Change log for nginx package in Ubuntu
| 1 → 75 of 170 results | First • Previous • Next • Last |
| Published in cosmic-proposed on 2018-05-17 |
nginx (1.14.0-0ubuntu2) cosmic; urgency=medium
* debian/nginx-core.postinst: Make nginx-*.postinst use invoke-rc.d.
(LP: #1578344)
-- Thomas Ward <email address hidden> Tue, 15 May 2018 11:14:02 -0400
Available diffs
- diff from 1.14.0-0ubuntu1 to 1.14.0-0ubuntu2 (663 bytes)
| Published in cosmic-release on 2018-05-01 |
| Published in bionic-release on 2018-04-19 |
| Deleted in bionic-proposed (Reason: moved to release) |
nginx (1.14.0-0ubuntu1) bionic; urgency=medium
* New upstream stable release (1.14.0)
* Upstream changelogs can be found at http://nginx.org/en/CHANGES-1.14
* There are no functional changes or new features in this release,
and the only change is a version number change.
* Remaining Ubuntu-specific changes:
- debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed)
- d/{control,rules,nginx-core.*}: add new binary package for main,
nginx-core, which contains only source-tarball-included modules
and no third-party modules.
- debian/tests/control: add nginx-core test.
- debian/apport/source_nginx.py: Add apport hooks for additional bug
information gathering.
- debian/nginx-common.install: Add install rule for apport hooks.
-- Thomas Ward <email address hidden> Tue, 17 Apr 2018 12:17:58 -0400
Available diffs
| Superseded in bionic-release on 2018-04-19 |
| Deleted in bionic-proposed on 2018-04-21 (Reason: moved to release) |
nginx (1.13.12-0ubuntu1) bionic; urgency=medium
* New upstream releases (1.13.11, 1.13.12)
* Upstream changelogs can be found at https://nginx.org/en/CHANGES
* Remaining Ubuntu-specific changes:
- debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed)
- d/{control,rules,nginx-core.*}: add new binary package for main,
nginx-core, which contains only source-tarball-included modules
and no third-party modules.
- debian/tests/control: add nginx-core test.
- debian/apport/source_nginx.py: Add apport hooks for additional bug
information gathering.
- debian/nginx-common.install: Add install rule for apport hooks.
-- Thomas Ward <email address hidden> Mon, 16 Apr 2018 11:43:01 -0400
Available diffs
| Superseded in bionic-release on 2018-04-17 |
| Deleted in bionic-proposed on 2018-04-19 (Reason: moved to release) |
nginx (1.13.10-1ubuntu1) bionic; urgency=medium
* Merge with Debian unstable. Remaining changes:
- debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed)
- d/{control,rules,nginx-core.*}: add new binary package for main,
nginx-core, which contains only source-tarball-included modules
and no third-party modules.
- debian/tests/control: add nginx-core test.
- debian/apport/source_nginx.py: Add apport hooks for additional bug
information gathering.
- debian/nginx-common.install: Add install rule for apport hooks.
* Drop:
- debian/patches/0002-Make-sure-signature-stays-the-same-in-
all-nginx-buil.patch: Refreshed patch - Merge-o-Matic introduced some
fuzz which caused issues.
[ Does not seem necessary ]
- d/control: drop mention of SSL Preread from nginx-full, nginx-extras
[ Previously undocumented ]
- d/gbp.conf: update for 1.12 release
[ Previously undocumented ]
- d/p/0003-define_gnu_source-on-other-glibc-based-platforms.patch:
Refresh patch.
[ Previously undocumented ]
Available diffs
- diff from 1.13.6-2ubuntu2 to 1.13.10-1ubuntu1 (164.6 KiB)
| Superseded in bionic-release on 2018-04-09 |
| Deleted in bionic-proposed on 2018-04-10 (Reason: moved to release) |
nginx (1.13.6-2ubuntu2) bionic; urgency=high * No change rebuild against openssl1.1. -- Dimitri John Ledkov <email address hidden> Mon, 05 Feb 2018 16:51:17 +0000
Available diffs
- diff from 1.13.6-2ubuntu1 to 1.13.6-2ubuntu2 (327 bytes)
| Superseded in bionic-release on 2018-02-09 |
| Deleted in bionic-proposed on 2018-02-11 (Reason: moved to release) |
nginx (1.13.6-2ubuntu1) bionic; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed)
- d/{control,rules,nginx-core.*}: add new binary package for main,
nginx-core, which contains only source-tarball-included modules
and no third-party modules.
- debian/tests/control: add nginx-core test.
- debian/apport/source_nginx.py: Add apport hooks for additional bug
information gathering.
- debian/nginx-common.install: Add install rule for apport hooks.
- debian/rules: Alter build flags for cflags and ldflags to fix known
fPIE / fPIC compilation issues (see nginx PPA bug for more details
and information, LP: #1657596)
- debian/patches/0002-Make-sure-signature-stays-the-same-in-
all-nginx-buil.patch: Refreshed patch - Merge-o-Matic introduced some
fuzz which caused issues.
-- Thomas Ward <email address hidden> Tue, 12 Dec 2017 12:15:30 -0500
Available diffs
| Superseded in bionic-release on 2017-12-14 |
| Published in artful-release on 2017-08-10 |
| Deleted in artful-proposed (Reason: moved to release) |
nginx (1.12.1-0ubuntu2) artful; urgency=medium * No-change rebuild for perl 5.26.0. -- Matthias Klose <email address hidden> Wed, 26 Jul 2017 20:11:43 +0000
Available diffs
- diff from 1.12.1-0ubuntu1 to 1.12.1-0ubuntu2 (323 bytes)
| Superseded in artful-release on 2017-08-10 |
| Deleted in artful-proposed on 2017-08-11 (Reason: moved to release) |
nginx (1.12.1-0ubuntu1) artful; urgency=medium
* New upstream release (1.12.1) - full changelog available at upstream
website - http://nginx.org/en/CHANGES-1.12
* This release is a security patch micro-release from Upstream.
* This package contains security content to fix the following CVEs:
* CVE-2017-7529: A security issue was identified in nginx range filter.
A specially crafted request might result in an integer overflow and
incorrect processing of ranges, potentially resulting in sensitive
information leak. (Closes LP: #1704151)
* Additional changes:
* d/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.
-- Thomas Ward <email address hidden> Sat, 15 Jul 2017 12:40:15 -0400
Available diffs
| Superseded in artful-release on 2017-07-15 |
| Deleted in artful-proposed on 2017-07-17 (Reason: moved to release) |
nginx (1.12.0-1ubuntu1) artful; urgency=medium
* Merge from Debian Experimental (1.12.0-1, via snapshots.debian.org)
* All Ubuntu-specific changes from Ubuntu 1.12.0-0ubuntu1 were retained.
