Navigation:
Browse pkgsrc
(this page)| 2014-03-19 15:14:31 by Emile iMil Heitor | Files touched by this commit (2) |
Log message:
Changes with nginx 1.4.7 18 Mar 2014
*) Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, FundaciĆ³n Dr.
Manuel Sadosky, Buenos Aires, Argentina.
*) Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas.
|
| 2014-03-14 12:34:25 by Emile iMil Heitor | Files touched by this commit (1) |
Log message: A new module was added, worth a revision. |
| 2014-03-14 12:30:57 by Emile iMil Heitor | Files touched by this commit (2) |
Log message: * Updated the naxsi module to latest 0.53-2 * Added Lua support: https://github.com/chaoslawful/lua-nginx-module |
| 2014-03-11 15:34:41 by Jonathan Perkin | Files touched by this commit (99) |
Log message: Import initial SMF support for individual packages. |
| 2014-03-11 15:05:19 by Jonathan Perkin | Files touched by this commit (350) |
Log message: Remove example rc.d scripts from PLISTs. These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or ignored otherwise. |
| 2014-03-09 14:34:02 by Blue Rats | Files touched by this commit (2) |
Log message:
Changes with nginx 1.4.6 04 Mar 2014
*) Bugfix: the "client_max_body_size" directive might not work when
reading a request body using chunked transfer encoding; the bug had
appeared in 1.3.9.
Thanks to Lucas Molas.
*) Bugfix: a segmentation fault might occur in a worker process when
proxying WebSocket connections.
|
| 2014-03-01 21:14:44 by Blue Rats | Files touched by this commit (2) |
Log message: Updated to latest release, 1.4.5, released on 2014-02-11. From CHANGES-1.4: *) Bugfix: the $ssl_session_id variable contained full session serialized instead of just a session id. Thanks to Ivan Risti\u0107. *) Bugfix: client connections might be immediately closed if deferred accept was used; the bug had appeared in 1.3.15. *) Bugfix: alerts "zero size buf in output" might appear in logs while proxying; the bug had appeared in 1.3.9. *) Bugfix: a segmentation fault might occur in a worker process if the ngx_http_spdy_module was used. *) Bugfix: proxied WebSocket connections might hang right after handshake if the select, poll, or /dev/poll methods were used. *) Bugfix: a timeout might occur while reading client request body in an SSL connection using chunked transfer encoding. *) Bugfix: memory leak in nginx/Windows. |
| 2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568) |
Log message: Recursive PKGREVISION bump for OpenSSL API version bump. |
| 2014-01-31 04:09:19 by Blue Rats | Files touched by this commit (1) |
Log message: CONFIGURE_ARGS+=--with-pcre-jit for the pcre option. If pcre isn't compiled with --enable-jit, this option doesn't break the build. If it is, users can still disable this feature by setting pcre_jit=off in nginx.conf. |
| 2013-12-05 16:09:58 by Emile iMil Heitor | Files touched by this commit (2) |
Log message:
Updated to nginx 1.4.4
Changes with nginx 1.4.4 19 Nov 2013
*) Security: a character following an unescaped space in a request line
was handled incorrectly (CVE-2013-4547); the bug had appeared in
0.8.41.
Thanks to Ivan Fratric of the Google Security Team.
Changes with nginx 1.4.3 08 Oct 2013
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used with the "client_body_in_file_only"
directive.
*) Bugfix: a segmentation fault might occur on start or during
reconfiguration if the "try_files" directive was used with an empty
parameter.
*) Bugfix: the $request_time variable did not work in nginx/Windows.
*) Bugfix: in the ngx_http_auth_basic_module when using "$apr1$"
password encryption method.
Thanks to Markus Linnala.
*) Bugfix: in the ngx_http_autoindex_module.
*) Bugfix: in the mail proxy server.
|
New packages: