Ubuntu
nginx package

Merge ~michal-maloszewski99/ubuntu/+source/nginx:lp-1957320-jammy-nginx into ubuntu/+source/nginx:ubuntu/jammy-devel

  1. Git
  2. lp:~michal-maloszewski99/ubuntu/+source/nginx
  3. lp-1957320-jammy-nginx
  4. Merge into ubuntu/jammy-devel
Proposed by Michał Małoszewski
Status: Merged
Approved by: git-ubuntu bot
Approved revision: not available
Merged at revision: caca96eed6c8c79794561f5e8306ef384eadcded
Proposed branch: ~michal-maloszewski99/ubuntu/+source/nginx:lp-1957320-jammy-nginx
Merge into: ubuntu/+source/nginx:ubuntu/jammy-devel
Diff against target: 84 lines (+62/-0)
3 files modified
debian/changelog (+9/-0)
debian/patches/lp1957320-jammy-fixed-sigquit-issue-with-unix-sockets.patch (+52/-0)
debian/patches/series (+1/-0)
Reviewer Review Type Date Requested Status
git-ubuntu bot Approve
Athos Ribeiro (community) Approve
Canonical Server Reporter Pending
Review via email: mp+443827@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Michał Małoszewski (michal-maloszewski99) :
Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

SRU template attached to the bug report

Revision history for this message
Michał Małoszewski (michal-maloszewski99) wrote :

Results: (from http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-nginx-jammy-lp-1957320/?format=plain)
  nginx @ amd64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-nginx-jammy-lp-1957320/jammy/amd64/n/nginx/20230601_191148_50097@/log.gz
    01.06.23 19:11:48 ✅ Triggers: nginx/1.18.0-6ubuntu14.4~ppa1
  nginx @ arm64:
    http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-nginx-jammy-lp-1957320/jammy/arm64/n/nginx/20230601_014815_a55af@/log.gz
    01.06.23 01:48:15 ✅ Triggers: nginx/1.18.0-6ubuntu14.4~ppa1
  nginx @ armhf:
    http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-nginx-jammy-lp-1957320/jammy/armhf/n/nginx/20230531_131521_a55af@/log.gz
    31.05.23 13:15:21 ✅ Triggers: nginx/1.18.0-6ubuntu14.4~ppa1
  nginx @ ppc64el:
    http://autopkgtest.ubuntu.com/results/autopkgtest-jammy-michal-maloszewski99-ppa-nginx-jammy-lp-1957320/jammy/ppc64el/n/nginx/20230531_130650_4a492@/log.gz
    31.05.23 13:06:50 ✅ Triggers: nginx/1.18.0-6ubuntu14.4~ppa1

Revision history for this message
Athos Ribeiro (athos-ribeiro) wrote :

LGTM

review: Approve
Revision history for this message
Athos Ribeiro (athos-ribeiro) wrote :

Uploaded.

Uploading to ubuntu (via ftp to upload.ubuntu.com):
  Uploading nginx_1.18.0-6ubuntu14.4.dsc: done.
  Uploading nginx_1.18.0-6ubuntu14.4.debian.tar.xz: done.
  Uploading nginx_1.18.0-6ubuntu14.4_source.buildinfo: done.
  Uploading nginx_1.18.0-6ubuntu14.4_source.changes: done.
Successfully uploaded packages.

Revision history for this message
git-ubuntu bot (git-ubuntu-bot) wrote :

Approvers: athos-ribeiro, michal-maloszewski99
Uploaders: athos-ribeiro
MP auto-approved

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/debian/changelog b/debian/changelog
index bf9b733..03793c9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
1nginx (1.18.0-6ubuntu14.4) jammy; urgency=medium
2
3 * d/p/lp1957320-jammy-fixed-sigquit-issue-with-unix-sockets.patch:
4 Fix SIGQUIT by replacing the custom socket closing code in the
5 ngx_process_cycle.c file by calling another function.
6 (LP: #1957320)
7
8 -- Michal Maloszewski <michal.maloszewski@canonical.com> Tue, 30 May 2023 19:31:46 +0200
9
1nginx (1.18.0-6ubuntu14.3) jammy-security; urgency=medium10nginx (1.18.0-6ubuntu14.3) jammy-security; urgency=medium
211
3 * SECURITY UPDATE: memory corruption/disclosure issue12 * SECURITY UPDATE: memory corruption/disclosure issue
diff --git a/debian/patches/lp1957320-jammy-fixed-sigquit-issue-with-unix-sockets.patch b/debian/patches/lp1957320-jammy-fixed-sigquit-issue-with-unix-sockets.patch
4new file mode 10064413new file mode 100644
index 0000000..d2c830c
--- /dev/null
+++ b/debian/patches/lp1957320-jammy-fixed-sigquit-issue-with-unix-sockets.patch
@@ -0,0 +1,52 @@
1From 9c3ac44de268f0cf057bc5dd67929e74c9bbc3e3 Mon Sep 17 00:00:00 2001
2From: Ruslan Ermilov <ru@nginx.com>
3Date: Mon, 1 Jun 2020 22:31:23 +0300
4Subject: [PATCH] Fixed SIGQUIT not removing listening UNIX sockets (closes
5 #753).
6
7Listening UNIX sockets were not removed on graceful shutdown, preventing
8the next runs. The fix is to replace the custom socket closing code in
9ngx_master_process_cycle() by the ngx_close_listening_sockets() call.
10
11Origin: upstream, https://github.com/nginx/nginx/commit/9c3ac44de268f0cf057bc5dd67929e74c9bbc3e3
12Bug: https://trac.nginx.org/nginx/ticket/753
13Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1957320
14Last-Update: 2023-05-30
15---
16 src/os/unix/ngx_process_cycle.c | 14 ++------------
17 1 file changed, 2 insertions(+), 12 deletions(-)
18
19--- a/src/os/unix/ngx_process_cycle.c
20+++ b/src/os/unix/ngx_process_cycle.c
21@@ -77,12 +77,11 @@
22 u_char *p;
23 size_t size;
24 ngx_int_t i;
25- ngx_uint_t n, sigio;
26+ ngx_uint_t sigio;
27 sigset_t set;
28 struct itimerval itv;
29 ngx_uint_t live;
30 ngx_msec_t delay;
31- ngx_listening_t *ls;
32 ngx_core_conf_t *ccf;
33
34 sigemptyset(&set);
35@@ -204,16 +203,7 @@
36 if (ngx_quit) {
37 ngx_signal_worker_processes(cycle,
38 ngx_signal_value(NGX_SHUTDOWN_SIGNAL));
39-
40- ls = cycle->listening.elts;
41- for (n = 0; n < cycle->listening.nelts; n++) {
42- if (ngx_close_socket(ls[n].fd) == -1) {
43- ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_socket_errno,
44- ngx_close_socket_n " %V failed",
45- &ls[n].addr_text);
46- }
47- }
48- cycle->listening.nelts = 0;
49+ ngx_close_listening_sockets(cycle);
50
51 continue;
52 }
diff --git a/debian/patches/series b/debian/patches/series
index 702a7c7..cc4eaef 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -8,3 +8,4 @@ CVE-2021-23017-2.patch
8CVE-2021-3618.patch8CVE-2021-3618.patch
9ssl-op-ignore-unexpected-eof-option.patch9ssl-op-ignore-unexpected-eof-option.patch
10CVE-2022-41741_41742.patch10CVE-2022-41741_41742.patch
11lp1957320-jammy-fixed-sigquit-issue-with-unix-sockets.patch

Subscribers

People subscribed via source and target branches