* Remaining changes:
* d/tests/control: Specify nginx-core flavor tests.
* This merge closes the merge request on Launchpad. (LP: #1704020)
-- Thomas Ward <email address hidden> Wed, 12 Jul 2017 19:53:24 -0400
Available diffs
nginx (1.10.3-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: integer overflow in range filter leading to
information exposure
- debian/patches/CVE-2017-7529.patch: add check to ensure size does
not overflow
- CVE-2017-7529
-- Steve Beattie <email address hidden> Wed, 12 Jul 2017 03:20:18 -0700
Available diffs
nginx (1.4.6-1ubuntu3.8) trusty-security; urgency=medium
* SECURITY UPDATE: integer overflow in range filter leading to
information exposure
- debian/patches/CVE-2017-7529.patch: add check to ensure size does
not overflow
- CVE-2017-7529
-- Steve Beattie <email address hidden> Wed, 12 Jul 2017 02:59:32 -0700
Available diffs
- diff from 1.4.6-1ubuntu3.7 to 1.4.6-1ubuntu3.8 (877 bytes)
nginx (1.10.1-0ubuntu1.3) yakkety-security; urgency=medium
* SECURITY UPDATE: integer overflow in range filter leading to
information exposure
- debian/patches/CVE-2017-7529.patch: add check to ensure size does
not overflow
- CVE-2017-7529
-- Steve Beattie <email address hidden> Wed, 12 Jul 2017 02:56:24 -0700
Available diffs
- diff from 1.10.1-0ubuntu1.2 to 1.10.1-0ubuntu1.3 (886 bytes)
nginx (1.10.3-1ubuntu3.1) zesty-security; urgency=medium
* SECURITY UPDATE: integer overflow in range filter leading to
information exposure
- debian/patches/CVE-2017-7529.patch: add check to ensure size does
not overflow
- CVE-2017-7529
-- Steve Beattie <email address hidden> Wed, 12 Jul 2017 00:27:59 -0700
Available diffs
| Superseded in artful-release on 2017-07-15 |
| Deleted in artful-proposed on 2017-07-16 (Reason: moved to release) |
nginx (1.12.0-0ubuntu1) artful; urgency=medium
* New upstream release: 1.12.0 Stable branch.
* All remaining Ubuntu-specific and Debian-specific changes remain
in place with this upload, the upstream version and code are the
only bits that have been updated, except where indicated below.
* Remaining changes:
- d/modules/nginx-upload-progress/config: Apply upstream patch to
fix an issue where the module does not properly function due to
the wrong module type being set; this prevented the module from
working when built. (LP: #1673056)
- d/patches: The following patches were dropped from the package
because the changes from the patches are already incorporated
in 1.12.0:
- 0004-SSL-error-messages-style.patch
- 0005-SSL-style.patch
- 0006-SSL-support-for-multiple-curves-ticket-885.patch
- d/patches/perl-use-dpkg-buildflags.patch: Refreshed patch to
remove fuzz from the patch.
- d/modules/nginx-echo: Apply upstream diff/patch to fix an FTBFS
- d/modules/nginx-lua: Apply upstream diff/patch to fix an FTBFS
- d/modules/nginx-upstream-fair: Apply diff/patch from the Debian
package maintainers' git repository to not use default_port to
fix an FTBFS. (This will eventually be in Debian, and will get
merged in then as well).
-- Thomas Ward <email address hidden> Wed, 26 Apr 2017 12:02:33 -0400
Available diffs
- diff from 1.10.3-1ubuntu3 to 1.12.0-0ubuntu1 (187.7 KiB)
| Superseded in artful-release on 2017-04-28 |
| Obsolete in zesty-release on 2018-06-22 |
| Deleted in zesty-proposed 18 hours ago (Reason: moved to release) |
nginx (1.10.3-1ubuntu3) zesty; urgency=medium
* debian/tests/control: Remove the 'ec-x25519' test stanzas from the
declarations of tests to run. This test requires OpenSSL >= 1.1.0
to support the X25519 ECDH curve, and we do not have OpenSSL 1.1.0.
This delta can be ***dropped*** when we do have OpenSSL >= 1.1.0.
- This fixes the autopkgtests, of which the Debian merge introduced
a regression due to the ec-x25519 test.
-- Thomas Ward <email address hidden> Mon, 27 Feb 2017 19:51:57 -0500
Available diffs
- diff from 1.10.2-0ubuntu1 to 1.10.3-1ubuntu3 (517.5 KiB)
- diff from 1.11.8-1+zesty1 to 1.10.3-1ubuntu3 (171.8 KiB)
| Superseded in zesty-proposed on 2017-02-28 |
nginx (1.10.3-1ubuntu2) zesty; urgency=low * debian/*.save: Junk .save left in the packaging, remove these. -- Thomas Ward <email address hidden> Thu, 16 Feb 2017 15:39:51 -0500
Available diffs
- diff from 1.11.8-1+zesty1 to 1.10.3-1ubuntu2 (171.7 KiB)
| Superseded in zesty-proposed on 2017-02-16 |
nginx (1.10.3-1ubuntu1) zesty; urgency=medium
* Merge from Debian unstable (note: 1.10.3 already was merged, but 1.10.3
packaging changes in Debian were not). Remaining changes are as
follows: (LP: #1664652)
- debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed)
- d/{control,rules,nginx-core.*}: add new binary package for main,
nginx-core, which contains only source-tarball-included modules
and no third-party modules.
- debian/tests/control: add nginx-core test.
- debian/apport/source_nginx.py: Add apport hooks for additional bug
information gathering.
- debian/nginx-common.install: Add install rule for apport hooks.
- debian/rules: Alter build flags for cflags and ldflags to fix known
fPIE / fPIC compilation issues (see nginx PPA bug for more details
and information, LP: #1657596)
-- Thomas Ward <email address hidden> Thu, 16 Feb 2017 15:29:40 -0500
Available diffs
- diff from 1.11.8-1+zesty1 to 1.10.3-1ubuntu1 (173.1 KiB)
| Superseded in zesty-proposed on 2017-02-16 |
nginx (1.10.3-0ubuntu2) zesty; urgency=low
* Merge from Debian unstable (nginx version there is 1.10.2-4). Remaining
changes: (LP: #1664652)
- debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed)
- d/{control,rules,nginx-core.*}: add new binary package for main,
nginx-core, which contains only source-tarball-included modules
and no third-party modules.
