rpms/nginx
7
0
Fork 1
Code Issues Pull Requests Releases Activity

import Oracle_OSS nginx-1.20.1-24.0.1.el9_7.2

Browse Source
This commit is contained in:
AlmaLinux RelEng Bot 2026-04-10 02:25:39 -04:00
parent a4d2ff00e7
commit 888f002e39
10 changed files with 648 additions and 220 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
SOURCES/0015-Dav-destination-length-validation-for-COPY-and-MOVE.patch Normal file
View File

@ -0,0 +1,31 @@
diff --git a/src/http/modules/ngx_http_dav_module.c b/src/http/modules/ngx_http_dav_module.c
index cfb9892..6bf438a 100644
--- a/src/http/modules/ngx_http_dav_module.c
+++ b/src/http/modules/ngx_http_dav_module.c
@@ -548,6 +548,7 @@ ngx_http_dav_copy_move_handler(ngx_http_request_t *r)
ngx_ext_rename_file_t ext;
ngx_http_dav_copy_ctx_t copy;
ngx_http_dav_loc_conf_t *dlcf;
+ ngx_http_core_loc_conf_t *clcf;
if (r->headers_in.content_length_n > 0 || r->headers_in.chunked) {
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
@@ -644,6 +645,18 @@ destination_done:
return NGX_HTTP_CONFLICT;
}
+ clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
+
+ if (clcf->alias
+ && clcf->alias != NGX_MAX_SIZE_T_VALUE
+ && duri.len < clcf->alias)
+ {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "client sent invalid \"Destination\" header: \"%V\"",
+ &dest->value);
+ return NGX_HTTP_BAD_REQUEST;
+ }
+
depth = ngx_http_dav_depth(r, NGX_HTTP_DAV_INFINITY_DEPTH);
if (depth != NGX_HTTP_DAV_INFINITY_DEPTH) {

84
SOURCES/0016-Mp4-fixed-possible-integer-overflow-on-32-bit-platfo.patch Normal file
View File

@ -0,0 +1,84 @@
From 3568812cf98dfd7661cd7516ecf9b398c134ab3c Mon Sep 17 00:00:00 2001
From: Roman Arutyunyan <arut@nginx.com>
Date: Mon, 2 Mar 2026 21:12:34 +0400
Subject: [PATCH] Mp4: fixed possible integer overflow on 32-bit platforms.
Previously, a 32-bit overflow could happen while validating atom entries
count. This allowed processing of an invalid atom with entrires beyond
its boundaries with reads and writes outside of the allocated mp4 buffer.
Reported by Prabhav Srinath (sprabhav7).
---
src/http/modules/ngx_http_mp4_module.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c
index 173d8ad54..678d6296c 100644
--- a/src/http/modules/ngx_http_mp4_module.c
+++ b/src/http/modules/ngx_http_mp4_module.c
@@ -2297,7 +2297,7 @@ ngx_http_mp4_read_stts_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
"mp4 time-to-sample entries:%uD", entries);
if (ngx_mp4_atom_data_size(ngx_mp4_stts_atom_t)
- + entries * sizeof(ngx_mp4_stts_entry_t) > atom_data_size)
+ + (uint64_t) entries * sizeof(ngx_mp4_stts_entry_t) > atom_data_size)
{
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"\"%s\" mp4 stts atom too small", mp4->file.name.data);
@@ -2612,7 +2612,7 @@ ngx_http_mp4_read_stss_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
atom->last = atom_table;
if (ngx_mp4_atom_data_size(ngx_http_mp4_stss_atom_t)
- + entries * sizeof(uint32_t) > atom_data_size)
+ + (uint64_t) entries * sizeof(uint32_t) > atom_data_size)
{
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"\"%s\" mp4 stss atom too small", mp4->file.name.data);
@@ -2817,7 +2817,7 @@ ngx_http_mp4_read_ctts_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
atom->last = atom_table;
if (ngx_mp4_atom_data_size(ngx_mp4_ctts_atom_t)
- + entries * sizeof(ngx_mp4_ctts_entry_t) > atom_data_size)
+ + (uint64_t) entries * sizeof(ngx_mp4_ctts_entry_t) > atom_data_size)
{
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"\"%s\" mp4 ctts atom too small", mp4->file.name.data);
@@ -2999,7 +2999,7 @@ ngx_http_mp4_read_stsc_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
"sample-to-chunk entries:%uD", entries);
if (ngx_mp4_atom_data_size(ngx_mp4_stsc_atom_t)
- + entries * sizeof(ngx_mp4_stsc_entry_t) > atom_data_size)
+ + (uint64_t) entries * sizeof(ngx_mp4_stsc_entry_t) > atom_data_size)
{
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"\"%s\" mp4 stsc atom too small", mp4->file.name.data);
@@ -3393,7 +3393,7 @@ ngx_http_mp4_read_stsz_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
if (size == 0) {
if (ngx_mp4_atom_data_size(ngx_mp4_stsz_atom_t)
- + entries * sizeof(uint32_t) > atom_data_size)
+ + (uint64_t) entries * sizeof(uint32_t) > atom_data_size)
{
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"\"%s\" mp4 stsz atom too small",
@@ -3552,7 +3552,7 @@ ngx_http_mp4_read_stco_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0, "chunks:%uD", entries);
if (ngx_mp4_atom_data_size(ngx_mp4_stco_atom_t)
- + entries * sizeof(uint32_t) > atom_data_size)
+ + (uint64_t) entries * sizeof(uint32_t) > atom_data_size)
{
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"\"%s\" mp4 stco atom too small", mp4->file.name.data);
@@ -3768,7 +3768,7 @@ ngx_http_mp4_read_co64_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size)
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0, "chunks:%uD", entries);
if (ngx_mp4_atom_data_size(ngx_mp4_co64_atom_t)
- + entries * sizeof(uint64_t) > atom_data_size)
+ + (uint64_t) entries * sizeof(uint64_t) > atom_data_size)
{
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"\"%s\" mp4 co64 atom too small", mp4->file.name.data);
--
2.53.0

