diff --git a/SOURCES/nginx-1.16.0-CVE-2021-23017.patch b/SOURCES/nginx-1.16.0-CVE-2021-23017.patch new file mode 100644 index 0000000..7db5058 --- /dev/null +++ b/SOURCES/nginx-1.16.0-CVE-2021-23017.patch @@ -0,0 +1,24 @@ +diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c +index 593645d..064ec7a 100644 +--- a/src/core/ngx_resolver.c ++++ b/src/core/ngx_resolver.c +@@ -3992,15 +3992,15 @@ done: + n = *src++; + + } else { ++ if (dst != name->data) { ++ *dst++ = '.'; ++ } ++ + ngx_strlow(dst, src, n); + dst += n; + src += n; + + n = *src++; +- +- if (n != 0) { +- *dst++ = '.'; +- } + } + + if (n == 0) { diff --git a/SPECS/nginx.spec b/SPECS/nginx.spec index ceefce8..bb91407 100644 --- a/SPECS/nginx.spec +++ b/SPECS/nginx.spec @@ -19,7 +19,7 @@ Name: nginx Epoch: 1 Version: 1.16.1 -Release: 1%{?dist}.1 +Release: 2%{?dist}.1 Summary: A high performance web server and reverse proxy server Group: System Environment/Daemons @@ -62,6 +62,9 @@ Patch4: nginx-1.16.0-enable-tls1v3-by-default.patch # https://bugzilla.redhat.com/show_bug.cgi?id=1790277 Patch5: nginx-1.16.1-CVE-2019-20372.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1963174 +Patch6: nginx-1.16.0-CVE-2021-23017.patch + %if 0%{?with_gperftools} BuildRequires: gperftools-devel %endif @@ -193,6 +196,7 @@ Requires: nginx %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} . @@ -465,8 +469,13 @@ fi %changelog -* Tue Nov 24 2020 Lubos Uhliarik - 1:1.16.1-1.1 -- Resolves: #1898952 - CVE 2019-20372 nginx:1.16/nginx: HTTP request smuggling +* Tue May 25 2021 Luboš Uhliarik - 1:1.16.1-2.1 +- Resolves: #1963174 - CVE-2021-23017 nginx:1.16/nginx: Off-by-one in + ngx_resolver_copy() when labels are followed by a pointer to a root + domain name + +* Mon Nov 23 2020 Lubos Uhliarik - 1:1.16.1-2 +- Resolves: #1798230 - CVE-2019-20372 nginx:1.16/nginx: HTTP request smuggling via error pages in http/ngx_http_special_response.c * Thu Aug 29 2019 Lubos Uhliarik - 1:1.16.1-1