summaryrefslogtreecommitdiffstats
path: root/package/nginx/nginx.hash
Commit message (Collapse)AuthorAgeFilesLines
* nginx: bump to version 1.15.7Peter Korsgaard2018-12-131-1/+1
| | | | | | | | | | | | | | | | | 1.15.7 contains a number of bugfixes. From the changes file: *) Bugfix: memory leak on errors during reconfiguration. *) Bugfix: in the $upstream_response_time, $upstream_connect_time, and $upstream_header_time variables. *) Bugfix: a segmentation fault might occur in a worker process if the ngx_http_mp4_module was used on 32-bit platforms. https://nginx.org/en/CHANGES Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* nginx: security bump to 1.15.6Peter Korsgaard2018-11-091-1/+1
| | | | | | | | | | | | | | Fixes the following security issues: CVE-2018-16843: Excessive memory usage in HTTP/2 CVE-2018-16844: Excessive CPU usage in HTTP/2 CVE-2018-16845: Memory disclosure in the ngx_http_mp4_module Refreshed patch 0004 + 0007 as they no longer applied cleanly. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* nginx: bump to version 1.15.0Ignacy Gawędzki2018-06-301-2/+2
| | | | | | | | | | | | | | | | | | | | | | | The following patches have been updated to apply on 1.15.0: 0003-auto-set-ngx_feature_run_force_result-for-each-featu.patch 0006-auto-lib-openssl-conf-use-pkg-config.patch The follow patch has been removed, because it was applied upstream: 0009-auto-lib-conf-fix-PCRE-condition-WRT-the-http-and-ht.patch The license file hash has changed because the copyright years were updated in the LICENSE file: - * Copyright (C) 2002-2017 Igor Sysoev - * Copyright (C) 2011-2017 Nginx, Inc. + * Copyright (C) 2002-2018 Igor Sysoev + * Copyright (C) 2011-2018 Nginx, Inc. Signed-off-by: Ignacy Gawędzki <ignacy.gawedzki@green-communications.fr> [Thomas: drop unneeded patch updates, improve commit log.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
* nginx: bump to 1.12.2Adam Duskett2017-11-221-1/+1
| | | | | Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/nginx: add license hashSamuel Martin2017-11-051-0/+2
| | | | | Signed-off-by: Samuel Martin <s.martin49@gmail.com> Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
* nginx: security bump to version 1.12.1Peter Korsgaard2017-07-141-1/+1
| | | | | | | | | | | | Fixes CVE-2017-7529 - Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. For more details, see: http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* nginx: bump to version 1.12.0Adam Duskett2017-07-051-1/+1
| | | | | | | Also update the patch line numbers to work with 1.12.0 Signed-off-by: Adam Duskett <Adamduskett@outlook.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* nginx: bump version to 1.10.3Adam Duskett2017-02-041-1/+1
| | | | | Signed-off-by: Adam Duskett <aduskett@codeblue.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* nginx: bump to version 1.10.2Gustavo Zacarias2016-10-191-1/+1
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* nginx: security bump to version 1.10.1Gustavo Zacarias2016-06-051-1/+1
| | | | | | | | | Fixes: CVE-2016-4450 - NULL pointer dereference while writing client request body. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/nginx: bump version to 1.10.0Martin Bark2016-05-051-1/+1
| | | | | | | | | | The ngx_http_spdy_module has been superseded by the ngx_http_v2_module so BR2_PACKAGE_NGINX_HTTP_SPDY_MODULE has changed to BR2_PACKAGE_NGINX_HTTP_V2_MODULE Signed-off-by: Martin Bark <martin@barkynet.com> [Thomas: rewrap Config.in.legacy help text.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* nginx: security bump to version 1.8.1Gustavo Zacarias2016-01-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | Fixes: CVE-2016-0742 - invalid pointer dereference might occur during DNS server response processing if the "resolver" directive was used, allowing anattacker who is able to forge UDP packets from the DNS server to cause segmentation fault in a worker process. CVE-2016-0746 - use-after-free condition might occur during CNAME response processing if the "resolver" directive was used, allowing an attacker who is able to trigger name resolution to cause segmentation fault in a worker process, or might have potential other impact. CVE-2016-0747 - CNAME resolution was insufficiently limited if the "resolver" directive was used, allowing an attacker who is able to trigger arbitrary name resolution to cause excessive resource consumption in worker processes. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* nginx: bump to 1.8.0 (latest stable version)Danomi Manchego2015-06-281-1/+1
| | | | | | | Patches refreshed to apply with no shift or fuzz. Signed-off-by: Danomi Manchego <danomimanchego123@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* nginx: bump to version 1.6.3Gustavo Zacarias2015-04-071-1/+1
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* nginx: add hash fileGustavo Zacarias2015-03-201-0/+2
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
OpenPOWER on IntegriCloud