svn commit: r484468 - branches/2018Q4/www/nginx-devel
Sergey A. Osokin
osa at FreeBSD.org
Thu Nov 8 17:59:38 UTC 2018
Author: osa
Date: Thu Nov 8 17:59:36 2018
New Revision: 484468
URL: https://svnweb.freebsd.org/changeset/ports/484468
Log:
MFH: r484324
Security update from 1.15.5 to 1.15.6.
Temporary disable third-party upstream_fair module, it should
be updated to build with the modern version of the nginx.
While I'm here fix some whitespaces.
Security: 84ca56be-e1de-11e8-bcfd-00e04c1ea73d
Approved by: ports-secteam (miwi)
<ChangeLog>
*) Security: when using HTTP/2 a client might cause excessive memory
consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).
*) Security: processing of a specially crafted mp4 file with the
ngx_http_mp4_module might result in worker process memory disclosure
(CVE-2018-16845).
*) Feature: the "proxy_socket_keepalive", "fastcgi_socket_keepalive",
"grpc_socket_keepalive", "memcached_socket_keepalive",
"scgi_socket_keepalive", and "uwsgi_socket_keepalive" directives.
*) Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL
1.1.1, the TLS 1.3 protocol was always enabled.
*) Bugfix: working with gRPC backends might result in excessive memory
consumption.
</ChangeLog>
Modified:
branches/2018Q4/www/nginx-devel/Makefile
branches/2018Q4/www/nginx-devel/Makefile.extmod
branches/2018Q4/www/nginx-devel/distinfo
Directory Properties:
branches/2018Q4/ (props changed)
Modified: branches/2018Q4/www/nginx-devel/Makefile
==============================================================================
--- branches/2018Q4/www/nginx-devel/Makefile Thu Nov 8 17:49:57 2018 (r484467)
+++ branches/2018Q4/www/nginx-devel/Makefile Thu Nov 8 17:59:36 2018 (r484468)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= nginx
-PORTVERSION= 1.15.4
+PORTVERSION= 1.15.6
CATEGORIES= www
MASTER_SITES= http://nginx.org/download/ \
LOCAL/osa
Modified: branches/2018Q4/www/nginx-devel/Makefile.extmod
==============================================================================
--- branches/2018Q4/www/nginx-devel/Makefile.extmod Thu Nov 8 17:49:57 2018 (r484467)
+++ branches/2018Q4/www/nginx-devel/Makefile.extmod Thu Nov 8 17:59:36 2018 (r484468)
@@ -164,10 +164,11 @@ HTTP_UPSTREAM_CHECK_EXTRA_PATCHES= ${PATCHDIR}/extra-p
HTTP_UPSTREAM_FAIR_GH_TUPLE= cryptofuture:nginx-upstream-fair:b5be36f:upstreamfair
HTTP_UPSTREAM_FAIR_VARS= DSO_EXTMODS+=upstreamfair
+HTTP_UPSTREAM_FAIR_IGNORE= UPSTREAM_FAIR: a patch requires
HTTP_UPSTREAM_STICKY_IMPLIES= HTTP_SSL
-HTTP_UPSTREAM_STICKY_GH_TUPLE= thomsonreuters:nginx-sticky-module-ng:0d58565:upstreamsticky
-HTTP_UPSTREAM_STICKY_CONFIGURE_ON= --add-module=${WRKSRC_upstreamsticky}
+HTTP_UPSTREAM_STICKY_GH_TUPLE= thomsonreuters:nginx-sticky-module-ng:0d58565:upstreamsticky
+HTTP_UPSTREAM_STICKY_CONFIGURE_ON= --add-module=${WRKSRC_upstreamsticky}
HTTP_VIDEO_THUMBEXTRACTOR_LIB_DEPENDS= libavformat.so:multimedia/ffmpeg \
libavcodec.so:multimedia/ffmpeg \
Modified: branches/2018Q4/www/nginx-devel/distinfo
==============================================================================
--- branches/2018Q4/www/nginx-devel/distinfo Thu Nov 8 17:49:57 2018 (r484467)
+++ branches/2018Q4/www/nginx-devel/distinfo Thu Nov 8 17:59:36 2018 (r484468)
@@ -1,6 +1,6 @@
-TIMESTAMP = 1537907181
-SHA256 (nginx-1.15.4.tar.gz) = 3324776c800d974ceae8797ab9102ca26a8c3656f5c6fb3f31f2cb1e719458e7
-SIZE (nginx-1.15.4.tar.gz) = 1024694
+TIMESTAMP = 1541524865
+SHA256 (nginx-1.15.6.tar.gz) = a3d8c67c2035808c7c0d475fffe263db8c353b11521aa7ade468b780ed826cc6
+SIZE (nginx-1.15.6.tar.gz) = 1025761
SHA256 (ngx_cache_purge-2.3.tar.gz) = 279e0d8a46d3b1521fd43b3f78bc1c08b263899142a7cc5058c1c0361a92c89c
SIZE (ngx_cache_purge-2.3.tar.gz) = 12248
SHA256 (nginx_mogilefs_module-1.0.4.tar.gz) = 7ac230d30907f013dff8d435a118619ea6168aa3714dba62c6962d350c6295ae
More information about the svn-ports-branches
mailing list