forked from rpms/nginx
import nginx-1.16.1-1.module+el8.3.0+8844+e5e7039f.1
This commit is contained in:
parent
c57a164c7c
commit
83cf15ff58
17
SOURCES/nginx-1.16.1-CVE-2019-20372.patch
Normal file
17
SOURCES/nginx-1.16.1-CVE-2019-20372.patch
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
diff --git a/src/http/ngx_http_special_response.c b/src/http/ngx_http_special_response.c
|
||||||
|
index 4ffb2cc8ad..76e6705889 100644
|
||||||
|
--- a/src/http/ngx_http_special_response.c
|
||||||
|
+++ b/src/http/ngx_http_special_response.c
|
||||||
|
@@ -623,6 +623,12 @@ ngx_http_send_error_page(ngx_http_request_t *r, ngx_http_err_page_t *err_page)
|
||||||
|
return ngx_http_named_location(r, &uri);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ r->expect_tested = 1;
|
||||||
|
+
|
||||||
|
+ if (ngx_http_discard_request_body(r) != NGX_OK) {
|
||||||
|
+ r->keepalive = 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
location = ngx_list_push(&r->headers_out.headers);
|
||||||
|
|
||||||
|
if (location == NULL) {
|
@ -19,7 +19,7 @@
|
|||||||
Name: nginx
|
Name: nginx
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
Version: 1.16.1
|
Version: 1.16.1
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}.1
|
||||||
|
|
||||||
Summary: A high performance web server and reverse proxy server
|
Summary: A high performance web server and reverse proxy server
|
||||||
Group: System Environment/Daemons
|
Group: System Environment/Daemons
|
||||||
@ -59,6 +59,9 @@ Patch3: nginx-1.14.1-perl-module-hardening.patch
|
|||||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1643647
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1643647
|
||||||
Patch4: nginx-1.16.0-enable-tls1v3-by-default.patch
|
Patch4: nginx-1.16.0-enable-tls1v3-by-default.patch
|
||||||
|
|
||||||
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1790277
|
||||||
|
Patch5: nginx-1.16.1-CVE-2019-20372.patch
|
||||||
|
|
||||||
%if 0%{?with_gperftools}
|
%if 0%{?with_gperftools}
|
||||||
BuildRequires: gperftools-devel
|
BuildRequires: gperftools-devel
|
||||||
%endif
|
%endif
|
||||||
@ -189,6 +192,7 @@ Requires: nginx
|
|||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
%patch3 -p1
|
%patch3 -p1
|
||||||
%patch4 -p1
|
%patch4 -p1
|
||||||
|
%patch5 -p1
|
||||||
|
|
||||||
cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} .
|
cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} .
|
||||||
|
|
||||||
@ -461,6 +465,10 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue Nov 24 2020 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1.1
|
||||||
|
- Resolves: #1898952 - CVE 2019-20372 nginx:1.16/nginx: HTTP request smuggling
|
||||||
|
via error pages in http/ngx_http_special_response.c
|
||||||
|
|
||||||
* Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1
|
* Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1
|
||||||
- update to 1.16.1
|
- update to 1.16.1
|
||||||
- Resolves: #1745697 - CVE-2019-9511 nginx:1.16/nginx: HTTP/2: large amount
|
- Resolves: #1745697 - CVE-2019-9511 nginx:1.16/nginx: HTTP/2: large amount
|
||||||
|
Loading…
Reference in New Issue
Block a user