ubuntu/+source/nginx:applied/ubuntu/xenial-security

Last commit made on 2017-07-13
Get this branch:
git clone -b applied/ubuntu/xenial-security https://git.launchpad.net/ubuntu/+source/nginx
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/xenial-security
Repository:
lp:ubuntu/+source/nginx

Recent commits

c519c8d... by Steve Beattie on 2017-07-12

Import patches-applied version 1.10.3-0ubuntu0.16.04.2 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: c5d8cbebe4ff1e97f8b098a011b46891d365501e
Unapplied parent: 10c4c85e2b7d40a50f88543d7fdf74885955a1f0

New changelog entries:
  * SECURITY UPDATE: integer overflow in range filter leading to
    information exposure
    - debian/patches/CVE-2017-7529.patch: add check to ensure size does
      not overflow
    - CVE-2017-7529

10c4c85... by Steve Beattie on 2017-07-12

Fix integer overflow in the range filter

Gbp-Pq: CVE-2017-7529.patch.

495716f... by Steve Beattie on 2017-07-12

Add Ubuntu token to NGINX_VER

Gbp-Pq: ubuntu-branding.patch.

f64c7a2... by Steve Beattie on 2017-07-12

Use linker flags from environment for perl (dpkg-buildflags).

Gbp-Pq: perl-use-dpkg-buildflags.patch.

51e1e5c... by Steve Beattie on 2017-07-12

Import patches-unapplied version 1.10.3-0ubuntu0.16.04.2 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: ce2df53a681e7f2a1dab83adca148c93b3b68abd

New changelog entries:
  * SECURITY UPDATE: integer overflow in range filter leading to
    information exposure
    - debian/patches/CVE-2017-7529.patch: add check to ensure size does
      not overflow
    - CVE-2017-7529

ce2df53... by Thomas Ward on 2017-02-11

Import patches-unapplied version 1.10.3-0ubuntu0.16.04.1 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: fc077fe7f833738f4f72f60a0b18a8559f7ebd97

New changelog entries:
  * Stable Release Update (LP: #1663937)
  * New upstream release (1.10.3) - full changelog available at upstream
    website - http://nginx.org/en/CHANGES-1.10
  * All Ubuntu specific changes from 1.10.0-0ubuntu1 through
    1.10.0-0ubuntu0.16.04.4 remain included.
  * Additional changes:
    * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.
    * debian/patches/cve-2016-4450.patch: Drop CVE patch as it is already
      included in the upstream source code in this upload.

fc077fe... by Marc Deslauriers on 2016-10-27

Import patches-unapplied version 1.10.0-0ubuntu0.16.04.4 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 7c2177d874e6f9c272c4913f41ebfc01e1e17ccd

New changelog entries:
  * SECURITY REGRESSION: config upgrade failure (LP: #1637058)
    - debian/nginx-common.config: fix return code so script doesn't exit.

7c2177d... by Marc Deslauriers on 2016-10-18

Import patches-unapplied version 1.10.0-0ubuntu0.16.04.3 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 5faa114834dc6caec7eac87f75dfeaf16a24f55c

New changelog entries:
  [ Christos Trochalakis ]
  * debian/nginx-common.postinst:
    + Secure log file handling (owner & permissions) against privilege
      escalation attacks. /var/log/nginx is now owned by root:adm.
      Thanks Dawid Golunski (http://legalhackers.com) for the report.
      Changing /var/log/nginx permissions effectively reopens #701112,
      since log files can be world-readable. This is a trade-off until
      a better log opening solution is implemented upstream (trac:376).
  * debian/control:
    Don't allow building against liblua5.1-0-dev on architectures
    that libluajit is available.

5faa114... by Thomas Ward on 2016-05-31

Import patches-unapplied version 1.10.0-0ubuntu0.16.04.2 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 544c77cb18551ed365e40d5b0aec63a3b5c89e12

New changelog entries:
  * SECURITY UPDATE: Null pointer dereference while writing client request
    body (LP: #1587577)
    - debian/patches/cve-2016-4450.patch: Upstream patch to address issue.
    - CVE-2016-4450

544c77c... by Thomas Ward on 2016-04-26

Import patches-unapplied version 1.10.0-0ubuntu0.16.04.1 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: b100a2e83b3b938552e58fbedca71db098fb1cf0

New changelog entries:
  * Stable Release Update (LP: #1575212)
  * New upstream release (1.10.0) - full changelog available at upstream
    website - http://nginx.org/en/CHANGES-1.10
  * All Ubuntu specific changes from 1.9.15-0ubuntu1 remain included.
  * Additional changes:
    * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.