31
SOURCES/0017-Mail-fixed-clearing-s-passwd-in-auth-http-requests.patch Normal file
View File

@ -0,0 +1,31 @@
From 9bc13718fe8a59a4538805516be7e141070c22d6 Mon Sep 17 00:00:00 2001
From: Sergey Kandaurov <pluknet@nginx.com>
Date: Wed, 18 Mar 2026 16:39:37 +0400
Subject: [PATCH] Mail: fixed clearing s->passwd in auth http requests.
Previously, it was not properly cleared retaining length as part of
authenticating with CRAM-MD5 and APOP methods that expect to receive
password in auth response. This resulted in null pointer dereference
and worker process crash in subsequent auth attempts with CRAM-MD5.
Reported by Arkadi Vainbrand.
---
src/mail/ngx_mail_auth_http_module.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/mail/ngx_mail_auth_http_module.c b/src/mail/ngx_mail_auth_http_module.c
index 4ca6d6e24..3e5095a2d 100644
--- a/src/mail/ngx_mail_auth_http_module.c
+++ b/src/mail/ngx_mail_auth_http_module.c
@@ -1328,7 +1328,7 @@ ngx_mail_auth_http_create_request(ngx_mail_session_t *s, ngx_pool_t *pool,
b->last = ngx_cpymem(b->last, "Auth-Salt: ", sizeof("Auth-Salt: ") - 1);
b->last = ngx_copy(b->last, s->salt.data, s->salt.len);
- s->passwd.data = NULL;
+ ngx_str_null(&s->passwd);
}
b->last = ngx_cpymem(b->last, "Auth-Protocol: ",
--
2.53.0

