ubuntu/+source/nginx:applied/ubuntu/yakkety-security

Last commit made on 2017-07-13
Get this branch:
git clone -b applied/ubuntu/yakkety-security https://git.launchpad.net/ubuntu/+source/nginx
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/yakkety-security
Repository:
lp:ubuntu/+source/nginx

Recent commits

69c3842... by Steve Beattie on 2017-07-12

Import patches-applied version 1.10.1-0ubuntu1.3 to applied/ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: cfe2366397c1b6e86f7ea2bf1c10762f51345b73
Unapplied parent: 4fec8558ade85a48539a22b62a02a0efc4e40523

New changelog entries:
  * SECURITY UPDATE: integer overflow in range filter leading to
    information exposure
    - debian/patches/CVE-2017-7529.patch: add check to ensure size does
      not overflow
    - CVE-2017-7529

4fec855... by Steve Beattie on 2017-07-12

Fix integer overflow in the range filter

Gbp-Pq: CVE-2017-7529.patch.

be17870... by Steve Beattie on 2017-07-12

Add Ubuntu token to NGINX_VER

Gbp-Pq: ubuntu-branding.patch.

148a55e... by Steve Beattie on 2017-07-12

Use linker flags from environment for perl (dpkg-buildflags).

Gbp-Pq: perl-use-dpkg-buildflags.patch.

731cf7e... by Steve Beattie on 2017-07-12

Import patches-unapplied version 1.10.1-0ubuntu1.3 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 11566cbf092f8ece359dc1b5efc26700f391487c

New changelog entries:
  * SECURITY UPDATE: integer overflow in range filter leading to
    information exposure
    - debian/patches/CVE-2017-7529.patch: add check to ensure size does
      not overflow
    - CVE-2017-7529

11566cb... by Marc Deslauriers on 2016-10-27

Import patches-unapplied version 1.10.1-0ubuntu1.2 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 496c76442af0b99cf8a27f6c987dd7a9803079fb

New changelog entries:
  * SECURITY REGRESSION: postinst upgrade failure (LP: #1637058)
    - debian/nginx-common.postinst: fix return code so script doesn't exit.

496c764... by Marc Deslauriers on 2016-10-18

Import patches-unapplied version 1.10.1-0ubuntu1.1 to ubuntu/yakkety-security

Imported using git-ubuntu import.

Changelog parent: 2b7f042de0d73883a0fbf27e9c11368764da708c

New changelog entries:
  [ Christos Trochalakis ]
  * debian/nginx-common.postinst:
    + Secure log file handling (owner & permissions) against privilege
      escalation attacks. /var/log/nginx is now owned by root:adm.
      Thanks Dawid Golunski (http://legalhackers.com) for the report.
      Changing /var/log/nginx permissions effectively reopens #701112,
      since log files can be world-readable. This is a trade-off until
      a better log opening solution is implemented upstream (trac:376).
  * debian/control:
    Don't allow building against liblua5.1-0-dev on architectures
    that libluajit is available.

2b7f042... by Thomas Ward on 2016-05-31

Import patches-unapplied version 1.10.1-0ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 5eb610cec1466bfea3b7e7276361aeb0330eb748

New changelog entries:
  * New upstream release (1.10.1) - full changelog available at upstream
    website - http://nginx.org/en/CHANGES-1.10.
  * Update done to address the following security issues:
    - [CVE-2016-4450] NULL pointer dereference while writing client
      request body. (LP: #1587577)
  * Additional changes:
    * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.

5eb610c... by Thomas Ward on 2016-04-26

Import patches-unapplied version 1.10.0-0ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: b100a2e83b3b938552e58fbedca71db098fb1cf0

New changelog entries:
  * New upstream release (1.10.0) - full changelog available at upstream
    website - http://nginx.org/en/CHANGES-1.10 (LP: #1575217)
  * All Ubuntu specific changes from 1.9.15-0ubuntu1 remain included.
  * Additional changes:
    * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.

b100a2e... by Thomas Ward on 2016-04-18

Import patches-unapplied version 1.9.15-0ubuntu1 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 305f0eaded9556098a8259dea8c55d17951adc5f

New changelog entries:
  * New upstream release (1.9.15) - full changelog available at upstream
    website - http://nginx.org/en/CHANGES (LP: #1572223)
  * All Ubuntu specific changes from 1.1.14-0ubuntu1, except noted below,
    remain included in this upload.
  * Remaining changes:
    * debian/control: Re-add libluajit-5.1-dev build-dependency, as it will
      only affect nginx-extras which is in Universe. This reduces the merge
      delta between Ubuntu and Debian slightly, as well. (LP: #1571444)
    * debian/patches/ubuntu-branding.patch: Refresh Ubuntu Branding patch.