- debian/tests/control: add nginx-core test.
- debian/apport/source_nginx.py: Add apport hooks for additional bug
information gathering.
- debian/nginx-common.install: Add install rule for apport hooks.
- debian/rules: Alter build flags for cflags and ldflags to fix known
fPIE / fPIC compilation issues (see nginx PPA bug for more details
and information, LP: #1657596)
-- Thomas Ward <email address hidden> Tue, 14 Feb 2017 17:47:00 -0500
Available diffs
- diff from 1.11.8-1+zesty1 to 1.10.3-0ubuntu2 (172.8 KiB)
| Obsolete in yakkety-proposed on 2018-01-23 |
nginx (1.10.3-0ubuntu0.16.10.1) yakkety; urgency=medium * Stable Release Update (LP: #1663937) * New upstream release (1.10.3) - full changelog available at upstream website - http://nginx.org/en/CHANGES-1.10 * All Ubuntu specific changes from 1.10.1-0ubuntu1 through 1.10.1-0ubuntu1.2 remain included. * Additional changes: * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch. -- Thomas Ward <email address hidden> Sat, 11 Feb 2017 16:18:21 -0500
Available diffs
| Superseded in xenial-updates on 2017-07-13 |
| Deleted in xenial-proposed on 2017-07-15 (Reason: moved to -updates) |
nginx (1.10.3-0ubuntu0.16.04.1) xenial; urgency=medium * Stable Release Update (LP: #1663937) * New upstream release (1.10.3) - full changelog available at upstream website - http://nginx.org/en/CHANGES-1.10 * All Ubuntu specific changes from 1.10.0-0ubuntu1 through 1.10.0-0ubuntu0.16.04.4 remain included. * Additional changes: * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch. * debian/patches/cve-2016-4450.patch: Drop CVE patch as it is already included in the upstream source code in this upload. -- Thomas Ward <email address hidden> Sat, 11 Feb 2017 16:18:21 -0500
Available diffs
| Deleted in zesty-proposed on 2017-02-19 (Reason: NBS) |
nginx (1.10.3-0ubuntu1) zesty; urgency=medium
* New upstream release (1.10.3) - full changelog available at upstream
website - http://nginx.org/en/CHANGES-1.10 - upstream release date
was 31 Jan 2016
* All other changes from previous versions remain included.
* debian/patches/ubuntu-branding.patch:
- Refreshed Ubuntu Branding patch.
-- Thomas Ward <email address hidden> Sat, 11 Feb 2017 15:56:57 -0500
Available diffs
- diff from 1.11.8-1+zesty1 to 1.10.3-0ubuntu1 (653.5 KiB)
| Deleted in zesty-proposed on 2016-12-30 (Reason: Bad upload) |
nginx (1.11.8-1+zesty1) zesty; urgency=medium * Try and fix PIE/PIC build errors. -- Thomas Ward <email address hidden> Thu, 29 Dec 2016 13:38:38 -0500
Available diffs
- diff from 1.10.2-0ubuntu1 to 1.11.8-1+zesty1 (654.7 KiB)
| Superseded in zesty-release on 2017-02-28 |
| Deleted in zesty-proposed on 2017-03-01 (Reason: moved to release) |
nginx (1.10.2-0ubuntu1) zesty; urgency=medium
* New upstream release (1.10.2) - full changelog available at upstream
website - http://nginx.org/en/CHANGES-1.10 - upstream release date
was 18 Oct 2016
* All other changes from 1.10.1-0ubuntu1 through 1.10.1-0ubuntu5 remain
included
* debian/patches/ubuntu-branding.patch:
- Refreshed Ubuntu Branding patch.
-- Thomas Ward <email address hidden> Thu, 15 Dec 2016 11:23:43 -0500
Available diffs
nginx (1.4.6-1ubuntu3.7) trusty-security; urgency=medium * SECURITY REGRESSION: config upgrade failure (LP: #1637058) - debian/nginx-common.config: fix return code so script doesn't exit. -- Marc Deslauriers <email address hidden> Thu, 27 Oct 2016 10:42:53 -0400
Available diffs
nginx (1.10.0-0ubuntu0.16.04.4) xenial-security; urgency=medium * SECURITY REGRESSION: config upgrade failure (LP: #1637058) - debian/nginx-common.config: fix return code so script doesn't exit. -- Marc Deslauriers <email address hidden> Thu, 27 Oct 2016 10:42:14 -0400
Available diffs
| Superseded in zesty-release on 2016-12-16 |
| Deleted in zesty-proposed on 2016-12-17 (Reason: moved to release) |
nginx (1.10.1-0ubuntu5) zesty; urgency=medium
* debian/nginx-common.config:
- Fix the return code so the script does not exit during version
string comparisons.
- Also update the version string to compare with (for zesty only)
-- Thomas Ward <email address hidden> Thu, 27 Oct 2016 10:48:45 -0400
Available diffs
- diff from 1.10.1-0ubuntu1 to 1.10.1-0ubuntu5 (3.2 KiB)
- diff from 1.10.1-0ubuntu4 to 1.10.1-0ubuntu5 (574 bytes)
nginx (1.10.1-0ubuntu1.2) yakkety-security; urgency=medium * SECURITY REGRESSION: postinst upgrade failure (LP: #1637058) - debian/nginx-common.postinst: fix return code so script doesn't exit. -- Marc Deslauriers <email address hidden> Thu, 27 Oct 2016 10:14:26 -0400
Available diffs
| Superseded in zesty-proposed on 2016-10-27 |
nginx (1.10.1-0ubuntu4) zesty; urgency=medium
* debian/nginx-common.config:
- Fix an issue with the incorrect version numbers being compared
during configuration; this was something I missed when reviewing
the package for uploading previously. (LP: #1637058)
-- Thomas Ward <email address hidden> Thu, 27 Oct 2016 08:45:40 -0400
Available diffs
- diff from 1.10.1-0ubuntu3 to 1.10.1-0ubuntu4 (630 bytes)
| Superseded in zesty-proposed on 2016-10-27 |
nginx (1.10.1-0ubuntu3) zesty; urgency=medium
[ Christos Trochalakis ]
* debian/nginx-common.postinst:
+ Secure log file handling (owner & permissions) against privilege
escalation attacks. /var/log/nginx is now owned by root:adm.
Thanks Dawid Golunski (http://legalhackers.com) for the report.
Changing /var/log/nginx permissions effectively reopens #701112,
since log files can be world-readable. This is a trade-off until
a better log opening solution is implemented upstream (trac:376).
* debian/control:
Don't allow building against liblua5.1-0-dev on architectures
that libluajit is available.
-- Thomas Ward <email address hidden> Tue, 25 Oct 2016 17:03:54 -0400
Available diffs
| Superseded in zesty-proposed on 2016-10-26 |
nginx (1.10.1-0ubuntu2) zesty; urgency=medium * No-change rebuild for perl 5.24 transition -- Iain Lane <email address hidden> Mon, 24 Oct 2016 10:36:19 +0100
Available diffs
- diff from 1.10.1-0ubuntu1 to 1.10.1-0ubuntu2 (344 bytes)
nginx (1.4.6-1ubuntu3.6) trusty-security; urgency=medium
[ Christos Trochalakis ]
* debian/nginx-common.postinst:
+ Secure log file handling (owner & permissions) against privilege
escalation attacks. /var/log/nginx is now owned by root:adm.
Thanks Dawid Golunski (http://legalhackers.com) for the report.
Changing /var/log/nginx permissions effectively reopens #701112,
since log files can be world-readable. This is a trade-off until
a better log opening solution is implemented upstream (trac:376).
-- Marc Deslauriers <email address hidden> Tue, 18 Oct 2016 11:12:58 +0200
Available diffs
nginx (1.10.1-0ubuntu1.1) yakkety-security; urgency=medium
[ Christos Trochalakis ]
* debian/nginx-common.postinst:
+ Secure log file handling (owner & permissions) against privilege
escalation attacks. /var/log/nginx is now owned by root:adm.
Thanks Dawid Golunski (http://legalhackers.com) for the report.
Changing /var/log/nginx permissions effectively reopens #701112,
since log files can be world-readable. This is a trade-off until
a better log opening solution is implemented upstream (trac:376).
* debian/control:
Don't allow building against liblua5.1-0-dev on architectures
that libluajit is available.
-- Marc Deslauriers <email address hidden> Tue, 18 Oct 2016 11:18:47 +0200
Available diffs
nginx (1.10.0-0ubuntu0.16.04.3) xenial-security; urgency=medium
[ Christos Trochalakis ]
* debian/nginx-common.postinst:
+ Secure log file handling (owner & permissions) against privilege
escalation attacks. /var/log/nginx is now owned by root:adm.
Thanks Dawid Golunski (http://legalhackers.com) for the report.
Changing /var/log/nginx permissions effectively reopens #701112,
since log files can be world-readable. This is a trade-off until
a better log opening solution is implemented upstream (trac:376).
* debian/control:
Don't allow building against liblua5.1-0-dev on architectures
that libluajit is available.
-- Marc Deslauriers <email address hidden> Tue, 18 Oct 2016 11:02:16 +0200
Available diffs
nginx (1.4.6-1ubuntu3.5) trusty-security; urgency=medium
* SECURITY UPDATE: Null pointer dereference while writing client request
body (LP: #1587577)
- debian/patches/cve-2016-4450.patch: Upstream patch to address issue.
- CVE-2016-4450
-- Thomas Ward <email address hidden> Tue, 31 May 2016 20:23:03 -0400
Available diffs
- diff from 1.4.6-1ubuntu3.4 to 1.4.6-1ubuntu3.5 (921 bytes)
nginx (1.10.0-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: Null pointer dereference while writing client request
body (LP: #1587577)
- debian/patches/cve-2016-4450.patch: Upstream patch to address issue.
- CVE-2016-4450
-- Thomas Ward <email address hidden> Tue, 31 May 2016 19:47:42 -0400
Available diffs
nginx (1.9.3-1ubuntu1.2) wily-security; urgency=medium
* SECURITY UPDATE: Null pointer dereference while writing client request
body (LP: #1587577)
- debian/patches/cve-2016-4450.patch: Upstream patch to address issue.
- CVE-2016-4450
-- Thomas Ward <email address hidden> Tue, 31 May 2016 20:14:23 -0400
Available diffs
- diff from 1.9.3-1ubuntu1.1 to 1.9.3-1ubuntu1.2 (918 bytes)
| Superseded in zesty-release on 2016-11-01 |
| Obsolete in yakkety-release on 2018-01-23 |
| Deleted in yakkety-proposed on 2018-01-23 (Reason: moved to release) |
nginx (1.10.1-0ubuntu1) yakkety; urgency=medium
* New upstream release (1.10.1) - full changelog available at upstream
website - http://nginx.org/en/CHANGES-1.10.
* Update done to address the following security issues:
- [CVE-2016-4450] NULL pointer dereference while writing client
request body. (LP: #1587577)
* Additional changes:
* debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.
-- Thomas Ward <email address hidden> Tue, 31 May 2016 19:09:33 -0400
Available diffs
| Superseded in xenial-updates on 2016-06-02 |
| Deleted in xenial-proposed on 2016-06-03 (Reason: moved to -updates) |
nginx (1.10.0-0ubuntu0.16.04.1) xenial-proposed; urgency=medium * Stable Release Update (LP: #1575212) * New upstream release (1.10.0) - full changelog available at upstream website - http://nginx.org/en/CHANGES-1.10 * All Ubuntu specific changes from 1.9.15-0ubuntu1 remain included. * Additional changes: * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch. -- Thomas Ward <email address hidden> Tue, 26 Apr 2016 10:21:29 -0400
Available diffs
| Superseded in yakkety-release on 2016-06-01 |
| Deleted in yakkety-proposed on 2016-06-02 (Reason: moved to release) |
nginx (1.10.0-0ubuntu1) yakkety; urgency=medium
* New upstream release (1.10.0) - full changelog available at upstream
website - http://nginx.org/en/CHANGES-1.10 (LP: #1575217)
* All Ubuntu specific changes from 1.9.15-0ubuntu1 remain included.
* Additional changes:
* debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.
-- Thomas Ward <email address hidden> Tue, 26 Apr 2016 10:24:23 -0400
Available diffs
| Superseded in yakkety-release on 2016-04-27 |
| Published in xenial-release on 2016-04-20 |
| Deleted in xenial-proposed (Reason: moved to release) |
nginx (1.9.15-0ubuntu1) xenial-proposed; urgency=medium
* New upstream release (1.9.15) - full changelog available at upstream
website - http://nginx.org/en/CHANGES (LP: #1572223)
* All Ubuntu specific changes from 1.1.14-0ubuntu1, except noted below,
remain included in this upload.
* Remaining changes:
* debian/control: Re-add libluajit-5.1-dev build-dependency, as it will
only affect nginx-extras which is in Universe. This reduces the merge
delta between Ubuntu and Debian slightly, as well. (LP: #1571444)
* debian/patches/ubuntu-branding.patch: Refresh Ubuntu Branding patch.
-- Thomas Ward <email address hidden> Mon, 18 Apr 2016 15:39:08 -0400
Available diffs
| Superseded in xenial-release on 2016-04-20 |
| Deleted in xenial-proposed on 2016-04-22 (Reason: moved to release) |
nginx (1.9.14-0ubuntu1) xenial-proposed; urgency=medium
* New upstream release (1.9.14) - full changelog available at upstream
website - htp://nginx.org/en/CHANGES (LP: #1566392)
* All Ubuntu specific changes from 1.9.13-0ubuntu1, except noted below,
remain included in this upload.
* Remaining changes:
* Enable HTTP/2 module for nginx-full, nginx-extras, and nginx-core
(LP: #1565043)
- debian/rules: Enable HTTP/2 module building in flavor rules
- debian/control: Add HTTP/2 module to package descriptions.
* debian/patches/ubuntu-branding.patch: Refresh Ubuntu Branding patch.
-- Thomas Ward <email address hidden> Fri, 01 Apr 2016 14:23:47 -0400
Available diffs
- diff from 1.9.13-0ubuntu1 to 1.9.14-0ubuntu1 (23.6 KiB)
| Superseded in xenial-release on 2016-04-06 |
| Deleted in xenial-proposed on 2016-04-08 (Reason: moved to release) |
nginx (1.9.13-0ubuntu1) xenial-proposed; urgency=medium
* New upstream release (1.9.13) - full changelog available at upstream
website - http://nginx.org/en/CHANGES (LP: #1563393)
* All Ubuntu specific changes from 1.9.12-0ubuntu1 remain included in
this upload.
* debian/patches/ubuntu-branding.patch: Refresh Ubuntu Branding patch.
-- Thomas Ward <email address hidden> Tue, 29 Mar 2016 18:47:36 -0400
Available diffs
- diff from 1.9.12-0ubuntu1 to 1.9.13-0ubuntu1 (35.0 KiB)
| Superseded in xenial-release on 2016-04-01 |
| Deleted in xenial-proposed on 2016-04-03 (Reason: moved to release) |
nginx (1.9.12-0ubuntu1) xenial; urgency=medium
* New upstream release (1.9.12) - full changelog available at upstream
website - http://nginx.org/en/CHANGES (LP: #1549347)
* All Ubuntu specific changes from 1.9.11-0ubuntu1 and -0ubuntu2 remain
included in this upload.
-- Thomas Ward <email address hidden> Wed, 24 Feb 2016 10:26:31 -0500
Available diffs
- diff from 1.9.11-0ubuntu2 to 1.9.12-0ubuntu1 (15.7 KiB)
| Superseded in xenial-release on 2016-03-15 |
| Deleted in xenial-proposed on 2016-03-17 (Reason: moved to release) |
nginx (1.9.11-0ubuntu2) xenial; urgency=medium
* This is a bug-fix only upload and does not include any new changes to
features.
* debian/conf/sites-available/default: Modify PHP 'default example' settings
to account for php5 being replaced with php7.0 in Xenial. Also adapt the
UNIX socket path for php7.0-fpm to be the one used by default in Xenial.
(LP: #1547642)
-- Thomas Ward <email address hidden> Fri, 19 Feb 2016 14:13:28 -0500
Available diffs
- diff from 1.9.11-0ubuntu1 to 1.9.11-0ubuntu2 (744 bytes)
| Superseded in xenial-release on 2016-02-21 |
| Deleted in xenial-proposed on 2016-02-23 (Reason: moved to release) |
nginx (1.9.11-0ubuntu1) xenial; urgency=low
* New upstream release (1.9.11) - see http://nginx.org/en/CHANGES for
full changelog.
* Ubuntu-specific changes from the 1.9.10 merge remain included here.
* Additional changes:
- debian/modules/nginx-lua: Apply upstream patch to fix FTBFS issue
-- Thomas Ward <email address hidden> Tue, 09 Feb 2016 10:33:14 -0500
Available diffs
- diff from 1.9.10-1ubuntu1 to 1.9.11-0ubuntu1 (29.0 KiB)
nginx (1.4.6-1ubuntu3.4) trusty-security; urgency=medium * SECURITY UPDATE: multiple resolver security issues (LP: #1538165) - debian/patches/CVE-2016-074x-1.patch: fix possible segmentation fault on DNS format error. - debian/patches/CVE-2016-074x-2.patch: fix crashes in timeout handler. - debian/patches/CVE-2016-074x-3.patch: fixed CNAME processing for several requests. - debian/patches/CVE-2016-074x-4.patch: change the ngx_resolver_create_*_query() arguments. - debian/patches/CVE-2016-074x-5.patch: fix use-after-free memory accesses with CNAME. - debian/patches/CVE-2016-074x-6.patch: limited CNAME recursion. - CVE-2016-0742 - CVE-2016-0743 - CVE-2016-0744 -- Marc Deslauriers <email address hidden> Wed, 03 Feb 2016 09:12:00 -0500
Available diffs
nginx (1.9.3-1ubuntu1.1) wily-security; urgency=medium * SECURITY UPDATE: multiple resolver security issues (LP: #1538165) - debian/patches/CVE-2016-074x-1.patch: fix possible segmentation fault on DNS format error. - debian/patches/CVE-2016-074x-2.patch: fix crashes in timeout handler. - debian/patches/CVE-2016-074x-3.patch: fixed CNAME processing for several requests. - debian/patches/CVE-2016-074x-4.patch: change the ngx_resolver_create_*_query() arguments. - debian/patches/CVE-2016-074x-5.patch: fix use-after-free memory accesses with CNAME. - debian/patches/CVE-2016-074x-6.patch: limited CNAME recursion. - CVE-2016-0742 - CVE-2016-0743 - CVE-2016-0744 -- Marc Deslauriers <email address hidden> Wed, 03 Feb 2016 08:38:22 -0500
Available diffs
| Superseded in xenial-release on 2016-02-18 |
| Deleted in xenial-proposed on 2016-02-19 (Reason: moved to release) |
nginx (1.9.10-1ubuntu1) xenial; urgency=low * Merge from Debian unstable. Remaining changes: (LP: #1538677) - debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed) - d/{control,rules,nginx-core.*}: add new binary package for main, nginx-core, which contains only source-tarball-included modules and no third-party modules. - debian/tests/control: add nginx-core test. - debian/control: - drop luajit from Build-Depends as it is in universe. - Remove HTTP/2 references in package descriptions, per Ubuntu Security Team mandate to disable HTTP/2 support. - debian/rules: - Disable HTTP/2 module support in all flavors, per Ubuntu Security Team mandate. - debian/apport/source_nginx.py: Add apport hooks for additional bug information gathering. - debian/nginx-common.install: Add install rule for apport hooks. * Additional bugs fixed by this merge: - nginx-common should not depend on python (LP: #1480513) -- Thomas Ward <email address hidden> Tue, 27 Jan 2016 12:52:00 -0500
Available diffs
- diff from 1.9.10-0ubuntu1 to 1.9.10-1ubuntu1 (1008 bytes)
| Superseded in xenial-release on 2016-01-27 |
| Deleted in xenial-proposed on 2016-01-29 (Reason: moved to release) |
nginx (1.9.10-0ubuntu1) xenial; urgency=medium
* New upstream release.
* debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch
* Security content of this upload addresses the following vulnerabilities
and CVE-numbered Security issues: (LP: #1538165)
- Invalid pointer dereference might occur during DNS server response
processing, allowing an attacker who is able to forge UDP
packets from the DNS server to cause worker process crash
(CVE-2016-0742).
- Use-after-free condition might occur during CNAME response
processing. This problem allows an attacker who is able to trigger
name resolution to cause worker process crash, or might
have potential other impact (CVE-2016-0746).
- CNAME resolution was insufficiently limited, allowing an attacker who
is able to trigger arbitrary name resolution to cause excessive resource
consumption in worker processes (CVE-2016-0747).
-- Thomas Ward <email address hidden> Tue, 26 Jan 2016 14:53:01 -0500
Available diffs
| Superseded in xenial-release on 2016-01-26 |
| Deleted in xenial-proposed on 2016-01-28 (Reason: moved to release) |
nginx (1.9.9-1ubuntu1) xenial; urgency=low * Merge from Debian unstable. Remaining changes: (LP: #1534208) - debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed) - d/{control,rules,nginx-core.*}: add new binary package for main, nginx-core, which contains only source-tarball-included modules and no third-party modules. - debian/tests/control: add nginx-core test. - debian/control: - drop luajit from Build-Depends as it is in universe. - Update nginx-core description to match nginx-full description of the standard and optional HTTP modules that are enabled. - Remove HTTP/2 references in package descriptions, per Ubuntu Security Team mandate to disable HTTP/2 support. - debian/rules: - Update nginx-core configure flags to match nginx-full config flags, due to refreshing the nginx-core 'enabled modules' to match the nginx-full modules (minus third-party modules) - Disable HTTP/2 module support in all flavors, per Ubuntu Security Team mandate. - debian/apport/source_nginx.py: Add apport hooks for additional bug information gathering. - debian/nginx-common.install: Add install rule for apport hooks. * debian/control: Remove HTTP/2 reference in nginx-extras description, which was missed previously due to accidental oversight. (LP: #1534368) -- Thomas Ward <email address hidden> Thu, 14 Jan 2016 18:42:00 -0500
Available diffs
- diff from 1.9.9-0ubuntu1 to 1.9.9-1ubuntu1 (65.1 KiB)
| Superseded in xenial-release on 2016-01-15 |
| Deleted in xenial-proposed on 2016-01-17 (Reason: moved to release) |
nginx (1.9.9-0ubuntu1) xenial; urgency=medium * New upstream release. * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch -- Thomas Ward <email address hidden> Sun, 03 Jan 2016 12:49:21 -0500
Available diffs
- diff from 1.9.6-2ubuntu2 to 1.9.9-0ubuntu1 (13.1 KiB)
| Superseded in xenial-release on 2016-01-07 |
| Deleted in xenial-proposed on 2016-01-08 (Reason: moved to release) |
nginx (1.9.6-2ubuntu2) xenial; urgency=medium * Rebuild for Perl 5.22.1. -- Colin Watson <email address hidden> Fri, 18 Dec 2015 12:53:05 +0000
Available diffs
- diff from 1.9.6-2ubuntu1 to 1.9.6-2ubuntu2 (324 bytes)
| Superseded in xenial-release on 2016-01-06 |
| Deleted in xenial-proposed on 2016-01-08 (Reason: moved to release) |
nginx (1.9.6-2ubuntu1) xenial; urgency=medium * Merge from Debian unstable. Remaining changes: (LP: #1510096) - debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed) - d/{control,rules,nginx-core.*}: add new binary package for main, nginx-core, which contains only source-tarball-included modules and no third-party modules. - debian/tests/control: add nginx-core test. - debian/control: drop luajit from Build-Depends as it is in universe. - debian/apport/source_nginx.py: Add apport hooks for additional bug information gathering. - debian/nginx-common.install: Add install rule for apport hooks. * Additional changes: * debian/rules: - Update nginx-core configure flags to match nginx-full config flags, due to refreshing the nginx-core 'enabled modules' to match the nginx-full modules (minus third-party modules) - Disable HTTP/2 module support in all flavors, per Ubuntu Security Team mandate. * debian/control: - Update nginx-core description to match nginx-full description of the standard and optional HTTP modules that are enabled. - Remove HTTP/2 references in package descriptions, per Ubuntu Security Team mandate to disable HTTP/2 support. -- Thomas Ward <email address hidden> Mon, 14 Dec 2015 10:34:42 -0500
Available diffs
- diff from 1.9.3-1ubuntu1 to 1.9.6-2ubuntu1 (128.9 KiB)
| Superseded in trusty-updates on 2016-02-09 |
| Deleted in trusty-proposed on 2016-02-11 (Reason: moved to -updates) |
nginx (1.4.6-1ubuntu3.3) trusty-proposed; urgency=medium
* debian/nginx-common.nginx.init: Fix pidfile extraction, due to multiple
failure cases, using Debian's solution. (LP: #1314740)
-- Thomas Ward <email address hidden> Wed, 29 Jul 2015 19:43:04 -0400
Available diffs
- diff from 1.4.6-1ubuntu3.2 to 1.4.6-1ubuntu3.3 (655 bytes)
| Superseded in xenial-release on 2015-12-16 |
| Obsolete in wily-release on 2018-01-22 |
| Deleted in wily-proposed on 2018-01-22 (Reason: moved to release) |
nginx (1.9.3-1ubuntu1) wily; urgency=medium * Merge from Debian. Remaining changes: (LP: #1476811) - debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed) - d/{control,rules,nginx-core.*}: add new binary package for main, nginx-core, which contains only source-tarball-included modules and no third-party modules. - debian/tests/control: add nginx-core test. - debian/control: drop luajit from Build-Depends as it is in universe. - debian/apport/source_nginx.py: Add apport hooks for additional bug information gathering. - debian/nginx-common.install: Add install rule for apport hooks.
