Last commit made on 2019-09-07
Get this branch:
git clone -b applied/debian/stretch https://git.launchpad.net/ubuntu/+source/nginx
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

877b480... by ctrochalakis on 2019-08-19

Import patches-applied version 1.10.3-1+deb9u3 to applied/debian/stretch

Imported using git-ubuntu import.

Changelog parent: 09dc57cc5079dc49c7f7dac61c436adaeb4be370
Unapplied parent: fea9f288fcc52e40bbd8068c2a09d166429d1ef4

New changelog entries:
  * Backport upstream fixes for 3 CVEs (Closes: #935037)
    Those fixes affect Nginx HTTP/2 implementation, which might cause
    excessive memory consumption and CPU usage.
    (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516).

fea9f28... by ctrochalakis on 2019-08-19

[PATCH 3/3] HTTP/2: limited number of PRIORITY frames.

Gbp-Pq: CVE-2019-9513.patch.

19a2735... by ctrochalakis on 2019-08-19

[PATCH 2/3] HTTP/2: limited number of DATA frames.

Gbp-Pq: CVE-2019-9511.patch.

0c08005... by ctrochalakis on 2019-08-19

[PATCH 1/3] HTTP/2: reject zero length headers with PROTOCOL_ERROR.

Gbp-Pq: CVE-2019-9516.patch.

8338ba1... by ctrochalakis on 2019-08-19

[PATCH 10/12] Mp4: fixed reading 64-bit atoms.

Gbp-Pq: CVE-2018-16845-Mp4-fixed-reading-64-bit-atoms.patch.

6dc675e... by ctrochalakis on 2019-08-19

[PATCH 12/12] HTTP/2: limit the number of idle state switches.

Gbp-Pq: CVE-2018-16844-1-HTTP-2-limit-the-number-of-idle-state-switches.patch.

fcbae5a... by ctrochalakis on 2019-08-19

[PATCH 20/21] HTTP/2: limited maximum number of requests in

Gbp-Pq: CVE-2018-16844-0-HTTP-2-limited-maximum-number-of-requests-in-connect.patch.

3e55dac... by ctrochalakis on 2019-08-19

[PATCH] Adapt HTTP/2 flood detection to nginx 1.10.3

Gbp-Pq: CVE-2018-16843-1-Adapt-HTTP-2-flood-detection-to-nginx-1.10.3.patch.

19239c9... by ctrochalakis on 2019-08-19

[PATCH 11/12] HTTP/2: flood detection.

Gbp-Pq: CVE-2018-16843-0-HTTP-2-flood-detection.patch.

8f7569d... by ctrochalakis on 2019-08-19

[PATCH] Range filter: protect from total size overflows.

Gbp-Pq: CVE-2017-7529-Range-filter.patch.