ubuntu/+source/nginx:applied/ubuntu/disco-devel

Last commit made on 2020-01-13
Get this branch:
git clone -b applied/ubuntu/disco-devel https://git.launchpad.net/ubuntu/+source/nginx
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/disco-devel
Repository:
lp:ubuntu/+source/nginx

Recent commits

31d8fea... by Marc Deslauriers on 2020-01-10

Import patches-applied version 1.15.9-0ubuntu1.2 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 3a852aceaf3b430cf70c17001399755d8df52703
Unapplied parent: 663619f42f3bd1c03b05502f67362182879dd1dc

New changelog entries:
  * SECURITY UPDATE: request smuggling via error_page
    - debian/patches/CVE-2019-20372.patch: discard request body when
      redirecting to a URL via error_page in
      src/http/ngx_http_special_response.c.
    - CVE-2019-20372

663619f... by Marc Deslauriers on 2020-01-10

[PATCH] Discard request body when redirecting to a URL via

Gbp-Pq: CVE-2019-20372.patch.

16ceded... by Marc Deslauriers on 2020-01-10

[PATCH] HTTP/2: reject zero length headers with PROTOCOL_ERROR.

Gbp-Pq: CVE-2019-9516.patch.

e0939d7... by Marc Deslauriers on 2020-01-10

[PATCH] HTTP/2: limited number of PRIORITY frames.

Gbp-Pq: CVE-2019-9513.patch.

d12c010... by Marc Deslauriers on 2020-01-10

[PATCH] HTTP/2: limited number of DATA frames.

Gbp-Pq: CVE-2019-9511.patch.

26d8150... by Marc Deslauriers on 2020-01-10

Add Ubuntu token to NGINX_VER

Gbp-Pq: ubuntu-branding.patch.

bd81efe... by Marc Deslauriers on 2020-01-10

Use _GNU_SOURCE on GNU/kFreeBSD

Gbp-Pq: 0003-define_gnu_source-on-other-glibc-based-platforms.patch.

0f3fc48... by Marc Deslauriers on 2020-01-10

Make sure signature stays the same in all nginx builds

Gbp-Pq: 0002-Make-sure-signature-stays-the-same-in-all-nginx-buil.patch.

66add36... by Marc Deslauriers on 2020-01-10

Import patches-unapplied version 1.15.9-0ubuntu1.2 to ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: a2a00253ec9a2fa346ddddfdcb5a7306b4f8e461

New changelog entries:
  * SECURITY UPDATE: request smuggling via error_page
    - debian/patches/CVE-2019-20372.patch: discard request body when
      redirecting to a URL via error_page in
      src/http/ngx_http_special_response.c.
    - CVE-2019-20372

3a852ac... by Marc Deslauriers on 2019-08-14

Import patches-applied version 1.15.9-0ubuntu1.1 to applied/ubuntu/disco-security

Imported using git-ubuntu import.

Changelog parent: 4e22a254c9af4d91544408b38f66123432a8b7f2
Unapplied parent: 1e2b5c35b964a4da9ab584566f60e2ec90d295dd

New changelog entries:
  * SECURITY UPDATE: HTTP/2 Data Dribble issue
    - debian/patches/CVE-2019-9511.patch: limited number of DATA frames in
      src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h,
      src/http/v2/ngx_http_v2_filter_module.c.
    - CVE-2019-9511
  * SECURITY UPDATE: HTTP/2 Resource Loop / Priority Shuffling issue
    - debian/patches/CVE-2019-9513.patch: limited number of PRIORITY frames
      in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
    - CVE-2019-9513
  * SECURITY UPDATE: HTTP/2 0-Length Headers Leak issue
    - debian/patches/CVE-2019-9516.patch: reject zero length headers with
      PROTOCOL_ERROR in src/http/v2/ngx_http_v2.c.
    - CVE-2019-9516