74
SOURCES/0018-Mp4-avoid-zero-size-buffers-in-output.patch Normal file
View File

@ -0,0 +1,74 @@
From 7725c372c2fe11ff908b1d6138be219ad694c42f Mon Sep 17 00:00:00 2001
From: Roman Arutyunyan <arut@nginx.com>
Date: Sat, 21 Feb 2026 12:04:36 +0400
Subject: [PATCH] Mp4: avoid zero size buffers in output.
Previously, data validation checks did not cover the cases when the output
contained empty buffers. Such buffers are considered illegal and produce
"zero size buf in output" alerts. The change rejects the mp4 files which
produce such alerts.
Also, the change fixes possible buffer overread and overwrite that could
happen while processing empty stco and co64 atoms, as reported by
Pavel Kohout (Aisle Research) and Tim Becker.
---
src/http/modules/ngx_http_mp4_module.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c
index 445fab1cd..173d8ad54 100644
--- a/src/http/modules/ngx_http_mp4_module.c
+++ b/src/http/modules/ngx_http_mp4_module.c
@@ -901,8 +901,11 @@ ngx_http_mp4_process(ngx_http_mp4_file_t *mp4)
}
}
- if (end_offset < start_offset) {
- end_offset = start_offset;
+ if (end_offset <= start_offset) {
+ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
+ "no data between start time and end time in \"%s\"",
+ mp4->file.name.data);
+ return NGX_ERROR;
}
mp4->moov_size += 8;
@@ -913,7 +916,7 @@ ngx_http_mp4_process(ngx_http_mp4_file_t *mp4)
*prev = &mp4->mdat_atom;
- if (start_offset > mp4->mdat_data.buf->file_last) {
+ if (start_offset >= mp4->mdat_data.buf->file_last) {
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"start time is out mp4 mdat atom in \"%s\"",
mp4->file.name.data);
@@ -3444,7 +3447,7 @@ ngx_http_mp4_update_stsz_atom(ngx_http_mp4_file_t *mp4,
if (data) {
entries = trak->sample_sizes_entries;
- if (trak->start_sample > entries) {
+ if (trak->start_sample >= entries) {
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"start time is out mp4 stsz samples in \"%s\"",
mp4->file.name.data);
@@ -3619,7 +3622,7 @@ ngx_http_mp4_update_stco_atom(ngx_http_mp4_file_t *mp4,
return NGX_ERROR;
}
- if (trak->start_chunk > trak->chunks) {
+ if (trak->start_chunk >= trak->chunks) {
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"start time is out mp4 stco chunks in \"%s\"",
mp4->file.name.data);
@@ -3834,7 +3837,7 @@ ngx_http_mp4_update_co64_atom(ngx_http_mp4_file_t *mp4,
return NGX_ERROR;
}
- if (trak->start_chunk > trak->chunks) {
+ if (trak->start_chunk >= trak->chunks) {
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"start time is out mp4 co64 chunks in \"%s\"",
mp4->file.name.data);
--
2.53.0

