Revisions of nginx
- update to 1.13.3 (boo#1048265) - Security: a specially crafted request might result in an integer overflow and incorrect processing of ranges in the range filter, potentially resulting in sensitive information leak (CVE-2017-7529). - changes from 1.13.2 - Change: nginx now returns 200 instead of 416 when a range starting with 0 is requested from an empty file. - Feature: the "add_trailer" directive. Thanks to Piotr Sikora. - Bugfix: nginx could not be built on Cygwin and NetBSD; the bug had appeared in 1.13.0. - Bugfix: nginx could not be built under MSYS2 / MinGW 64-bit. Thanks to Orgad Shaneh. - Bugfix: a segmentation fault might occur in a worker process when using SSI with many includes and proxy_pass with variables. - Bugfix: in the ngx_http_v2_module. Thanks to Piotr Sikora. - update nginx-rtmp-module to 1.2.0: - DASH improvements - OpenSSL 1.1 compatibility
buildservice-autocommit
accepted
request 500354
from
Marcus Rueckert (darix)
(revision 85)
baserev update by copy to link target
- update to 1.13.1 - Feature: now a hostname can be used as the "set_real_ip_from" directive parameter. - Feature: vim syntax highlighting scripts improvements. - Feature: the "worker_cpu_affinity" directive now works on DragonFly BSD. Thanks to Sepherosa Ziehau. - Bugfix: SSL renegotiation on backend connections did not work when using OpenSSL before 1.1.0. - Workaround: nginx could not be built with Oracle Developer Studio 12.5. - Workaround: now cache manager ignores long locked cache entries when cleaning cache based on the "max_size" parameter. - Bugfix: client SSL connections were immediately closed if deferred accept and the "proxy_protocol" parameter of the "listen" directive were used. - Bugfix: in the "proxy_cache_background_update" directive. - Workaround: now the "tcp_nodelay" directive sets the TCP_NODELAY option before an SSL handshake. - changes from 1.13.0 - Change: SSL renegotiation is now allowed on backend connections. - Feature: the "rcvbuf" and "sndbuf" parameters of the "listen" directives of the mail proxy and stream modules. - Feature: the "return" and "error_page" directives can now be used to return 308 redirections. Thanks to Simon Leblanc. - Feature: the "TLSv1.3" parameter of the "ssl_protocols" directive. - Feature: when logging signals nginx now logs PID of the process which sent the signal. - Bugfix: in memory allocation error handling. - Bugfix: if a server in the stream module listened on a wildcard address, the source address of a response UDP datagram could differ from the original datagram destination address. D nginx-1.12.0.tar.gz A nginx-1.13.1.tar.gz M nginx.changes M nginx.spec Diff for working copy: . Index: nginx.changes =================================================================== --- nginx.changes (revision 5e264311bbc34e3b63efb8fa4753db55) +++ nginx.changes (working copy) @@ -1,3 +1,40 @@ +------------------------------------------------------------------- +Thu Jun 1 10:05:49 UTC 2017 - mrueckert@suse.de + +- update to 1.13.1 + - Feature: now a hostname can be used as the "set_real_ip_from" + directive parameter. + - Feature: vim syntax highlighting scripts improvements. + - Feature: the "worker_cpu_affinity" directive now works on + DragonFly BSD. Thanks to Sepherosa Ziehau. + - Bugfix: SSL renegotiation on backend connections did not work + when using OpenSSL before 1.1.0. + - Workaround: nginx could not be built with Oracle Developer + Studio 12.5. + - Workaround: now cache manager ignores long locked cache entries + when cleaning cache based on the "max_size" parameter. + - Bugfix: client SSL connections were immediately closed if + deferred accept and the "proxy_protocol" parameter of the + "listen" directive were used. + - Bugfix: in the "proxy_cache_background_update" directive. + - Workaround: now the "tcp_nodelay" directive sets the + TCP_NODELAY option before an SSL handshake. +- changes from 1.13.0 + - Change: SSL renegotiation is now allowed on backend + connections. + - Feature: the "rcvbuf" and "sndbuf" parameters of the "listen" + directives of the mail proxy and stream modules. + - Feature: the "return" and "error_page" directives can now be + used to return 308 redirections. Thanks to Simon Leblanc. + - Feature: the "TLSv1.3" parameter of the "ssl_protocols" + directive. + - Feature: when logging signals nginx now logs PID of the process + which sent the signal. + - Bugfix: in memory allocation error handling. + - Bugfix: if a server in the stream module listened on a wildcard + address, the source address of a response UDP datagram could + differ from the original datagram destination address. + ------------------------------------------------------------------- Sun Apr 9 13:15:49 UTC 2017 - michael@stroeder.com Index: nginx.spec =================================================================== --- nginx.spec (revision 5e264311bbc34e3b63efb8fa4753db55) +++ nginx.spec (working copy) @@ -64,7 +64,7 @@ %define ngx_doc_dir %{_datadir}/doc/packages/%{name} # Name: nginx -Version: 1.12.0 +Version: 1.13.1 Release: 0 %define ngx_fancyindex_version 0.4.1 %define ngx_fancyindex_module_path ngx-fancyindex-%{ngx_fancyindex_version} Index: nginx-1.13.1.tar.gz =================================================================== Binary file 'nginx-1.13.1.tar.gz' added. Index: nginx-1.12.0.tar.gz =================================================================== Binary file 'nginx-1.12.0.tar.gz' deleted.
