[nginx/f15] Resolve CVE-2011-431

Keiran Smith affix at fedoraproject.org
Thu Nov 17 17:26:08 UTC 2011 

commit 3ed85cfe3bc440f7c01d66fa0cdbf0d9c10b5a7e
Author: Affix <affix at affix.me>
Date:   Thu Nov 17 17:26:00 2011 +0000

    Resolve CVE-2011-431

 .gitignore |    1 +
 nginx.spec |   19 ++++++++++++++++---
 sources    |    2 +-
 3 files changed, 18 insertions(+), 4 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 7188a20..a80c4a2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,4 @@ x86_64/
 /nginx-1.0.0.tar.gz
 /nginx-1.0.5.tar.gz
 /nginx-1.0.8.tar.gz
+/nginx-1.0.10.tar.gz
diff --git a/nginx.spec b/nginx.spec
index 0d7ed7c..f29e058 100644
--- a/nginx.spec
+++ b/nginx.spec
@@ -8,7 +8,7 @@
 %define nginx_webroot   %{nginx_datadir}/html
 
 Name:           nginx
-Version:        1.0.8
+Version:        1.0.10
 Release:        1%{?dist}
 Summary:        Robust, small and high performance HTTP and reverse proxy server
 Group:          System Environment/Daemons   
@@ -31,7 +31,7 @@ Requires(preun):    chkconfig, initscripts
 Requires(postun):   initscripts
 Provides:           webserver
 
-Source0:    http://sysoev.ru/nginx/nginx-%{version}.tar.gz
+Source0:    http://nginx.org/download/nginx-%{version}.tar.gz
 Source1:    %{name}.init
 Source2:    %{name}.logrotate
 Source3:    virtual.conf
@@ -191,11 +191,24 @@ fi
 
 
 %changelog
+* Thu Nov 17 2011 Keiran "Affix" Smith <fedora at affix.me> - 1.0.10-1
+- Bugfix: a segmentation fault might occur in a worker process if resolver got a big DNS response. Thanks to Ben Hawkes.
+- Bugfix: in cache key calculation if internal MD5 implementation wasused; the bug had appeared in 1.0.4.
+- Bugfix: the module ngx_http_mp4_module sent incorrect "Content-Length" response header line if the "start" argument was used. Thanks to Piotr Sikora.
 * Thu Oct 27 2011 Keiran "Affix" Smith <fedora at affix.me> - 1.0.8-1
 - Update to new 1.0.8 stable release
 
 * Fri Aug 26 2011 Keiran "Affix" Smith <fedora at affix.me> - 1.0.5-1
-- Update to Version 1.0.5 Stable Release
+- Update nginx to Latest Stable Release
+
+* Fri Jun 17 2011 Marcela Mašláňová <mmaslano at redhat.com> - 1.0.0-3
+- Perl mass rebuild
+
+* Thu Jun 09 2011 Marcela Mašláňová <mmaslano at redhat.com> - 1.0.0-2
+- Perl 5.14 mass rebuild
+
+* Wed Apr 27 2011 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.0.0-1
+- Update to 1.0.0
 
 * Tue Feb 08 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.8.53-6
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
diff --git a/sources b/sources
index 8fa4de5..50a2f05 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-1049e5fc6e80339f6ba8668fadfb75f9  nginx-1.0.8.tar.gz
+930b297b00fa1018fb0a1dd3e6b7e17e  nginx-1.0.10.tar.gz

More information about the scm-commits mailing list