- update to 1.13.3 (boo#1048265)
  - Security: a specially crafted request might result in an
    integer overflow and incorrect processing of ranges in the
    range filter, potentially resulting in sensitive information
    leak (CVE-2017-7529).
- changes from 1.13.2
  - Change: nginx now returns 200 instead of 416 when a range
    starting with 0 is requested from an empty file.
  - Feature: the "add_trailer" directive.  Thanks to Piotr Sikora.
  - Bugfix: nginx could not be built on Cygwin and NetBSD; the bug
    had appeared in 1.13.0.
  - Bugfix: nginx could not be built under MSYS2 / MinGW 64-bit.
    Thanks to Orgad Shaneh.
  - Bugfix: a segmentation fault might occur in a worker process
    when using SSI with many includes and proxy_pass with
    variables.
  - Bugfix: in the ngx_http_v2_module.  Thanks to Piotr Sikora.
- update nginx-rtmp-module to 1.2.0:
  - DASH improvements
  - OpenSSL 1.1 compatibility

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- update to 1.13.1
  - Feature: now a hostname can be used as the "set_real_ip_from"
    directive parameter.
  - Feature: vim syntax highlighting scripts improvements.
  - Feature: the "worker_cpu_affinity" directive now works on
    DragonFly BSD.  Thanks to Sepherosa Ziehau.
  - Bugfix: SSL renegotiation on backend connections did not work
    when using OpenSSL before 1.1.0.
  - Workaround: nginx could not be built with Oracle Developer
    Studio 12.5.
  - Workaround: now cache manager ignores long locked cache entries
    when cleaning cache based on the "max_size" parameter.
  - Bugfix: client SSL connections were immediately closed if
    deferred accept and the "proxy_protocol" parameter of the
    "listen" directive were used.
  - Bugfix: in the "proxy_cache_background_update" directive.
  - Workaround: now the "tcp_nodelay" directive sets the
    TCP_NODELAY option before an SSL handshake.
- changes from 1.13.0
  - Change: SSL renegotiation is now allowed on backend
    connections.
  - Feature: the "rcvbuf" and "sndbuf" parameters of the "listen"
    directives of the mail proxy and stream modules.
  - Feature: the "return" and "error_page" directives can now be
    used to return 308 redirections.  Thanks to Simon Leblanc.
  - Feature: the "TLSv1.3" parameter of the "ssl_protocols"
    directive.
  - Feature: when logging signals nginx now logs PID of the process
    which sent the signal.
  - Bugfix: in memory allocation error handling.
  - Bugfix: if a server in the stream module listened on a wildcard
    address, the source address of a response UDP datagram could
    differ from the original datagram destination address.

D    nginx-1.12.0.tar.gz
A    nginx-1.13.1.tar.gz
M    nginx.changes
M    nginx.spec

Diff for working copy: .
Index: nginx.changes
===================================================================

--- nginx.changes	(revision 5e264311bbc34e3b63efb8fa4753db55)
+++ nginx.changes	(working copy)
@@ -1,3 +1,40 @@
+-------------------------------------------------------------------
+Thu Jun  1 10:05:49 UTC 2017 - mrueckert@suse.de
+
+- update to 1.13.1
+  - Feature: now a hostname can be used as the "set_real_ip_from"
+    directive parameter.
+  - Feature: vim syntax highlighting scripts improvements.
+  - Feature: the "worker_cpu_affinity" directive now works on
+    DragonFly BSD.  Thanks to Sepherosa Ziehau.
+  - Bugfix: SSL renegotiation on backend connections did not work
+    when using OpenSSL before 1.1.0.
+  - Workaround: nginx could not be built with Oracle Developer
+    Studio 12.5.
+  - Workaround: now cache manager ignores long locked cache entries
+    when cleaning cache based on the "max_size" parameter.
+  - Bugfix: client SSL connections were immediately closed if
+    deferred accept and the "proxy_protocol" parameter of the
+    "listen" directive were used.
+  - Bugfix: in the "proxy_cache_background_update" directive.
+  - Workaround: now the "tcp_nodelay" directive sets the
+    TCP_NODELAY option before an SSL handshake.
+- changes from 1.13.0
+  - Change: SSL renegotiation is now allowed on backend
+    connections.
+  - Feature: the "rcvbuf" and "sndbuf" parameters of the "listen"
+    directives of the mail proxy and stream modules.
+  - Feature: the "return" and "error_page" directives can now be
+    used to return 308 redirections.  Thanks to Simon Leblanc.
+  - Feature: the "TLSv1.3" parameter of the "ssl_protocols"
+    directive.
+  - Feature: when logging signals nginx now logs PID of the process
+    which sent the signal.
+  - Bugfix: in memory allocation error handling.
+  - Bugfix: if a server in the stream module listened on a wildcard
+    address, the source address of a response UDP datagram could
+    differ from the original datagram destination address.
+
 -------------------------------------------------------------------
 Sun Apr  9 13:15:49 UTC 2017 - michael@stroeder.com
 