Available diffs
- diff from 1.6.2-5ubuntu4 to 1.9.3-1ubuntu1 (323.7 KiB)
| Obsolete in vivid-updates on 2018-01-18 |
| Deleted in vivid-proposed on 2018-01-19 (Reason: moved to -updates) |
nginx (1.6.2-5ubuntu3.1) vivid; urgency=medium
* debian/apport/source_nginx.py:
- Add apport hooks for additional bug information gathering, as a result
of non-useful reports due to postinstall script failure bugs. This is
necessary in order to be able to actually debug what is going on in the
bug reports, thanks to systemd not putting startup errors to stdout or
stderr anymore, like Upstart and others did. (LP: #1472683)
* debian/nginx-common.install:
- Add install rule for debian/apport/source_nginx.py, which is the new
apport hooks to gather additional 'Package' bugtype debug data.
-- Thomas Ward <email address hidden> Fri, 10 Jul 2015 11:14:00 -0400
Available diffs
| Superseded in wily-release on 2015-07-22 |
| Deleted in wily-proposed on 2015-07-23 (Reason: moved to release) |
nginx (1.6.2-5ubuntu4) wily; urgency=medium
* debian/apport/source_nginx.py:
- Add apport hooks for additional bug information gathering, as a result
of non-useful reports due to postinstall script failure bugs. This is
necessary in order to be able to actually debug what is going on in the
bug reports, thanks to systemd not putting startup errors to stdout or
stderr anymore, like Upstart and others did. (LP: #1472683)
* debian/nginx-common.install:
- Add install rule for debian/apport/source_nginx.py, which is the new
apport hooks to gather additional 'Package' bugtype debug data.
-- Thomas Ward <email address hidden> Fri, 10 Jul 2015 12:51:48 -0400
Available diffs
| Superseded in wily-release on 2015-07-10 |
| Obsolete in vivid-release on 2018-01-18 |
| Deleted in vivid-proposed on 2018-01-19 (Reason: moved to release) |
nginx (1.6.2-5ubuntu3) vivid-proposed; urgency=medium
* debian/rules:
* Reversed Debian change in 1.6.2-5ubuntu2.
* Added DEB_BUILD_MAINT_OPTIONS=hardening=+all to enable all
dpkg-buildflags to harden the code, except for PIE flags.
* Manually define DEB_BUILD_MAINT_OPTIONS in DEBIAN_NGINX_PERL_LDFLAGS
to not have -fPIE conflicts in Perl flags.
-- Thomas Ward <email address hidden> Wed, 01 Apr 2015 14:57:34 -0400
Available diffs
- diff from 1.6.2-5ubuntu1 to 1.6.2-5ubuntu3 (828 bytes)
- diff from 1.6.2-5ubuntu2 to 1.6.2-5ubuntu3 (826 bytes)
| Superseded in vivid-proposed on 2015-04-02 |
nginx (1.6.2-5ubuntu2) vivid-proposed; urgency=medium
* debian/rules:
* Added -fPIE -pie to build rules (enables position-independent builds)
using Debian's committed change to enable. (LP: #1315426)
-- Thomas Ward <email address hidden> Wed, 01 Apr 2015 14:26:32 -0400
Available diffs
- diff from 1.6.2-5ubuntu1 to 1.6.2-5ubuntu2 (569 bytes)
| Superseded in trusty-updates on 2015-08-06 |
| Deleted in trusty-proposed on 2015-08-08 (Reason: moved to -updates) |
nginx (1.4.6-1ubuntu3.2) trusty-proposed; urgency=medium * d/modules/nginx-http-push: Apply upstream bugfix. (LP: #1216817) * src/ngx_http_push_module_setup.c: Modify push module code with upstream changes to fix an issue with initialization when using `fastcgi_cache` or `proxy_cache`. * tests/nginx-cachemanager.conf: (new file) Include upstream change of adding an nginx-cachemanager.conf file to the tests. -- Thomas Ward <email address hidden> Mon, 09 Feb 2015 12:08:50 -0500
Available diffs
nginx (1.1.19-1ubuntu0.8) precise-proposed; urgency=medium * d/modules/nginx-http-push: Apply upstream bugfix. (LP: #1216817) * src/ngx_http_push_module_setup.c: Modify push module code with upstream changes to fix an issue with initialization when using `fastcgi_cache` or `proxy_cache`. * tests/nginx-cachemanager.conf: (new file) Include upstream change of adding an nginx-cachemanager.conf file to the tests. -- Thomas Ward <email address hidden> Mon, 09 Feb 2015 12:02:52 -0500
Available diffs
nginx (1.1.19-1ubuntu0.7) precise-security; urgency=medium * SECURITY UPDATE: incorrect cached SSL session reuse (LP: #1370478) - debian/patches/CVE-2014-3616.patch: Use a random value for session id context, since there is no support for shared TLS Session Tickets in this version in src/event/ngx_event_openssl.c. - CVE-2014-3616 -- Lev Lazinskiy <email address hidden> Fri, 05 Dec 2014 22:25:50 -0500
Available diffs
| Superseded in vivid-release on 2015-04-02 |
| Deleted in vivid-proposed on 2015-04-04 (Reason: moved to release) |
nginx (1.6.2-5ubuntu1) vivid; urgency=medium * Merge from Debian. Remaining changes: (LP: #1399967) - debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed) - debian/rules: Drop from -O3 to -O2 to work around a build failure. - d/{control,rules,nginx-core.*}: add new binary package for main, nginx-core, which contains only source-tarball-included modules and no third-party modules. - debian/tests/control: add nginx-core test. - debian/control: drop luajit from Build-Depends as it is in universe. -- Thomas Ward <email address hidden> Sat, 06 Dec 2014 13:06:55 -0500
Available diffs
| Superseded in vivid-release on 2014-12-30 |
| Deleted in vivid-proposed on 2014-12-31 (Reason: moved to release) |
nginx (1.6.2-4ubuntu1) vivid; urgency=medium * Merge from Debian. Remaining changes: (LP: #1388621) - debian/patches/ubuntu-branding.patch: add Ubuntu branding (refreshed). - debian/rules: Drop from -O3 to -O2 to work around a build failure. - d/{control,rules,nginx-core.*}: add new binary package for main, nginx-core, which contains only source-tarball-included modules and no third-party modules. - debian/tests/control: add nginx-core test. - debian/control: drop luajit from Build-Depends as it is in universe. * debian/control: * Remove nginx-naxsi* from nginx-core and related package stanzas, as the naxsi packages have all been dropped. * Remove reference to nginx-naxsi from nginx metapackage description * debian/index.html: Modify included index.html file to have Ubuntu branding, Ubuntu bug reporting tool references, and a link to the Launchpad bugs page for the nginx package.
