[SRU] nginx segfault when adding add_header in configuration
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
nginx (Debian) |
Fix Released
|
Unknown
|
|||
nginx (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Saucy |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[Impact]
There is a segmentation fault bug in the nginx-auth-pam module that exists for nginx-extras. It usually happens when you are adding a header via the nginx configuration option `add_header`, however this is actually a bug in the nginx-auth-pam module.
[Test Case]
Use `add_header Via "1.1 keys.example.org:80 (nginx)";` or similar Via header with a proxy_pass while using nginx-extras. This typically will end up with a segmentation fault.
Using the attached debdiff, which applies an upstream fix for this, you will not encounter a segmentation fault.
(A more detailed test case is unavailable, however there are example configurations and situations where this can trigger on the Debian bug)
[Regression Potential]
According to the upstream commit:
"ngx_module_t commands array should end with a ngx_null_command."
There should be no regression risk for this as the module is supposed to end with the command, but previously did not.
[Other Info]
This was test-built inside Saucy sbuild chroots for i386 and amd64 without incident by myself.
[Original Description]
Please see bug http://
Related branches
Changed in nginx (Debian): | |
status: | Unknown → Fix Released |
Changed in nginx (Ubuntu Saucy): | |
status: | New → Confirmed |
Changed in nginx (Ubuntu Saucy): | |
status: | Confirmed → In Progress |
assignee: | nobody → Thomas Ward (teward) |
description: | updated |
summary: |
- nginx segfault when adding add_header in configuration + [SRU] nginx segfault when adding add_header in configuration |
Status changed to 'Confirmed' because the bug affects multiple users.