ubuntu/+source/nginx:applied/ubuntu/xenial-devel

Last commit made on 2019-08-15
Get this branch:
git clone -b applied/ubuntu/xenial-devel https://git.launchpad.net/ubuntu/+source/nginx
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-devel
Repository:
lp:ubuntu/+source/nginx

Recent commits

7ba032c... by Marc Deslauriers on 2019-08-14

Import patches-applied version 1.10.3-0ubuntu0.16.04.4 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 17f460a63e9bd32208d2b975f453a41ec02f061c
Unapplied parent: 99dbe94a16450e0c8cca12ea810e97f447b872b6

New changelog entries:
  * SECURITY UPDATE: HTTP/2 Data Dribble issue
    - debian/patches/CVE-2019-9511.patch: limited number of DATA frames in
      src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h,
      src/http/v2/ngx_http_v2_filter_module.c.
    - CVE-2019-9511
  * SECURITY UPDATE: HTTP/2 Resource Loop / Priority Shuffling issue
    - debian/patches/CVE-2019-9513.patch: limited number of PRIORITY frames
      in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
    - CVE-2019-9513
  * SECURITY UPDATE: HTTP/2 0-Length Headers Leak issue
    - debian/patches/CVE-2019-9516.patch: reject zero length headers with
      PROTOCOL_ERROR in src/http/v2/ngx_http_v2.c.
    - CVE-2019-9516

99dbe94... by Marc Deslauriers on 2019-08-14

[PATCH] HTTP/2: reject zero length headers with PROTOCOL_ERROR.

Gbp-Pq: CVE-2019-9516.patch.

197a331... by Marc Deslauriers on 2019-08-14

[PATCH] HTTP/2: limited number of PRIORITY frames.

Gbp-Pq: CVE-2019-9513.patch.

fb3f7cb... by Marc Deslauriers on 2019-08-14

[PATCH] HTTP/2: limited number of DATA frames.

Gbp-Pq: CVE-2019-9511.patch.

bb26887... by Marc Deslauriers on 2019-08-14

CVE-2018-16845.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2018-16845.patch.

ec91b41... by Marc Deslauriers on 2019-08-14

CVE-2018-16844.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2018-16844.patch.

15aea6e... by Marc Deslauriers on 2019-08-14

CVE-2018-16844-pre.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2018-16844-pre.patch.

83689d6... by Marc Deslauriers on 2019-08-14

CVE-2018-16843.patch

No DEP3 Subject or Description header found

Gbp-Pq: CVE-2018-16843.patch.

2fcbb54... by Marc Deslauriers on 2019-08-14

Fix integer overflow in the range filter

Gbp-Pq: CVE-2017-7529.patch.

a0a30df... by Marc Deslauriers on 2019-08-14

Add Ubuntu token to NGINX_VER

Gbp-Pq: ubuntu-branding.patch.