230
SOURCES/404.html
View File

@ -1,120 +1,132 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>The page is not found</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
/*<![CDATA[*/
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
:link {
color: #c00;
}
:visited {
color: #c00;
}
a:hover {
color: #f50;
}
h1 {
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
background-color: #900;
color: #fff;
font-weight: normal;
font-size: 1.75em;
border-bottom: 2px solid #000;
}
h1 strong {
font-weight: bold;
font-size: 1.5em;
}
h2 {
text-align: center;
background-color: #900;
font-size: 1.1em;
font-weight: bold;
color: #fff;
margin: 0;
padding: 0.5em;
border-bottom: 2px solid #000;
}
h3 {
text-align: center;
background-color: #ff0000;
padding: 0.5em;
color: #fff;
}
hr {
display: none;
}
.content {
padding: 1em 5em;
}
.alert {
border: 2px solid #000;
}
<head>
<title>The page is not found</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
/*<![CDATA[*/
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif, helvetica;
margin: 0;
padding: 0;
}
:link {
color: #c00;
}
:visited {
color: #c00;
}
a:hover {
color: #f50;
}
h1 {
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
background-color: #10B981;
color: #fff;
font-weight: normal;
font-size: 1.75em;
border-bottom: 2px solid #000;
}
h1 strong {
font-weight: bold;
font-size: 1.5em;
}
h2 {
text-align: center;
background-color: #10B981;
font-size: 1.1em;
font-weight: bold;
color: #fff;
margin: 0;
padding: 0.5em;
border-bottom: 2px solid #000;
}
h3 {
text-align: center;
background-color: #ff0000;
padding: 0.5em;
color: #fff;
}
hr {
display: none;
}
.content {
padding: 1em 5em;
}
.alert {
border: 2px solid #000;
}
img {
border: 2px solid #fff;
padding: 2px;
margin: 2px;
}
a:hover img {
border: 2px solid #294172;
}
.logos {
margin: 1em;
text-align: center;
}
/*]]>*/
</style>
</head>
img {
border: 2px solid #fff;
padding: 2px;
margin: 2px;
}
a:hover img {
border: 2px solid #294172;
}
.logos {
margin: 1em;
text-align: center;
}
/*]]>*/
</style>
</head>
<body>
<h1><strong>nginx error!</strong></h1>
<body>
<h1><strong>nginx error!</strong></h1>
<div class="content">
<h3>The page you are looking for is not found.</h3>
<div class="alert">
<h2>Website Administrator</h2>
<div class="content">
<p>
Something has triggered missing webpage on your website. This is the
default 404 error page for <strong>nginx</strong> that is
distributed with OpenELA. It is located
<tt>/usr/share/nginx/html/404.html</tt>
</p>
<h3>The page you are looking for is not found.</h3>
<p>
You should customize this error page for your own site or edit the
<tt>error_page</tt> directive in the
<strong>nginx</strong> configuration file
<tt>/etc/nginx/nginx.conf</tt>.
</p>
<div class="alert">
<h2>Website Administrator</h2>
<div class="content">
<p>Something has triggered missing webpage on your
website. This is the default 404 error page for
<strong>nginx</strong> that is distributed with
Red Hat Enterprise Linux. It is located
<tt>/usr/share/nginx/html/404.html</tt></p>
<p>You should customize this error page for your own
site or edit the <tt>error_page</tt> directive in
the <strong>nginx</strong> configuration file
<tt>/etc/nginx/nginx.conf</tt>.</p>
<p>For information on Red Hat Enterprise Linux, please visit the <a href="http://www.redhat.com/">Red Hat, Inc. website</a>. The documentation for Red Hat Enterprise Linux is <a href="http://www.redhat.com/docs/manuals/enterprise/">available on the Red Hat, Inc. website</a>.</p>
</div>
</div>
<div class="logos">
<a href="http://nginx.net/"><img
src="nginx-logo.png"
alt="[ Powered by nginx ]"
width="121" height="32" /></a>
<a href="http://www.redhat.com/"><img
src="poweredby.png"
alt="[ Powered by Red Hat Enterprise Linux ]"
width="88" height="31" /></a>
</div>
<p>
For information on OpenELA, please visit the
<a href="https://www.openela.org/">OpenELA website</a>. The
documentation for OpenELA is
<a href="https://www.openela.org/"
>available on the OpenELA website</a
>.
</p>
</div>
</body>
</div>
<div class="logos">
<a href="http://nginx.net/"
><img
src="nginx-logo.png"
alt="[ Powered by nginx ]"
width="121"
height="32"
/></a>
<a href="http://www.openela.org/"><img
src="poweredby.png"
alt="[ Powered by OpenELA ]"
width="32" height="32" /></a>
</div>
</div>
</body>
</html>

