-
nginx (1.2.6-1ubuntu3.3) raring-security; urgency=low
* SECURITY UPDATE: ACL bypass via space character (LP: #1253691)
- debian/patches/cve-2013-4547.patch: modify src/http/ngx_http_parse.c
to account for a space character, fixing an issue which could result in
security restrictions being bypassed
- CVE-2013-4547
-- Thomas Ward <email address hidden> Thu, 21 Nov 2013 13:24:46 -0500
-
nginx (1.2.6-1ubuntu3.2) raring-security; urgency=low
* Security update (closes LP: #1182586):
* Patch to fix a buffer overflow vulnerability (CVE-2013-2070)
-- Thomas Ward <email address hidden> Fri, 24 May 2013 12:49:32 -0400
-
nginx (1.2.6-1ubuntu3.1) raring; urgency=low
* debian/patches/ubuntu-branding.patch: Move Ubuntu branding from
the numerical version string to the long version (LP: #1174158)
-- Adam Conrad <email address hidden> Thu, 09 May 2013 11:50:52 -0600
-
nginx (1.2.6-1ubuntu3) raring; urgency=low
* debian/patches/ubuntu-branding.patch: Add ubuntu branding
to server_tokens.
-- Chuck Short <email address hidden> Tue, 09 Apr 2013 10:23:26 -0500
-
nginx (1.2.6-1ubuntu2) raring; urgency=low
* debian/conf/sites-available/default:
* Modify default site configuration file to correct a typo
that prevented out-of-the-box usability (LP: #1162177)
-- Thomas Ward <email address hidden> Fri, 05 Apr 2013 20:22:38 +0100
-
nginx (1.2.6-1ubuntu1) raring; urgency=low
* debian/conf/sites-available/default:
* Modify default site default configuration file to bind to IPv6
only for IPv6 default listen statement (LP: #1132678)
-- Thomas Ward <email address hidden> Tue, 12 Mar 2013 00:23:02 +0000
-
nginx (1.2.6-1) unstable; urgency=low
[ Kartik Mistry ]
* New upstream release.
* debian/nginx-common.nginx.init:
+ Used log_*_msg instead of echo for better init messages.
+ Added patch to check start-stop-daemon exit status, Thanks to
Sergey B Kirpichev <email address hidden> (Closes: #695374).
* debian/po/ja.po:
+ Added new Japanese translation. Thanks to victory <email address hidden>
(Closes: #692481).
* debian/po/pt_BR.po:
+ Added new Brazilian Portuguese translation. Thanks to
Adriano Rafael Gomes <email address hidden> (Closes: #692481).
[ Cyril Lavier ]
* debian/rules
+ Added RealIP module in nginx-naxsi (Closes: #693302).
* debian/modules/nginx-cache-purge/
+ Updated nginx-cache-purge module with the 2.0 version.
* debian/modules/nginx-lua/
+ Updated nginx-lua module with the 0.7.8 version.
* debian/modules/nginx-echo/
+ Updated the nginx-echo module with the 0.41 version.
* debian/modules/headers-more-nginx-module/
+ Updated the Headers-more module with the 0.19 version.
* debian/modules/README.Modules-versions
+ Updated the current version of modules following the updates.
[ Michael Lustfield ]
* debian/conf/sites-available/default
+ Uncommented listen lines to make server block default.
-- Kartik Mistry <email address hidden> Tue, 18 Dec 2012 10:29:18 +0530
-
nginx (1.2.4-2) unstable; urgency=low
* debian/conf/nginx.conf:
+ Fixed pid path to /run/nginx.pid in config.
* debian/po/*.po, debian/nginx-naxsi-ui.templates, debian/po/templates.pot:
+ Fixed ^M characters in template file. Thanks to Christian Perrier
<email address hidden> for help (Closes: #692191, #692335)
-- Kartik Mistry <email address hidden> Mon, 05 Nov 2012 13:05:34 +0530
-
nginx (1.2.4-1) unstable; urgency=low
[ Michael Lustfield ]
* debian/nginx-common.nginx.init
+ Added --retry to start-stop-daemon. (Closes: #682360)
+ Added $named to Required-Start/Stop. (Closes: #679879)
+ Added some other modifications after testing. (LP: #1033856)
* debian/rules:
+ Added -DFORTIFY_SOURCE=2 -fstack-protector to build flags.
(Closes: #680712)
* debian/nginx-common.install:
+ Moved default docs to /usr/share/nginx/html. (Closes: #1031515)
* debian/rules:
+ Set prefix to /usr/share/nginx.
* debian/po/fr.po
+ Updated French translation file. (Closes: #679601)
* debian/logrotate:
+ Removed semicolon after an fi statement. (Closes: #683870)
* debian/copyright:
+ Removed trailing slash from File: fields.
* Changed /var/run to /run in multiple files. (LP: #1050516)
* debian/nginx-common.dirs:
+ Added /run to .dirs to avoid conflicts with backports. (LP: #1072641)
* debian/nginx-*.postinst:
+ Added sites-enabled/available directory checks. (Closes: #688410)
- Thanks Andreas Marschke <email address hidden>
+ Moved the symlink creation to nginx-common.
* Updated debconf templates.
* conf/sites-available/default:
+ Updated root to point at /usr/share/nginx/html instead of www.
[ Kartik Mistry ]
* Acknowledged NMUs (Closes: #681758, #681381)
* New upstream release (Closes: #683704)
* debian/po/*.po:
+ Removed ^M characters from headers.
+ Fixed all files with recent unneeded template change.
-- Kartik Mistry <email address hidden> Tue, 30 Oct 2012 10:10:34 +0530
-
nginx (1.2.1-2.2) unstable; urgency=low
* Non-maintainer upload.
* Fix "removes files that were installed by another package":
don't remove directories that are owned by (and removed from) nginx-common
from nginx-extras.postrm. This seems to have been the idea in commit e30a854
("Moved configuration purging to nginx-common.") except that it was added
in nginx-common.postrm without being removed in nginx-extras.postrm.
Remove nginx-extras.postrm since it's empty after this change.
(Closes: #681758)
-- gregor herrmann <email address hidden> Sat, 04 Aug 2012 18:13:10 +0200
