From ef2548d3c2aab00a32bf5e79ef6dc8b1662f576a Mon Sep 17 00:00:00 2001
From: Jamie Nguyen <j@jamielinux.com>
Date: Tue, 7 May 2013 18:06:52 +0100
Subject: [PATCH] Update to 1.4.1 - CVE-2013-2028 (#960605, #960606)

---
 .gitignore | 2 ++
 nginx.spec | 9 +++++++--
 sources    | 4 ++--
 3 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/.gitignore b/.gitignore
index 30c2929..b8ac58d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,3 +18,5 @@ x86_64/
 /nginx-1.2.8.tar.gz.asc
 /nginx-1.4.0.tar.gz
 /nginx-1.4.0.tar.gz.asc
+/nginx-1.4.1.tar.gz
+/nginx-1.4.1.tar.gz.asc
diff --git a/nginx.spec b/nginx.spec
index 0d3809b..39354c3 100644
--- a/nginx.spec
+++ b/nginx.spec
@@ -16,8 +16,8 @@
 
 Name:              nginx
 Epoch:             1
-Version:           1.4.0
-Release:           2%{?dist}
+Version:           1.4.1
+Release:           1%{?dist}
 
 Summary:           A high performance web server and reverse proxy server
 Group:             System Environment/Daemons
@@ -224,6 +224,11 @@ fi
 
 
 %changelog
+* Tue May 07 2013 Jamie Nguyen <jamielinux@fedoraproject.org> - 1:1.4.1-1
+- update to upstream release 1.4.1 (#960605, #960606):
+  CVE-2013-2028 stack-based buffer overflow when handling certain chunked
+  transfer encoding requests
+
 * Sun Apr 28 2013 Dan Horák <dan[at]danny.cz> - 1:1.4.0-2
 - gperftools exist only on selected arches
 
diff --git a/sources b/sources
index ba3c02f..9026e6a 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-d496e58864ab10ed56278b7655b0d0b2  nginx-1.4.0.tar.gz
-ac3361c0cfe8e1f7730755492a928060  nginx-1.4.0.tar.gz.asc
+fea7dfab995545ce27fe4c49dc21a972  nginx-1.4.1.tar.gz
+455f82ffbf31085754e725e219e0f840  nginx-1.4.1.tar.gz.asc