233
SOURCES/50x.html
View File

@ -1,120 +1,135 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>The page is temporarily unavailable</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
/*<![CDATA[*/
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
:link {
color: #c00;
}
:visited {
color: #c00;
}
a:hover {
color: #f50;
}
h1 {
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
background-color: #900;
color: #fff;
font-weight: normal;
font-size: 1.75em;
border-bottom: 2px solid #000;
}
h1 strong {
font-weight: bold;
font-size: 1.5em;
}
h2 {
text-align: center;
background-color: #900;
font-size: 1.1em;
font-weight: bold;
color: #fff;
margin: 0;
padding: 0.5em;
border-bottom: 2px solid #000;
}
h3 {
text-align: center;
background-color: #ff0000;
padding: 0.5em;
color: #fff;
}
hr {
display: none;
}
.content {
padding: 1em 5em;
}
.alert {
border: 2px solid #000;
}
<head>
<title>The page is temporarily unavailable</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
/*<![CDATA[*/
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif, helvetica;
margin: 0;
padding: 0;
}
:link {
color: #c00;
}
:visited {
color: #c00;
}
a:hover {
color: #f50;
}
h1 {
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
background-color: #10B981;
color: #fff;
font-weight: normal;
font-size: 1.75em;
border-bottom: 2px solid #000;
}
h1 strong {
font-weight: bold;
font-size: 1.5em;
}
h2 {
text-align: center;
background-color: #10B981;
font-size: 1.1em;
font-weight: bold;
color: #fff;
margin: 0;
padding: 0.5em;
border-bottom: 2px solid #000;
}
h3 {
text-align: center;
background-color: #ff0000;
padding: 0.5em;
color: #fff;
}
hr {
display: none;
}
.content {
padding: 1em 5em;
}
.alert {
border: 2px solid #000;
}
img {
border: 2px solid #fff;
padding: 2px;
margin: 2px;
}
a:hover img {
border: 2px solid #294172;
}
.logos {
margin: 1em;
text-align: center;
}
/*]]>*/
</style>
</head>
img {
border: 2px solid #fff;
padding: 2px;
margin: 2px;
}
a:hover img {
border: 2px solid #294172;
}
.logos {
margin: 1em;
text-align: center;
}
/*]]>*/
</style>
</head>
<body>
<h1><strong>nginx error!</strong></h1>
<body>
<h1><strong>nginx error!</strong></h1>
<div class="content">
<h3>
The page you are looking for is temporarily unavailable. Please try
again later.
</h3>
<div class="alert">
<h2>Website Administrator</h2>
<div class="content">
<p>
Something has triggered missing webpage on your website. This is the
default error page for <strong>nginx</strong> that is distributed
with OpenELA. It is located
<tt>/usr/share/nginx/html/50x.html</tt>
</p>
<h3>The page you are looking for is temporarily unavailable. Please try again later.</h3>
<p>
You should customize this error page for your own site or edit the
<tt>error_page</tt> directive in the
<strong>nginx</strong> configuration file
<tt>/etc/nginx/nginx.conf</tt>.
</p>
<div class="alert">
<h2>Website Administrator</h2>
<div class="content">
<p>Something has triggered missing webpage on your
website. This is the default error page for
<strong>nginx</strong> that is distributed with
Red Hat Enterprise Linux. It is located
<tt>/usr/share/nginx/html/50x.html</tt></p>
<p>You should customize this error page for your own
site or edit the <tt>error_page</tt> directive in
the <strong>nginx</strong> configuration file
<tt>/etc/nginx/nginx.conf</tt>.</p>
<p>For information on Red Hat Enterprise Linux, please visit the <a href="http://www.redhat.com/">Red Hat, Inc. website</a>. The documentation for Red Hat Enterprise Linux is <a href="http://www.redhat.com/docs/manuals/enterprise/">available on the Red Hat, Inc. website</a>.</p>
</div>
</div>
<div class="logos">
<a href="http://nginx.net/"><img
src="nginx-logo.png"
alt="[ Powered by nginx ]"
width="121" height="32" /></a>
<a href="http://www.redhat.com/"><img
src="poweredby.png"
alt="[ Powered by Red Hat Enterprise Linux ]"
width="88" height="31" /></a>
</div>
<p>
For information on OpenELA, please visit the
<a href="https://www.openela.org/">OpenELA website</a>. The
documentation for OpenELA is
<a href="https://www.openela.org/"
>available on the OpenELA website</a
>.
</p>
</div>
</body>
</div>
<div class="logos">
<a href="http://nginx.net/"
><img
src="nginx-logo.png"
alt="[ Powered by nginx ]"
width="121"
height="32"
/></a>
<a href="http://www.openela.org/"><img
src="poweredby.png"
alt="[ Powered by OpenELA ]"
width="32" height="32" /></a>
</div>
</div>
</body>
</html>

