-
nginx (1.18.0-6ubuntu11.1) impish-security; urgency=medium
* SECURITY UPDATE: ALPACA TLS issue
- debian/patches/CVE-2021-3618.patch: specify the number of
errors after which the connection is closed in
src/mail/ngx_mail.h, src/mail/ngx_mail_core_module.c and
src/mail/ngx_mail_handler.c.
- CVE-2021-3618
-- David Fernandez Gonzalez <email address hidden> Tue, 12 Apr 2022 11:09:13 +0200
-
nginx (1.18.0-6ubuntu11) impish; urgency=medium
* No-change rebuild to build packages with zstd compression.
-- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:21:36 +0200
-
nginx (1.18.0-6ubuntu10) impish; urgency=medium
* SECURITY UPDATE: DNS Resolver issues
- debian/patches/CVE-2021-23017-1.patch: fixed off-by-one write in
src/core/ngx_resolver.c.
- debian/patches/CVE-2021-23017-2.patch: fixed off-by-one read in
src/core/ngx_resolver.c.
- debian/patches/CVE-2021-23017.patch: removed, replaced with upstream
commits.
- CVE-2021-23017
-- Marc Deslauriers <email address hidden> Wed, 26 May 2021 06:59:42 -0400
-
nginx (1.18.0-6ubuntu9) impish; urgency=medium
* SECURITY UPDATE: DNS Resolver Off-by-One Heap Write
- debian/patches/CVE-2021-23017.patch: fix logic in
src/core/ngx_resolver.c.
- CVE-2021-23017
-- Marc Deslauriers <email address hidden> Tue, 25 May 2021 13:06:54 -0400
-
nginx (1.18.0-6ubuntu8) hirsute; urgency=medium
* d/modules/control: Remove Lua module from definitions
* d/tests/:
- control: Remove Lua test, remove dependencies on any test which
request libnginx-mod-http-lua as it's gone.
- lua: Remove the lua test entirely.
-- Thomas Ward <email address hidden> Wed, 10 Mar 2021 10:50:43 -0500