lp:~levlaz/ubuntu/precise/nginx/fix-for-1370478

Created by Lev Lazinskiy on 2014-12-06 and last modified on 2014-12-06
Get this branch:
bzr branch lp:~levlaz/ubuntu/precise/nginx/fix-for-1370478
Only Lev Lazinskiy can upload to this branch. If you are Lev Lazinskiy please log in for upload directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Lev Lazinskiy
Status:
Development

Recent revisions

59. By Lev Lazinskiy on 2014-12-06

Added Correct Patch Headers

58. By Lev Lazinskiy on 2014-12-06

* SECURITY UPDATE: incorrect cached SSL session reuse (LP: #1370478)
  - debian/patches/CVE-2014-3616.patch: Use a random value for session id context,
  since there is no support for shared TLS Session Tickets in this version
  in src/event/ngx_event_openssl.c.
  - CVE-2014-3616

57. By Thomas Ward on 2014-01-31

Enable building of the http_stub_status_module in nginx-naxsi, which was
apparently not marked for compiling even though it's listed in the package
description. (LP: #1170586)

56. By Thomas Ward on 2013-10-10

[ Thomas Ward ]
* Move postinst symlinking of default nginx config to nginx-common only.
  (closes LP: #1206878)

[ Iain Lane ]
* Take additional change from Debian patch to check sites-enabled and
  sites-available are directories before symlinking .../default.

55. By Thomas Ward on 2013-08-06

Move configuration file removal for package purging to nginx-common only.
(closes LP: #1206878)

54. By Thomas Ward on 2012-10-19

* Applies upstream bug fixes
  * Segfault with try_files when first URI is shorter than request URI
    (LP: #1065555)

53. By Cyril Lavier on 2012-04-13

[Cyril Lavier]
* New upstream release.
  + Fixed a buffer overflow in the ngx_http_mp4_module. See: CVE-2012-2089
    for more details.
* debian/copyright:
  + Updated licenses.
* debian/nginx-extras.postinst, debian/nginx-full.postinst,
  debian/nginx-light.postinst, debian/nginx-naxsi.postinst:
  + Removing the debug markers. (Closes: #667894)
* debian/control, debian/rules, debian/copyright,
  debian/modules/nginx-dav-ext-module:
  + Added nginx-dav-ext-module in full and extras.
* debian/modules/naxsi:
  + Updated naxsi to the SVN snapshot (r280) to fix the licence issue with
    OpenSSL.

[Kartik Mistry]
* Misc cleanups in debian/control, debian/copyright.

52. By Cyril Lavier on 2012-03-18

[Cyril Lavier]
* debian/control:
  + Added build dependency to dpkg-dev (>= 1.15.7). (Closes: #664212)
* debian/patches/perl-use-dpkg-buildflags.patch:
  + Added patch to harden flags for perl module (Thanks to Simon Ruderich
    for the patch). (Closes: #664090)

[Kartik Mistry]
* Set urgency due to fix for security and RC bugs with 1.17.1-1 upload.

51. By Kartik Mistry on 2012-02-01

[Cyril Lavier]
* New upstream release.
* debian/rules:
  + Resolved the lintian errors "unstripped-binary-or-object" with a
    cleaner correction (Thanks to Steven Chamberlain for the patch).
  + Added a check on the parallel building to force NUMJOBS to 1 if
    the value 0 is given.
* debian/modules:
  + Updated nginx-lua module to version 0.4.1.

[Kartik Mistry]
* debian/rules, debian/control, debian/copyright,
  debian/modules/nginx-upload-module:
  + Added Upload module to nginx-extras, updated long description and
    copyright. (Closes: #654593)
* debian/modules/README.modules:
  + Added Homepage information for some modules.
* debian/rules:
  + Enable hardened build flags, Thanks to Moritz Muehlenhoff for patch.
    (Closes: #658186)

50. By Kartik Mistry on 2012-01-01

[Kartik Mistry]
* debian/control:
  + Set myself as Maintainer, Jose Parrella as Uploaders with approval from
    team.
* debian/copyright:
  + Fixed DEP5 URL.
  + Updated debian/* copyright.
* debian/modules:
  + Updated nginx-lua module to version 0.3.1rc43

[Cyril Lavier]
* New upstream release.
* debian/conf/sites-available/default:
  + Added a / in the alias directive. (Closes: #653160)
* debian/rules:
  + Added necessary lines for parallel building.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/vivid/nginx
This branch contains Public information 
Everyone can see this information.

Subscribers