metalefty/nginx
1
0
Fork 0
forked from rpms/nginx
Code Pull Requests Activity

import nginx-1.16.1-2.module+el8.4.0+11155+68135136.1

Browse Source
This commit is contained in:
CentOS Sources 2021-06-08 05:48:49 -04:00 committed by Andrew Lukoshko
parent 17d8d3e413
commit 2aed67ac15
2 changed files with 36 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
SOURCES/nginx-1.16.0-CVE-2021-23017.patch Normal file
View File

@ -0,0 +1,24 @@
diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c
index 593645d..064ec7a 100644
--- a/src/core/ngx_resolver.c
+++ b/src/core/ngx_resolver.c
@@ -3992,15 +3992,15 @@ done:
n = *src++;
} else {
+ if (dst != name->data) {
+ *dst++ = '.';
+ }
+
ngx_strlow(dst, src, n);
dst += n;
src += n;
n = *src++;
-
- if (n != 0) {
- *dst++ = '.';
- }
}
if (n == 0) {

15
SPECS/nginx.spec
View File

@ -19,7 +19,7 @@
Name: nginx Name: nginx
Epoch: 1 Epoch: 1
Version: 1.16.1 Version: 1.16.1
Release: 1%{?dist}.1 Release: 2%{?dist}.1
Summary: A high performance web server and reverse proxy server Summary: A high performance web server and reverse proxy server
Group: System Environment/Daemons Group: System Environment/Daemons
@ -62,6 +62,9 @@ Patch4: nginx-1.16.0-enable-tls1v3-by-default.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1790277 # https://bugzilla.redhat.com/show_bug.cgi?id=1790277
Patch5: nginx-1.16.1-CVE-2019-20372.patch Patch5: nginx-1.16.1-CVE-2019-20372.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1963174
Patch6: nginx-1.16.0-CVE-2021-23017.patch
%if 0%{?with_gperftools} %if 0%{?with_gperftools}
BuildRequires: gperftools-devel BuildRequires: gperftools-devel
%endif %endif
@ -193,6 +196,7 @@ Requires: nginx
%patch3 -p1 %patch3 -p1
%patch4 -p1 %patch4 -p1
%patch5 -p1 %patch5 -p1
%patch6 -p1
cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} . cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} .
@ -465,8 +469,13 @@ fi
%changelog %changelog
* Tue Nov 24 2020 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1.1 * Tue May 25 2021 Luboš Uhliarik <luhliari@redhat.com> - 1:1.16.1-2.1
- Resolves: #1898952 - CVE 2019-20372 nginx:1.16/nginx: HTTP request smuggling - Resolves: #1963174 - CVE-2021-23017 nginx:1.16/nginx: Off-by-one in
ngx_resolver_copy() when labels are followed by a pointer to a root
domain name
* Mon Nov 23 2020 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-2
- Resolves: #1798230 - CVE-2019-20372 nginx:1.16/nginx: HTTP request smuggling
via error pages in http/ngx_http_special_response.c via error pages in http/ngx_http_special_response.c
* Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1 * Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1