0
SOURCES/nginx-upgrade Normal file → Executable file
View File

70
SOURCES/remove-redhat-404-references.patch Normal file
View File

@ -0,0 +1,70 @@
diff --git a/404.html b/404.html
index 5350e82..240c5c3 100644
--- a/404.html
+++ b/404.html
@@ -15,10 +15,10 @@
padding: 0;
}
:link {
- color: #c00;
+ color: #f00;
}
:visited {
- color: #c00;
+ color: #f00;
}
a:hover {
color: #f50;
@@ -27,7 +27,7 @@
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
- background-color: #10B981;
+ background-color: #ff0000;
color: #fff;
font-weight: normal;
font-size: 1.75em;
@@ -39,7 +39,7 @@
}
h2 {
text-align: center;
- background-color: #10B981;
+ background-color: #ff0000;
font-size: 1.1em;
font-weight: bold;
color: #fff;
@@ -91,7 +91,7 @@
<p>
Something has triggered missing webpage on your website. This is the
default 404 error page for <strong>nginx</strong> that is
- distributed with OpenELA. It is located
+ distributed with Oracle Linux. It is located
<tt>/usr/share/nginx/html/404.html</tt>
</p>
@@ -103,12 +103,7 @@
</p>
<p>
- For information on OpenELA, please visit the
- <a href="https://www.openela.org/">OpenELA website</a>. The
- documentation for OpenELA is
- <a href="https://www.openela.org/"
- >available on the OpenELA website</a
- >.
+ <p>For information on Oracle Linux, please visit the <a href="https://www.oracle.com/linux">Oracle Linux website</a>. The documentation for Oracle Linux is <a href="https://docs.oracle.com/en/operating-systems/oracle-linux/">available on the Oracle Linux website</a>.</p>
</p>
</div>
</div>
@@ -121,9 +116,9 @@
width="121"
height="32"
/></a>
- <a href="http://www.openela.org/"><img
+ <a href="https://www.oracle.com/"><img
src="poweredby.png"
- alt="[ Powered by OpenELA ]"
+ alt="[ Powered by Oracle Linux ]"
width="32" height="32" /></a>
</div>

77
SOURCES/remove-redhat-50x-references.patch Normal file
View File

@ -0,0 +1,77 @@
Signed-off-by: Alan Steinberg <alan.steinberg@oracle.com>
diff --git a/50x.html b/50x.html
index 5a9db82..b7d0b9a 100644
--- a/50x.html
+++ b/50x.html
@@ -15,10 +15,10 @@
padding: 0;
}
:link {
- color: #c00;
+ color: #f00;
}
:visited {
- color: #c00;
+ color: #f00;
}
a:hover {
color: #f50;
@@ -27,7 +27,7 @@
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
- background-color: #10B981;
+ background-color: #ff0000;
color: #fff;
font-weight: normal;
font-size: 1.75em;
@@ -39,7 +39,7 @@
}
h2 {
text-align: center;
- background-color: #10B981;
+ background-color: #ff0000;
font-size: 1.1em;
font-weight: bold;
color: #fff;
@@ -94,7 +94,7 @@
<p>
Something has triggered missing webpage on your website. This is the
default error page for <strong>nginx</strong> that is distributed
- with OpenELA. It is located
+ with Oracle Linux. It is located
<tt>/usr/share/nginx/html/50x.html</tt>
</p>
@@ -106,11 +106,11 @@
</p>
<p>
- For information on OpenELA, please visit the
- <a href="https://www.openela.org/">OpenELA website</a>. The
- documentation for OpenELA is
- <a href="https://www.openela.org/"
- >available on the OpenELA website</a
+ For information on Oracle Linux, please visit the
+ <a href="https://www.oracle.com/linux/">Oracle Linux website</a>. The
+ documentation for Oracle Linux is
+ <a href="https://docs.oracle.com/en/operating-systems/oracle-linux/"
+ >available on the Oracle Linux website</a
>.
</p>
</div>
@@ -124,11 +124,11 @@
width="121"
height="32"
/></a>
- <a href="http://www.openela.org/"><img
+ <a href="https://www.oracle.com/linux/"><img
src="poweredby.png"
- alt="[ Powered by OpenELA ]"
+ alt="[ Powered by Oracle Linux ]"
width="32" height="32" /></a>
-
+
</div>
</div>
</body>

