Update to 1.4.1 - CVE-2013-2028 (#960605, #960606)

2013-05-07 18:06:52 +01:00 · 2013-05-07 18:06:52 +01:00 · ef2548d3c2
commit ef2548d3c2
parent 4784dce4d2
3 changed files with 11 additions and 4 deletions
--- a/.gitignore
+++ b/.gitignore
@ -18,3 +18,5 @@ x86_64/
 /nginx-1.2.8.tar.gz.asc
 /nginx-1.4.0.tar.gz
 /nginx-1.4.0.tar.gz.asc
+/nginx-1.4.1.tar.gz
+/nginx-1.4.1.tar.gz.asc
--- a/nginx.spec
+++ b/nginx.spec
@ -16,8 +16,8 @@

 Name:              nginx
 Epoch:             1
-Version:           1.4.0
-Release:           2%{?dist}
+Version:           1.4.1
+Release:           1%{?dist}

 Summary:           A high performance web server and reverse proxy server
 Group:             System Environment/Daemons
@ -224,6 +224,11 @@ fi


 %changelog
+* Tue May 07 2013 Jamie Nguyen <jamielinux@fedoraproject.org> - 1:1.4.1-1
+- update to upstream release 1.4.1 (#960605, #960606):
+  CVE-2013-2028 stack-based buffer overflow when handling certain chunked
+  transfer encoding requests
+
 * Sun Apr 28 2013 Dan Horák <dan[at]danny.cz> - 1:1.4.0-2
 - gperftools exist only on selected arches

--- a/4
+++ b/4
@ -1,2 +1,2 @@
-d496e58864ab10ed56278b7655b0d0b2  nginx-1.4.0.tar.gz
-ac3361c0cfe8e1f7730755492a928060  nginx-1.4.0.tar.gz.asc
+fea7dfab995545ce27fe4c49dc21a972  nginx-1.4.1.tar.gz
+455f82ffbf31085754e725e219e0f840  nginx-1.4.1.tar.gz.asc