Index: nginx.spec
===================================================================

--- nginx.spec	(revision 5e264311bbc34e3b63efb8fa4753db55)
+++ nginx.spec	(working copy)
@@ -64,7 +64,7 @@
 %define ngx_doc_dir    %{_datadir}/doc/packages/%{name}
 #
 Name:           nginx
-Version:        1.12.0
+Version:        1.13.1
 Release:        0
 %define ngx_fancyindex_version 0.4.1
 %define ngx_fancyindex_module_path ngx-fancyindex-%{ngx_fancyindex_version}

Index: nginx-1.13.1.tar.gz
===================================================================
Binary file 'nginx-1.13.1.tar.gz' added.

Index: nginx-1.12.0.tar.gz
===================================================================
Binary file 'nginx-1.12.0.tar.gz' deleted.

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

update to 1.12.0

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- update to 1.11.12
  - Bugfix: nginx might hog CPU; the bug had appeared in 1.11.11.
- update to 1.11.11
  - Feature: the "worker_shutdown_timeout" directive.
  - Feature: vim syntax highlighting scripts improvements.  Thanks
    to Wei-Ko Kao.
  - Bugfix: a segmentation fault might occur in a worker process if
    the $limit_rate variable was set to an empty string.
  - Bugfix: the "proxy_cache_background_update",
    "fastcgi_cache_background_update",
    "scgi_cache_background_update", and
    "uwsgi_cache_background_update" directives might work
    incorrectly if the "if" directive was used.
  - Bugfix: a segmentation fault might occur in a worker process if
    number of large_client_header_buffers in a virtual server was
    different from the one in the default server.
  - Bugfix: in the mail proxy server.

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- update to 1.11.10
  - Change: cache header format has been changed, previously cached
    responses will be invalidated.
  - Feature: support of "stale-while-revalidate" and
    "stale-if-error" extensions in the "Cache-Control" backend
    response header line.
  - Feature: the "proxy_cache_background_update",
    "fastcgi_cache_background_update",
    "scgi_cache_background_update", and
    "uwsgi_cache_background_update" directives.
  - Feature: nginx is now able to cache responses with the "Vary"
    header line up to 128 characters long (instead of 42 characters
    in previous versions).
  - Feature: the "build" parameter of the "server_tokens"
    directive.  Thanks to Tom Thorogood.
  - Bugfix: "[crit] SSL_write() failed" messages might appear in
    logs when handling requests with the "Expect: 100-continue"
    request header line.
  - Bugfix: the ngx_http_slice_module did not work in named
    locations.
  - Bugfix: a segmentation fault might occur in a worker process
    when using AIO after an "X-Accel-Redirect" redirection.
  - Bugfix: reduced memory consumption for long-lived requests
    using gzipping.

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- update to 1.11.9
  - Bugfix: nginx might hog CPU when using the stream module; the
    bug had appeared in 1.11.5.
  - Bugfix: EXTERNAL authentication mechanism in mail proxy was
    accepted even if it was not enabled in the configuration.
  - Bugfix: a segmentation fault might occur in a worker process if
    the "ssl_verify_client" directive of the stream module was
    used.
  - Bugfix: the "ssl_verify_client" directive of the stream module
    might not work.
  - Bugfix: closing keepalive connections due to no free worker
    connections might be too aggressive.  Thanks to Joel
    Cunningham.
  - Bugfix: an incorrect response might be returned when using the
    "sendfile" directive on FreeBSD and macOS; the bug had appeared
    in 1.7.8.
  - Bugfix: a truncated response might be stored in cache when
    using the "aio_write" directive.
  - Bugfix: a socket leak might occur when using the "aio_write"
    directive.

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- update to 1.11.8
- update headers-more-nginx-module 0.32
- update nginx-rtmp-module 1.1.10
- update patches to apply cleanly again

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Fix the logrotate script: we had a hardcoded postrotate action
  pointing to /etc/init.d/nginx. This does not exist anymore on
  systemd hosts. Replace it with /usr/sbin/nginx -s reopen,  which
  will use the pid file passed in the config file or the compiled
  in default path.

