Index | Thread | Search

From:
Robert Nagy <robert@openbsd.org>
Subject:
Re: [update] nginx 1.26.1
To:
Landry Breuil <landry@openbsd.org>
Cc:
ports@openbsd.org
Date:
Thu, 30 May 2024 13:49:48 +0200

Download raw body.

Thread 
ok

On 30/05/24 12:29 GMT, Landry Breuil wrote:
> yo,
> 
> list of changes:
> 
>     *) Security: when using HTTP/3, processing of a specially crafted QUIC
>        session might cause a worker process crash, worker process memory
>        disclosure on systems with MTU larger than 4096 bytes, or might have
>        potential other impact (CVE-2024-32760, CVE-2024-31079,
>        CVE-2024-35200, CVE-2024-34161).
>        Thanks to Nils Bars of CISPA.
> 
>     *) Bugfix: reduced memory consumption for long-lived requests if "gzip",
>        "gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
> 
>     *) Bugfix: nginx could not be built by gcc 14 if the --with-atomic
>        option was used.
>        Thanks to Edgar Bonet.
> 
>     *) Bugfix: in HTTP/3.
> 
> ok ?

> ? nginx-1.18.0.diff
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/www/nginx/Makefile,v
> diff -u -r1.178 Makefile
> --- Makefile	17 May 2024 12:36:29 -0000	1.178
> +++ Makefile	30 May 2024 10:27:53 -0000
> @@ -18,7 +18,7 @@
>  COMMENT-rtmp=		nginx module for RTMP streaming
>  COMMENT-securelink=	nginx HMAC secure link module
>  
> -VERSION=	1.26.0
> +VERSION=	1.26.1
>  DISTNAME=	nginx-${VERSION}
>  CATEGORIES=	www
>  
> Index: distinfo
> ===================================================================
> RCS file: /cvs/ports/www/nginx/distinfo,v
> diff -u -r1.84 distinfo
> --- distinfo	27 Apr 2024 07:24:04 -0000	1.84
> +++ distinfo	30 May 2024 10:27:53 -0000
> @@ -2,7 +2,7 @@
>  SHA256 (lua-nginx-module-v0.10.11.tar.gz) = wPuR/P0cbn3sNMpkgm74H/66/e9hdNJURnY284BWZiY=
>  SHA256 (naxsi-d714f1636ea49a9a9f4f06dba14aee003e970834.tar.gz) = 2+IXdBFFfxy6mO5Gc84xh2mUrQa9zl7MDuZjhO8OQg4=
>  SHA256 (nginx-1.20.1-chroot.patch) = SS1TB0j8N4/dn5pUTGT6WvkN3aAUuKz5+R0Nt+MG0gk=
> -SHA256 (nginx-1.26.0.tar.gz) = 0ubIQ51sbbUBXY6qskcKtSrvhae/NjGCh5l34IQ3BJc=
> +SHA256 (nginx-1.26.1.tar.gz) = +Rh0aP8usVkmC/1Thnwl/44zRyYjes8ie56HDlPT42s=
>  SHA256 (nginx-auth-ldap-83c059b73566c2ee9cbda920d91b66657cf120b7.tar.gz) = aQxOW9sq4ZsP7nXNNW0YATRo20cmFrYJeloLvjRshGQ=
>  SHA256 (nginx-rtmp-module-v1.2.1.tar.gz) = h6pZdACwtaBSdO4tI9jLgiThJoYiegq+MdeDs6ZF6jc=
>  SHA256 (ngx_devel_kit-v0.3.0.tar.gz) = iOBamainQZBm9a51lm+x78QJutRSLRSYbaB0VUrmFhk=
> @@ -13,7 +13,7 @@
>  SIZE (lua-nginx-module-v0.10.11.tar.gz) = 616653
>  SIZE (naxsi-d714f1636ea49a9a9f4f06dba14aee003e970834.tar.gz) = 237272
>  SIZE (nginx-1.20.1-chroot.patch) = 8783
> -SIZE (nginx-1.26.0.tar.gz) = 1244118
> +SIZE (nginx-1.26.1.tar.gz) = 1244738
>  SIZE (nginx-auth-ldap-83c059b73566c2ee9cbda920d91b66657cf120b7.tar.gz) = 18542
>  SIZE (nginx-rtmp-module-v1.2.1.tar.gz) = 519919
>  SIZE (ngx_devel_kit-v0.3.0.tar.gz) = 66455


-- 
Regards,
Robert Nagy