Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Gates/nginx 1.21.0 buster #1

Draft
wants to merge 59 commits into
base: kadoka-buster
Choose a base branch
from
Draft

Gates/nginx 1.21.0 buster #1

wants to merge 59 commits into from

Conversation

ngates87
Copy link

No description provided.

ctrochalakis and others added 30 commits August 13, 2019 22:30
@ctrochalakis
Add missing changelog entries
e3f6ed2 
Those were forgotten during the upload, but let's add them
for completeness.

Gbp-Dch: Ignore
@ctrochalakis
gbp: setup for buster
ccedd11 
Gbp-Dch: Ignore
@ctrochalakis
Handle CVE-2019-9511 CVE-2019-9513 CVE-2019-9516
fce697b 
Several security issues were identified in nginx HTTP/2
implementation, which might cause excessive memory consumption
and CPU usage (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516).

The issues affect nginx compiled with the ngx_http_v2_module (not
compiled by default) if the "http2" option of the "listen" directive
is used in a configuration file.

The issues affect nginx 1.9.5 - 1.17.2.
The issues are fixed in nginx 1.17.3, 1.16.1.

Thanks to Jonathan Looney from Netflix for discovering these issues.
@ctrochalakis
Release 1.14.2-2+deb10u1
117fc21
@ctrochalakis
Handle CVE-2019-20372, error page request smuggling
06b6f56 
Nginx before 1.17.7, with certain error_page configurations, allows HTTP
request smuggling, as demonstrated by the ability of an attacker to read
unauthorized web pages in environments where NGINX is being fronted by a
load balancer.
@ctrochalakis
Release 1.16.1-3
f6841c9
@mohd-akram
Enable --with-compat configure option
55ef39e 
Closes: #897926
@onovy
Add REMOTE_USER fastcgi param
e5f8119
@onovy
Merge branch 'with-compat' into 'master'
b58e974 
Enable --with-compat configure option (Closes: #897926)

See merge request nginx-team/nginx!6
@onovy
Use debhelper-compat instead of debian/compat
3ef09c0
@onovy
Replace dh_systemd_enable with dh_installsystemd
2b4e972
@onovy
Set Rules-Requires-Root: no
12e9c91
@onovy
d/rules/dh_installinit: Replace --no-restart-on-upgrade with --no-sto…
7f0bb45 
…p-on-upgrade
@onovy
Bump debhelper compat level to 13
52a04bd
@onovy
Use package.maintscript instead of dpkg-maintscript-helper
d089e10
@onovy
Bump standards version to 4.5.0
403f780
@onovy
nchan: Upgrade to 1.2.7
b575cfe
@onovy
d/watch: Change to 1.18.x
f33d2ab
@onovy
New upstream version 1.18.0
b283023
@onovy
Update upstream source from tag 'upstream/1.18.0'
13ba480 
Update to upstream version '1.18.0'
with Debian dir 0330ecd199aded3f2d3de0552ddb1ac1c9a202d1
@onovy
d/patches/CVE-2019-20372.patch: Rebase
f1ae990
@onovy
New upstream version.
3c7832e
@onovy
Convert d/ngxmod to Python 3 (Closes: #953025)
6ac8972
@onovy
nchan: Upgrade to 1.2.7
bc6e1b3
@onovy
http-fancyindex: Upgrade to 0.4.4
5e6d8fe
@onovy
Enable CI
dd794d9
@onovy
d/copyright: Add myself for Debian part
ead863a
@onovy
Add myself as uploader
8838bdc
@onovy
releasing package nginx version 1.18.0-1
693c482
@onovy
d/conf/sites-available/default: Update PHP path for PHP 7.4
134d203
onovy and others added 29 commits June 4, 2020 09:41
@onovy
d/conf/nginx.conf: Enable TLSv1.3
c6872b4
@oerdnj @onovy
http-geoip2: Add ngx_http_geoip2_module 3.3
4851b6e 
Co-authored-by: Ondřej Nový <[email protected]>
@onovy
d/copyright: Update for release
e3540f5
@onovy
d/conf/nginx.conf: Remove tcp_nodelay on, which is same as default
1459087
@onovy
d/conf/nginx.conf: Remove keepalive_timeout 65 and use default value …
9fbad86 
…75s.
@onovy
d/conf/nginx.conf: Remove trailing whitespaces
478b737
@onovy
Build dynamic modules only in extras flavour
3edca84
@onovy
d/ngx-conf: Convert to Python 3
a2ddfe2
@onovy
d/control: Add GeoIP2 into description
a681a84
@onovy
d/copyright: Fix wrong filename
b39ced7
@onovy
Introduce nginx-core and make it new default for "nginx"
6982ab3 
Version of nginx identical to that of nginx-full, but without
any third-party modules, and only modules in the original nginx
code base.
@onovy
libnginx-mod-* now depends on nginx-<any flavour>
8dfca73
@onovy
Add stream-geoip and stream-geoip2 modules
6930b5a
@onovy
d/copyright: Add Thomas Ward from Ubuntu
d9b51eb
@onovy
Check if port 80 is free before starting during install
cc65b80
@onovy
releasing package nginx version 1.18.0-2
886b036
@onovy
Source-only upload to allow migration.
fd2d73b
@onovy
releasing package nginx version 1.18.0-3
f039c69
@onovy
Update ngx_http_auth_pam_module upstream URL
b760bb0
@onovy
http-auth-pam: Upgrade to 1.5.2 (Closes: #963567)
704b0f0
@onovy
d/copyright: Bump year of http-auth-pam
d08f168
@onovy
Revert: libnginx-mod-* now depends on nginx-<any flavour> (Closes: 96…
7df3da6 
…3860).

* Revert: libnginx-mod-* now depends on nginx-<any flavour> (Closes: 963860).
* libnginx-mod-* recommends nginx now.
@onovy
releasing package nginx version 1.18.0-4
bfdc885
@onovy
Prevented request smuggling in LUA CVE-2020-11724 Closes: #964950
aa1f93e
@onovy
releasing package nginx version 1.18.0-5
0c7efef
update nginx to latetst (at time) 1.21.0
63fd05c
Merge remote-tracking branch 'upstream/buster' into gates/nginx-1.21.…
9d3c845 
…0-buster
something changed
ce1da83
=merge 1.18.0-5 package
ddc654a
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@ngates87 @ctrochalakis @mohd-akram @onovy @oerdnj