buildservice-autocommit
accepted
request 489116
from
Marguerite Su (MargueriteSu)
(revision 83)
baserev update by copy to link target
update to 1.12.0
buildservice-autocommit
accepted
request 483807
from
Marguerite Su (MargueriteSu)
(revision 81)
baserev update by copy to link target
- update to 1.11.12 - Bugfix: nginx might hog CPU; the bug had appeared in 1.11.11. - update to 1.11.11 - Feature: the "worker_shutdown_timeout" directive. - Feature: vim syntax highlighting scripts improvements. Thanks to Wei-Ko Kao. - Bugfix: a segmentation fault might occur in a worker process if the $limit_rate variable was set to an empty string. - Bugfix: the "proxy_cache_background_update", "fastcgi_cache_background_update", "scgi_cache_background_update", and "uwsgi_cache_background_update" directives might work incorrectly if the "if" directive was used. - Bugfix: a segmentation fault might occur in a worker process if number of large_client_header_buffers in a virtual server was different from the one in the default server. - Bugfix: in the mail proxy server.
buildservice-autocommit
accepted
request 461286
from
Marguerite Su (MargueriteSu)
(revision 79)
baserev update by copy to link target
- update to 1.11.10 - Change: cache header format has been changed, previously cached responses will be invalidated. - Feature: support of "stale-while-revalidate" and "stale-if-error" extensions in the "Cache-Control" backend response header line. - Feature: the "proxy_cache_background_update", "fastcgi_cache_background_update", "scgi_cache_background_update", and "uwsgi_cache_background_update" directives. - Feature: nginx is now able to cache responses with the "Vary" header line up to 128 characters long (instead of 42 characters in previous versions). - Feature: the "build" parameter of the "server_tokens" directive. Thanks to Tom Thorogood. - Bugfix: "[crit] SSL_write() failed" messages might appear in logs when handling requests with the "Expect: 100-continue" request header line. - Bugfix: the ngx_http_slice_module did not work in named locations. - Bugfix: a segmentation fault might occur in a worker process when using AIO after an "X-Accel-Redirect" redirection. - Bugfix: reduced memory consumption for long-lived requests using gzipping.
buildservice-autocommit
accepted
request 453452
from
Marcus Rueckert (darix)
(revision 77)
baserev update by copy to link target
- update to 1.11.9 - Bugfix: nginx might hog CPU when using the stream module; the bug had appeared in 1.11.5. - Bugfix: EXTERNAL authentication mechanism in mail proxy was accepted even if it was not enabled in the configuration. - Bugfix: a segmentation fault might occur in a worker process if the "ssl_verify_client" directive of the stream module was used. - Bugfix: the "ssl_verify_client" directive of the stream module might not work. - Bugfix: closing keepalive connections due to no free worker connections might be too aggressive. Thanks to Joel Cunningham. - Bugfix: an incorrect response might be returned when using the "sendfile" directive on FreeBSD and macOS; the bug had appeared in 1.7.8. - Bugfix: a truncated response might be stored in cache when using the "aio_write" directive. - Bugfix: a socket leak might occur when using the "aio_write" directive.
buildservice-autocommit
accepted
request 449066
from
Marguerite Su (MargueriteSu)
(revision 75)
baserev update by copy to link target
- update to 1.11.8 - update headers-more-nginx-module 0.32 - update nginx-rtmp-module 1.1.10 - update patches to apply cleanly again
buildservice-autocommit
accepted
request 436644
from
Factory Maintainer (factory-maintainer)
(revision 73)
baserev update by copy to link target
buildservice-autocommit
accepted
request 433571
from
Factory Maintainer (factory-maintainer)
(revision 72)
baserev update by copy to link target
- Fix the logrotate script: we had a hardcoded postrotate action pointing to /etc/init.d/nginx. This does not exist anymore on systemd hosts. Replace it with /usr/sbin/nginx -s reopen, which will use the pid file passed in the config file or the compiled in default path.
