Last commit made on 2019-09-07
Get this branch:
git clone -b debian/stretch https://git.launchpad.net/ubuntu/+source/nginx
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

ff388e7... by ctrochalakis on 2019-08-19

Import patches-unapplied version 1.10.3-1+deb9u3 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 01ccbc555d1b24df5e3ed90cefa5dad47707c0a7

New changelog entries:
  * Backport upstream fixes for 3 CVEs (Closes: #935037)
    Those fixes affect Nginx HTTP/2 implementation, which might cause
    excessive memory consumption and CPU usage.
    (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516).

01ccbc5... by ctrochalakis on 2018-11-07

Import patches-unapplied version 1.10.3-1+deb9u2 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: f772fbf3ba3bf046a6d8e515344f22b6dcf2fa07

New changelog entries:
  * Backport http2_max_requests directive needed for
    CVE-2018-16844 mitigation
  * Backport upstream fixes for 3 CVEs (Closes: #913090)
    + CVE-2018-16843 Excessive memory usage in HTTP/2
    + CVE-2018-16844 Excessive CPU usage in HTTP/2
      This change limits the maximum allowed number of idle state
      switches to 10 * http2_max_requests (i.e., 10000 by default).
      This limits possible CPU usage in one connection, and also
      imposes a limit on the maximum lifetime of a connection
    + CVE-2018-16845 Memory disclosure in the ngx_http_mp4_module

f772fbf... by ctrochalakis on 2017-07-12

Import patches-unapplied version 1.10.3-1+deb9u1 to debian/stretch

Imported using git-ubuntu import.

Changelog parent: 1677af1a6ee13cb40338202ec07e99718a802e7c

New changelog entries:
  * Handle CVE-2017-7529 Integer overflow in the range filter (Closes: #868109)

1677af1... by ctrochalakis on 2017-02-15

Import patches-unapplied version 1.10.3-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 9d8c88d38effa1f763c59cc6ff54f6755114c760

New changelog entries:
  * New upstream release. (Closes: #855113)
  * Update Vcs fields to the new location.
    The repo is now moved under the pkg-nginx namespace.

9d8c88d... by ctrochalakis on 2017-01-22

Import patches-unapplied version 1.10.2-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 03bcee48540c67c4123f999e2b86bb61b0c107bd

New changelog entries:
  * Switch module reloading logic to dpkg triggers.
  * Enable modules after a remove -> install cycle.
  * Move module patches to debian/modules/patches.
  * Backport curve list support from 1.11.x. (Closes: #846085)
  * Add a NEWS entry regarding dynamic modules.
  * Merge de,fr,nl,pt_BR,da translations.
    Thanks to Chris Leick. (Closes: #843770)
    Thanks to Julien Patriarca. (Closes: #844712)
    Thanks to Frans Spiesschaert. (Closes: #845693)
    Thanks to Adriano Rafael Gomes. (Closes: #846522)
    Thanks to Joe Dalton. (Closes: #850857)

03bcee4... by ctrochalakis on 2016-12-24

Import patches-unapplied version 1.10.2-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 442797d73fcab773d96ad37f0b3623ddc2e751b2

New changelog entries:
  [ Michael Lustfield ]
  * debian/conf/sites-enabled/default:
    + Correcting location of default php-fpm socket. (Closes: #846145)
  [ Christos Trochalakis ]
  * debian/rules: Correctly clean patched modules.
    Thanks to Sven-Haegar Koch for the initial patch. (Closes: #844506)
  * mod: Upgrade nchan to 1.0.8. (Closes: #844473)
  * mod: Upgrade nginx-lua to 0.10.7.
  * Update nginx-lua OpenSSL 1.1.0 patch.
  * Reactivate PIE.
    Thanks to Markus Waldeck for the suggestion.
  * mod: Check if nginx binary exists before reloading.
  * mod: Upgrade headers-mode to 0.32.
  * mod: Upgrade development kit to 0.3.0.

442797d... by ctrochalakis on 2016-11-12

Import patches-unapplied version 1.10.2-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 634f6dcad934f386e09eeed361ec204b9d231575

New changelog entries:
  * Build against OpenSSL 1.1.0. (Closes: #828453)
    + Patch for nginx-lua by Alessandro Ghedini.
    + Patch for nginx-upstream-fair by Kurt Roeckx.
  * debian/modules:
    + Rethink module patching logic.
    + Convert dav-ext to a dynamic module package:
      o libnginx-mod-http-dav-ext

634f6dc... by ctrochalakis on 2016-10-29

Import patches-unapplied version 1.10.2-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: df622147d5b0c8ae25b261d94a0aa29678ba7bca

New changelog entries:
  [ Christos Trochalakis ]
  * New upstream release.
  * debian/nginx-common.postinst:
    + CVE-2016-1247: Secure log file handling (owner & permissions)
      against privilege escalation attacks. /var/log/nginx is now owned
      by root:adm. Thanks ro Dawid Golunski for the report.
      Changing /var/log/nginx permissions effectively reopens #701112,
      since log files can be world-readable. This is a trade-off until
      a better log opening solution is implemented upstream (trac:376).
      (Closes: #842295)
  * debian/control:
    + Version depend on lsb-base (>= 3.0-6).
      Fixes lintian init.d-script-needs-depends-on-lsb-base.
  * debian/nginx-*.lintian-overrides:
    + Drop unused spelling-error-in-binary override.
  [ Michael Lustfield ]
  * debian/conf/sites-available/default:
    + Updated PHP sample configuration block. (Closes: #841230)

df62214... by ctrochalakis on 2016-09-15

Import patches-unapplied version 1.10.1-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b992ed8247e14e52344610e7f0d12133eb89dc1e

New changelog entries:
  * debian/control:
    + Drop nginx-*-dbg packages in favor of autogenerated -dbgsym packages.
    + Remove relic Breaks/Replaces from nginx-common.
    + Fix lsb-base dependencies.
    + Switch Maintainer to the Nginx Packaging Team and keep active maintainers
      as uploaders. Jose, Fabio, Dmitry & Cyril, thanks a lot for all your

b992ed8... by ctrochalakis on 2016-09-06

Import patches-unapplied version 1.10.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 580b38fcf42036334177318108b01b489d44216e

New changelog entries:
  [ Christos Trochalakis ]
  * debian/control:
    + Don't allow building against liblua5.1-0-dev on architectures
      that libluajit is available.
    + Enable slice module on all flavors. (Closes: #815080)
    + Enable SCGI & uWSGI module for nginx-light.
    + Convert to dynamic module packages:
      o libnginx-mod-nchan
      o libnginx-mod-http-echo
      o libnginx-mod-http-upstream-fair
      o libnginx-mod-http-headers-more-filter
      o libnginx-mod-http-cache-purge
      o libnginx-mod-http-fancyindex
      o libnginx-mod-http-uploadprogress
      o libnginx-mod-http-subs-filter
  * debian/modules:
    + Replace http-push with nchan v1.0.2 (Closes: #836134)
    + Upgrade nginx-lua to v0.10.6
    + Upgrade nginx-echo to v0.60
    + Upgrade headers-more to v0.31
    + Upgrade fancyindex to v0.4.1
    + Upgrade upload-progress to v0.9.2
  [ Michael Lustfield ]
  * debian/patches/0003-*.patch:
    + Use _GNU_SOURCE on GNU/kFreeBSD. (Closes: #826061)
      Thanks Steven Chamberlain for the patch.
  * debian/nginx-*.postinst:
    + Make nginx-*.postinst use invoke-rc.d. (Closes: #823435)
      Thanks Simon Deziel for the patch.