RwqbdHTUVc28DJIV5V9st6YvoYkYbWlQqOsYYjb4ys=
>  SHA256 (nginx-auth-ldap-0.20170725.tar.gz) = gNbM6amHfVHewvhaEc580l7b0tYFwovChofsxWlSKe4=
>  SHA256 (ngx_devel_kit-v0.3.0.tar.gz) = iOBamainQZBm9a51lm+x78QJutRSLRSYbaB0VUrmFhk=
>  SIZE (headers-more-nginx-module-v0.33.tar.gz) = 28130
>  SIZE (lua-nginx-module-v0.10.11.tar.gz) = 616653
>  SIZE (naxsi-0.55.3.tar.gz) = 187416
>  SIZE (nginx-1.14.0-chroot.patch) = 8220
> -SIZE (nginx-1.16.0.tar.gz) = 1032345
> +SIZE (nginx-1.16.1.tar.gz) = 1032630
>  SIZE (nginx-auth-ldap-0.20170725.tar.gz) = 18457
>  SIZE (ngx_devel_kit-v0.3.0.tar.gz) = 66455