38
SPECS/nginx.spec
View File

@ -41,7 +41,7 @@
Name: nginx
Epoch: 2
Version: 1.20.1
Release: 24%{?dist}.1
Release: 24.0.1%{?dist}.2
Summary: A high performance web server and reverse proxy server
# BSD License (two clause)
@ -68,6 +68,9 @@ Source103: 404.html
Source104: 50x.html
Source200: README.dynamic
Source210: UPGRADE-NOTES-1.6-to-1.10
# Oracle patches
Source1001: remove-redhat-404-references.patch
Source1002: remove-redhat-50x-references.patch
# removes -Werror in upstream build scripts. -Werror conflicts with
# -D_FORTIFY_SOURCE=2 causing warnings to turn into errors.
@ -118,9 +121,27 @@ Patch13: 0013-CVE-2024-7347-Buffer-overread-in-the-mp4-module.patch
# upstream patch - https://github.com/nginx/nginx/commit/784fa05025cb8cd0c770f99bc79d2794b9f85b6e
Patch14: 0014-Upstream-detect-premature-plain-text-response-from-S.patch
# https://redhat.atlassian.net/browse/RHEL-159557
# upstream patch - https://github.com/nginx/nginx/commit/a1d18284e0a17
# whitespace were removed from the patch
Patch15: 0015-Dav-destination-length-validation-for-COPY-and-MOVE.patch
# https://redhat.atlassian.net/browse/RHEL-159536
# upstream patch - https://github.com/nginx/nginx/commit/3568812cf98df
Patch16: 0016-Mp4-fixed-possible-integer-overflow-on-32-bit-platfo.patch
# https://redhat.atlassian.net/browse/RHEL-159444
# upstream patch - https://github.com/nginx/nginx/commit/9bc13718fe8a59a45
Patch17: 0017-Mail-fixed-clearing-s-passwd-in-auth-http-requests.patch
# https://redhat.atlassian.net/browse/RHEL-157885
# upstream patch - https://github.com/nginx/nginx/commit/7725c372c2f
Patch18: 0018-Mp4-avoid-zero-size-buffers-in-output.patch
BuildRequires: make
BuildRequires: gcc
BuildRequires: gnupg2
%if 0%{?with_gperftools}
BuildRequires: gperftools-devel
%endif
@ -135,7 +156,7 @@ BuildRequires: zlib-devel
Requires: nginx-filesystem = %{epoch}:%{version}-%{release}
%if 0%{?el7}
# centos-logos el7 does not provide 'system-indexhtml'
Requires: system-logos redhat-indexhtml
Requires: system-logos oracle-indexhtml
# need to remove epel7 geoip sub-package, doesn't work anymore
# https://bugzilla.redhat.com/show_bug.cgi?id=1576034
# https://bugzilla.redhat.com/show_bug.cgi?id=1664957
@ -437,6 +458,8 @@ ln -s ../../pixmaps/system-noindex-logo.png \
%{buildroot}%{_datadir}/nginx/html/system_noindex_logo.png
%endif
patch %{SOURCE103} %{SOURCE1001}
patch %{SOURCE104} %{SOURCE1002}
install -p -m 0644 %{SOURCE103} %{SOURCE104} \
%{buildroot}%{_datadir}/nginx/html
@ -627,6 +650,17 @@ fi
%changelog
* Wed Apr 08 2026 EL Errata <el-errata_ww@oracle.com> - 1.20.1-24.0.1.el9_7.2
- Reference oracle-indexhtml within Requires [Orabug: 33802044]
- Remove Red Hat references [Orabug: 29498217]
- Update upstream references [Orabug: 36579090]
* Tue Mar 31 2026 Zdenek Dohnal <zdohnal@redhat.com> - 2:1.20.1-24.2
- Resolves: RHEL-159557 - CVE-2026-27654 nginx: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module
- Resolves: RHEL-159536 - CVE-2026-27784 nginx: NGINX: Denial of Service due to memory corruption via crafted MP4 file
- Resolves: RHEL-159444 - CVE-2026-27651 nginx: NGINX: Denial of Service via undisclosed requests when ngx_mail_auth_http_module is enabled
- Resolves: RHEL-157885 - CVE-2026-32647 nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files
* Thu Feb 19 2026 Luboš Uhliarik <luhliari@redhat.com> - 2:1.20.1-24.1
- Resolves: RHEL-146525 - nginx: NGINX: Data injection via man-in-the-middle
attack on TLS proxied connections (CVE-2026-1642)