Available diffs
- diff from 1.6.2-1ubuntu1.1 to 1.6.2-4ubuntu1 (466.5 KiB)
| Superseded in vivid-release on 2014-11-25 |
| Obsolete in utopic-release on 2016-11-03 |
| Deleted in utopic-proposed on 2016-11-03 (Reason: moved to release) |
nginx (1.6.2-1ubuntu1.1) utopic; urgency=medium
* debian/conf/sites-available/default: Remove SSLv3 from the ssl_protocols
line in the default config example, due to POODLE vulnerability.
-- Thomas Ward <email address hidden> Wed, 22 Oct 2014 09:43:35 -0400
Available diffs
- diff from 1.6.2-1ubuntu1 to 1.6.2-1ubuntu1.1 (553 bytes)
| Superseded in utopic-release on 2014-10-22 |
| Deleted in utopic-proposed on 2014-10-23 (Reason: moved to release) |
nginx (1.6.2-1ubuntu1) utopic; urgency=medium
* Merge from Debian. Remaining changes:
- debian/patches/ubuntu-branding.patch: add Ubuntu branding
(refreshed).
- debian/rules: Drop from -O3 to -O2 to work around a build failure.
- d/{control,rules,nginx-core.*}: add new binary package for main,
nginx-core, which contains only source-tarball-included modules
and no third-party modules.
* debian/tests/control: add nginx-core test.
* debian/control: drop luajit from Build-Depends as it is in universe.
Available diffs
- diff from 1.6.1-1ubuntu2 to 1.6.2-1ubuntu1 (390.3 KiB)
nginx (1.4.6-1ubuntu3.1) trusty-security; urgency=medium * SECURITY UPDATE: incorrect cached SSL session reuse (LP: #1370478) - debian/patches/CVE-2014-3616.patch: include hash of certificate in session id context in src/event/ngx_event_openssl.c. - CVE-2014-3616 -- Marc Deslauriers <email address hidden> Wed, 17 Sep 2014 08:56:46 -0400
Available diffs
| Superseded in utopic-release on 2014-09-23 |
| Deleted in utopic-proposed on 2014-09-24 (Reason: moved to release) |
nginx (1.6.1-1ubuntu2) utopic; urgency=medium * Rebuild for Perl 5.20.0. -- Colin Watson <email address hidden> Sun, 24 Aug 2014 06:43:36 -0700
Available diffs
- diff from 1.6.1-1ubuntu1 to 1.6.1-1ubuntu2 (309 bytes)
| Superseded in utopic-release on 2014-08-27 |
| Deleted in utopic-proposed on 2014-08-28 (Reason: moved to release) |
nginx (1.6.1-1ubuntu1) utopic; urgency=medium
* Merge from Debian. Remaining changes:
- debian/patches/ubuntu-branding.patch: add Ubuntu branding
(refreshed).
- debian/rules: Drop from -O3 to -O2 to work around a build failure.
- d/{control,rules,nginx-core.*}: add new binary package for main,
nginx-core, which contains only source-tarball-included modules
and no third-party modules.
* Add dep8 smoke test
Available diffs
- diff from 1.4.6-1ubuntu3 to 1.6.1-1ubuntu1 (237.6 KiB)
nginx (1.4.1-3ubuntu1.3) saucy-security; urgency=low * SECURITY UPDATE: SPDY Heap Buffer Overflow Vulnerabilty (LP: #1294280) - debian/patches/cve-2014-0133.patch: modify src/http/ngx_http_spdy.c to fix a heap buffer overflow vulnerability in the SPDY module by using a specially crafted request. - CVE-2014-0133 -- Thomas Ward <email address hidden> Tue, 18 Mar 2014 21:17:14 -0400
Available diffs
| Superseded in utopic-release on 2014-08-15 |
| Published in trusty-release on 2014-03-13 |
| Deleted in trusty-proposed (Reason: moved to release) |
nginx (1.4.6-1ubuntu3) trusty; urgency=medium
* Add new binary package for main, nginx-core, which contains only
source-tarball-included modules and no third-party modules.
* Changes to debian/ directory:
- control:
+ Add entry for nginx-core and nginx-core-dbg.
- rules:
+ Add nginx-core flavor to the build rules.
- nginx-core.*: Add new packaging files for nginx-core based on
the packaging files for nginx-full.
* The above changes satisfy the requirements for main (LP: #1262710)
-- Thomas Ward <email address hidden> Mon, 10 Mar 2014 18:23:36 -0400
Available diffs
| Superseded in trusty-release on 2014-03-13 |
| Superseded in trusty-release on 2014-03-13 |
| Deleted in trusty-proposed on 2014-03-14 (Reason: moved to release) |
nginx (1.4.6-1ubuntu2) trusty; urgency=medium * debian/rules: Drop from -O3 to -O2 to work around a build failure. -- Adam Conrad <email address hidden> Sun, 09 Mar 2014 11:49:28 -0600
Available diffs
- diff from 1.4.5-1ubuntu1 to 1.4.6-1ubuntu2 (6.5 KiB)
- diff from 1.4.6-1ubuntu1 to 1.4.6-1ubuntu2 (506 bytes)
| Superseded in trusty-proposed on 2014-03-09 |
nginx (1.4.6-1ubuntu1) trusty; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/patches/ubuntu-branding.patch: Add Ubuntu branding.
Available diffs
| Superseded in trusty-release on 2014-03-09 |
| Deleted in trusty-proposed on 2014-03-11 (Reason: moved to release) |
nginx (1.4.5-1ubuntu1) trusty; urgency=medium * Resynchronise with Debian (LP: #1280511). Remaining changes: - debian/patches/ubuntu-branding.patch: + Add Ubuntu branding to server_tokens.
Available diffs
- diff from 1.4.4-4ubuntu1 to 1.4.5-1ubuntu1 (248.5 KiB)
| Superseded in saucy-updates on 2014-03-20 |
| Deleted in saucy-proposed on 2014-03-22 (Reason: moved to -updates) |
nginx (1.4.1-3ubuntu1.2) saucy; urgency=low
* Apply upstream changes to fix a segmentation fault in the third-party
ngx_auth_pam module in nginx-full and nginx-extras. (LP: #1264674)
-- Thomas Ward <email address hidden> Sun, 09 Feb 2014 21:14:14 -0500
Available diffs
| 1 → 75 of 170 results | First • Previous • Next • Last |