• Files Changed
• Browse Source

- update to 11.4
  - Feature: the $upstream_bytes_received variable.
  - Feature: the $bytes_received, $session_time, $protocol,
    $status, $upstream_addr, $upstream_bytes_sent,
    $upstream_bytes_received, $upstream_connect_time,
    $upstream_first_byte_time, and $upstream_session_time variables
    in the stream module.
  - Feature: the ngx_stream_log_module.
  - Feature: the "proxy_protocol" parameter of the "listen"
    directive, the $proxy_protocol_addr and $proxy_protocol_port
    variables in the stream module.
  - Feature: the ngx_stream_realip_module.
  - Bugfix: nginx could not be built with the stream module and the
    ngx_http_ssl_module, but without ngx_stream_ssl_module; the bug
    had appeared in 1.11.3.
  - Feature: the IP_BIND_ADDRESS_NO_PORT socket option was not
    used; the bug had appeared in 1.11.2.
  - Bugfix: in the "ranges" parameter of the "geo" directive.
  - Bugfix: an incorrect response might be returned when using the
    "aio threads" and "sendfile" directives; the bug had appeared
    in 1.9.13.
- drop nginx-1.11.3_ssl_stream.patch again
- refreshed the following patches to apply cleanly again
  check_1.9.2+.patch
  nginx-1.11.2-html.patch
  nginx-1.11.2-no_Werror.patch
  nginx-aio.patch

- update to 1.11.3
  - Change: now the "accept_mutex" directive is turned off by
    default.
  - Feature: now nginx uses EPOLLEXCLUSIVE on Linux.
  - Feature: the ngx_stream_geo_module.
  - Feature: the ngx_stream_geoip_module.
  - Feature: the ngx_stream_split_clients_module.
  - Feature: variables support in the "proxy_pass" and
    "proxy_ssl_name" directives in the stream module.
  - Bugfix: socket leak when using HTTP/2.
  - Bugfix: in configure tests.  Thanks to Piotr Sikora.
- backport nginx-1.11.3_ssl_stream.patch from hg
- refresh patches to apply cleanly again:
  - check_1.9.2+.patch
  - nginx-1.11.2-html.patch
  - nginx-1.11.2-no_Werror.patch
  - nginx-aio.patch
- enable a few new upstream modules and move some from 1.11.x to
  dynamic:
  - stream_geoip_module
  - mail_ssl_module
  - stream_ssl_module
- build fancyindex unconditionally and update it to 0.4.1
  - New `fancyindex_directories_first` configuration directive
    (enabled by default), which allows setting whether directories
    are sorted before other files.
    (Patch by Luke Zapart <<luke@zapart.org>>.)
  - Fix index files not working when the fancyindex module is in
    use (#46).
  - The module can now be built as a [dynamic
    module](https://www.nginx.com/resources/wiki/extending/converting/).
    (Patch by Róbert Nagy <<vrnagy@gmail.com>>.)
  - New configuration directive `fancyindex_show_path`, which
    allows hiding the `<h1>` header which contains the current
    path.  (Patch by Thomas P.  <<tpxp@live.fr>>.)
  - Directory and file links in listings now have a title="..."
    attribute.  (Patch by `@janglapuk` <<trusdi.agus@gmail.com>>.)
  - Fix for hung requests when the module is used along with
    `ngx_pagespeed`.
    (Patch by Otto van der Schaaf <<oschaaf@we-amp.com>>.)
  - New feature: Allow filtering out symbolic links using the
    `fancyindex_hide_symlinks` configuration directive. (Idea and
    prototype patch by Thomas Wemm.)
  - New feature: Allow specifying the format of timestamps using
    the `fancyindex_time_format` configuration directive. (Idea
    suggested by Xiao Meng <<novoreorx@gmail.com>>).
  - Listings in top-level directories will not generate a "Parent
    Directory" link as first element of the listing.
    (Patch by Thomas P.)
  - Fix propagation and overriding of the `fancyindex_css_href`
    setting inside nested locations.
  - Minor changes in the code to allow building cleanly under
    Windows with Visual Studio 2013.
    (Patch by Y. Yuan <<yzwduck@gmail.com>>).
- added nginx-rtmp-module
- make all modules dynamic that support it:
  - ngx-fancyindex
  - headers_more_nginx-module
  - nginx-rtmp-module
- manually install the docs instead of using %doc
- unify how we install documentation for the modules
- restructure contrib file handling
  - moved vim files into the normal vim paths so we can use them
    directly
    - new BR/R: vim
  - split out vim files into a subpackage vim-plugin-nginx so we
    dont have the vim requires on the main package
  - perl scripts are moved to /usr/share/nginx/

• Files Changed
• Browse Source

• Files Changed
• Browse Source

• Files Changed
• Browse Source

update to version 1.11.2

• Files Changed
• Browse Source