UbuntuUpdates.org

Package "nginx"

Name: nginx

Description:

small, but very powerful and efficient web server and mail proxy

Latest version: 1.1.19-1ubuntu0.8
Release: precise (12.04)
Level: updates
Repository: universe
Homepage: http://nginx.net

Links


Download "nginx"


Other versions of "nginx" in Precise

Repository Area Version
base universe 1.1.19-1
security universe 1.1.19-1ubuntu0.7
PPA: Nginx 1.10.1-3+precise3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.1.19-1ubuntu0.8 2015-07-20 22:06:37 UTC

  nginx (1.1.19-1ubuntu0.8) precise-proposed; urgency=medium

  * d/modules/nginx-http-push: Apply upstream bugfix. (LP: #1216817)
    * src/ngx_http_push_module_setup.c: Modify push module code with
      upstream changes to fix an issue with initialization when using
      `fastcgi_cache` or `proxy_cache`.
    * tests/nginx-cachemanager.conf: (new file) Include upstream change
      of adding an nginx-cachemanager.conf file to the tests.
 -- Thomas Ward Mon, 09 Feb 2015 12:02:52 -0500

Source diff to previous version
1216817 [SRU] Using `fastcgi_cache` or `proxy_cache` with nginx-extras causes the push module to throw errors.

Version: 1.1.19-1ubuntu0.7 2015-01-06 20:06:31 UTC

  nginx (1.1.19-1ubuntu0.7) precise-security; urgency=medium

  * SECURITY UPDATE: incorrect cached SSL session reuse (LP: #1370478)
    - debian/patches/CVE-2014-3616.patch: Use a random value for session id
      context, since there is no support for shared TLS Session Tickets in
      this version in src/event/ngx_event_openssl.c.
    - CVE-2014-3616
 -- Lev Lazinskiy <email address hidden> Fri, 05 Dec 2014 22:25:50 -0500

Source diff to previous version
1370478 [CVE-2014-3616] \
CVE-2014-3616 reuse cached SSL sessions in unrelated contexts

Version: 1.1.19-1ubuntu0.6 2014-02-13 23:06:56 UTC

  nginx (1.1.19-1ubuntu0.6) precise-proposed; urgency=low

  * Enable building of the http_stub_status_module in nginx-naxsi, which was
    apparently not marked for compiling even though it's listed in the package
    description. (LP: #1170586)
 -- Thomas Ward <email address hidden> Fri, 31 Jan 2014 11:02:23 -0500

Source diff to previous version
1170586 [SRU] Naxsi package lacking Stub Status

Version: 1.1.19-1ubuntu0.5 2013-11-22 05:06:21 UTC

  nginx (1.1.19-1ubuntu0.5) precise-security; urgency=low

  * SECURITY UPDATE: ACL bypass via space character (LP: #1253691)
    - debian/patches/cve-2013-4547.patch: modify src/http/ngx_http_parse.c
      to account for a space character, fixing an issue which could result in
      security restrictions being bypassed
    - CVE-2013-4547
 -- Thomas Ward <email address hidden> Thu, 21 Nov 2013 13:02:22 -0500

Source diff to previous version
1253691 Specially crafted request URI permits security restriction bypass [CVE-2013-4547]
CVE-2013-4547 security restrictions bypass

Version: 1.1.19-1ubuntu0.4 2013-10-24 19:06:50 UTC

  nginx (1.1.19-1ubuntu0.4) precise; urgency=low

  [ Thomas Ward ]
  * Move postinst symlinking of default nginx config to nginx-common only.
    (closes LP: #1206878)

  [ Iain Lane ]
  * Take additional change from Debian patch to check sites-enabled and
    sites-available are directories before symlinking .../default.
 -- Thomas Ward <email address hidden> Thu, 10 Oct 2013 10:48:16 +0100

1206878 [SRU] Configuration should be purged only in nginx-common



About   -   Send Feedback to @ubuntu_updates