[nginx] Update to 1.4.1 - CVE-2013-2028 (#960605, #960606)
Jamie Nguyen
jamielinux at fedoraproject.org
Tue May 7 17:07:46 UTC 2013
commit ef2548d3c2aab00a32bf5e79ef6dc8b1662f576a
Author: Jamie Nguyen <j at jamielinux.com>
Date: Tue May 7 18:06:52 2013 +0100
Update to 1.4.1 - CVE-2013-2028 (#960605, #960606)
.gitignore | 2 ++
nginx.spec | 9 +++++++--
sources | 4 ++--
3 files changed, 11 insertions(+), 4 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 30c2929..b8ac58d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,3 +18,5 @@ x86_64/
/nginx-1.2.8.tar.gz.asc
/nginx-1.4.0.tar.gz
/nginx-1.4.0.tar.gz.asc
+/nginx-1.4.1.tar.gz
+/nginx-1.4.1.tar.gz.asc
diff --git a/nginx.spec b/nginx.spec
index 0d3809b..39354c3 100644
--- a/nginx.spec
+++ b/nginx.spec
@@ -16,8 +16,8 @@
Name: nginx
Epoch: 1
-Version: 1.4.0
-Release: 2%{?dist}
+Version: 1.4.1
+Release: 1%{?dist}
Summary: A high performance web server and reverse proxy server
Group: System Environment/Daemons
@@ -224,6 +224,11 @@ fi
%changelog
+* Tue May 07 2013 Jamie Nguyen <jamielinux at fedoraproject.org> - 1:1.4.1-1
+- update to upstream release 1.4.1 (#960605, #960606):
+ CVE-2013-2028 stack-based buffer overflow when handling certain chunked
+ transfer encoding requests
+
* Sun Apr 28 2013 Dan HorĂ¡k <dan[at]danny.cz> - 1:1.4.0-2
- gperftools exist only on selected arches
diff --git a/sources b/sources
index ba3c02f..9026e6a 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-d496e58864ab10ed56278b7655b0d0b2 nginx-1.4.0.tar.gz
-ac3361c0cfe8e1f7730755492a928060 nginx-1.4.0.tar.gz.asc
+fea7dfab995545ce27fe4c49dc21a972 nginx-1.4.1.tar.gz
+455f82ffbf31085754e725e219e0f840 nginx-1.4.1.tar.gz.asc
More information about the scm-commits
mailing list