- update to 11.4 - Feature: the $upstream_bytes_received variable. - Feature: the $bytes_received, $session_time, $protocol, $status, $upstream_addr, $upstream_bytes_sent, $upstream_bytes_received, $upstream_connect_time, $upstream_first_byte_time, and $upstream_session_time variables in the stream module. - Feature: the ngx_stream_log_module. - Feature: the "proxy_protocol" parameter of the "listen" directive, the $proxy_protocol_addr and $proxy_protocol_port variables in the stream module. - Feature: the ngx_stream_realip_module. - Bugfix: nginx could not be built with the stream module and the ngx_http_ssl_module, but without ngx_stream_ssl_module; the bug had appeared in 1.11.3. - Feature: the IP_BIND_ADDRESS_NO_PORT socket option was not used; the bug had appeared in 1.11.2. - Bugfix: in the "ranges" parameter of the "geo" directive. - Bugfix: an incorrect response might be returned when using the "aio threads" and "sendfile" directives; the bug had appeared in 1.9.13. - drop nginx-1.11.3_ssl_stream.patch again - refreshed the following patches to apply cleanly again check_1.9.2+.patch nginx-1.11.2-html.patch nginx-1.11.2-no_Werror.patch nginx-aio.patch - update to 1.11.3 - Change: now the "accept_mutex" directive is turned off by default. - Feature: now nginx uses EPOLLEXCLUSIVE on Linux. - Feature: the ngx_stream_geo_module. - Feature: the ngx_stream_geoip_module. - Feature: the ngx_stream_split_clients_module. - Feature: variables support in the "proxy_pass" and "proxy_ssl_name" directives in the stream module. - Bugfix: socket leak when using HTTP/2. - Bugfix: in configure tests. Thanks to Piotr Sikora. - backport nginx-1.11.3_ssl_stream.patch from hg - refresh patches to apply cleanly again: - check_1.9.2+.patch - nginx-1.11.2-html.patch - nginx-1.11.2-no_Werror.patch - nginx-aio.patch - enable a few new upstream modules and move some from 1.11.x to dynamic: - stream_geoip_module - mail_ssl_module - stream_ssl_module - build fancyindex unconditionally and update it to 0.4.1 - New `fancyindex_directories_first` configuration directive (enabled by default), which allows setting whether directories are sorted before other files. (Patch by Luke Zapart <<luke@zapart.org>>.) - Fix index files not working when the fancyindex module is in use (#46). - The module can now be built as a [dynamic module](https://www.nginx.com/resources/wiki/extending/converting/). (Patch by Róbert Nagy <<vrnagy@gmail.com>>.) - New configuration directive `fancyindex_show_path`, which allows hiding the `<h1>` header which contains the current path. (Patch by Thomas P. <<tpxp@live.fr>>.) - Directory and file links in listings now have a title="..." attribute. (Patch by `@janglapuk` <<trusdi.agus@gmail.com>>.) - Fix for hung requests when the module is used along with `ngx_pagespeed`. (Patch by Otto van der Schaaf <<oschaaf@we-amp.com>>.) - New feature: Allow filtering out symbolic links using the `fancyindex_hide_symlinks` configuration directive. (Idea and prototype patch by Thomas Wemm.) - New feature: Allow specifying the format of timestamps using the `fancyindex_time_format` configuration directive. (Idea suggested by Xiao Meng <<novoreorx@gmail.com>>). - Listings in top-level directories will not generate a "Parent Directory" link as first element of the listing. (Patch by Thomas P.) - Fix propagation and overriding of the `fancyindex_css_href` setting inside nested locations. - Minor changes in the code to allow building cleanly under Windows with Visual Studio 2013. (Patch by Y. Yuan <<yzwduck@gmail.com>>). - added nginx-rtmp-module - make all modules dynamic that support it: - ngx-fancyindex - headers_more_nginx-module - nginx-rtmp-module - manually install the docs instead of using %doc - unify how we install documentation for the modules - restructure contrib file handling - moved vim files into the normal vim paths so we can use them directly - new BR/R: vim - split out vim files into a subpackage vim-plugin-nginx so we dont have the vim requires on the main package - perl scripts are moved to /usr/share/nginx/
update to version 1.11.2
Displaying revisions 181 - 200 of 266