.gitignore

@@ -1,2 +1,5 @@
 SOURCES/nginx-1.16.1.tar.gz
 SOURCES/poweredby.png
+/nginx-1.16.1.tar.gz
+/nginx-logo.png
+/poweredby.png

.nginx.metadata

@@ -1,2 +0,0 @@
-77ce4d26481b62f7a9d83e399454df0912f01a4b SOURCES/nginx-1.16.1.tar.gz
-2ec82988cd0d9b1304c95a16b28eff70f0f69abc SOURCES/poweredby.png

gating.yaml

@@ -0,0 +1,9 @@
+--- !Policy
+product_versions:
+  - rhel-9
+decision_context: osci_compose_gate
+rules:
+  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier1.functional}
+  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier2.functional}
+  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.tier3.functional}
+  - !PassingTestCaseRule {test_case_name: baseos-ci.brew-build.acceptance-tier.functional}

nginx-1.16.0-CVE-2021-23017.patch

@@ -0,0 +1,24 @@
+diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c
+index 593645d..064ec7a 100644
+--- a/src/core/ngx_resolver.c
++++ b/src/core/ngx_resolver.c
+@@ -3992,15 +3992,15 @@ done:
+             n = *src++;
+ 
+         } else {
++            if (dst != name->data) {
++                *dst++ = '.';
++            }
++
+             ngx_strlow(dst, src, n);
+             dst += n;
+             src += n;
+ 
+             n = *src++;
+-
+-            if (n != 0) {
+-                *dst++ = '.';
+-            }
+         }
+ 
+         if (n == 0) {

nginx-1.16.1-CVE-2019-20372.patch

@@ -0,0 +1,17 @@
+diff --git a/src/http/ngx_http_special_response.c b/src/http/ngx_http_special_response.c
+index 4ffb2cc8ad..76e6705889 100644
+--- a/src/http/ngx_http_special_response.c
++++ b/src/http/ngx_http_special_response.c
+@@ -623,6 +623,12 @@ ngx_http_send_error_page(ngx_http_request_t *r, ngx_http_err_page_t *err_page)
+         return ngx_http_named_location(r, &uri);
+     }
+ 
++    r->expect_tested = 1;
++
++    if (ngx_http_discard_request_body(r) != NGX_OK) {
++        r->keepalive = 0;
++    }
++
+     location = ngx_list_push(&r->headers_out.headers);
+ 
+     if (location == NULL) {

nginx.spec

@@ -19,7 +19,7 @@
 Name:              nginx
 Epoch:             1
 Version:           1.16.1
-Release:           1%{?dist}
+Release:           3%{?dist}
 
 Summary:           A high performance web server and reverse proxy server
 Group:             System Environment/Daemons
@@ -59,6 +59,12 @@ Patch3:            nginx-1.14.1-perl-module-hardening.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=1643647
 Patch4:            nginx-1.16.0-enable-tls1v3-by-default.patch
 
+# https://bugzilla.redhat.com/show_bug.cgi?id=1790277
+Patch5:            nginx-1.16.1-CVE-2019-20372.patch
+
+# https://bugzilla.redhat.com/show_bug.cgi?id=1963121
+Patch6:            nginx-1.16.0-CVE-2021-23017.patch
+
 %if 0%{?with_gperftools}
 BuildRequires:     gperftools-devel
 %endif
@@ -189,6 +195,8 @@ Requires:          nginx
 %patch2 -p1
 %patch3 -p1
 %patch4 -p1
+%patch5 -p1
+%patch6 -p1
 
 cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} .
 
@@ -461,6 +469,15 @@ fi
 
 
 %changelog
+* Wed May 26 2021 Luboš Uhliarik <luhliari@redhat.com> - 1:1.16.1-3
+- Resolves: #1963175 - CVE-2021-23017 nginx:1.16/nginx: Off-by-one
+  in ngx_resolver_copy() when labels are followed by a pointer to a root
+  domain name
+
+* Mon Nov 23 2020 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-2
+- Resolves: #1798230 - CVE-2019-20372 nginx:1.16/nginx: HTTP request smuggling
+  via error pages in http/ngx_http_special_response.c
+
 * Thu Aug 29 2019 Lubos Uhliarik <luhliari@redhat.com> - 1:1.16.1-1
 - update to 1.16.1
 - Resolves: #1745697 - CVE-2019-9511 nginx:1.16/nginx: HTTP/2: large amount

sources

@@ -0,0 +1,3 @@
+SHA512 (nginx-1.16.1.tar.gz) = 17e95b43fa47d4fef5e652dea587518e16ab5ec562c9c94355c356440166d4b6a6a41ee520d406e5a34791a327d2e3c46b3f9b105ac9ce07afdd495c49eca437
+SHA512 (nginx-logo.png) = d4e739d62ff80df9124ca74c318520f28b50d9b3eed2928575fedaa9357f21f596167ba827a498b984495d6067c789d313a4261475c9e2802a2c55e2f50d55f7
+SHA512 (poweredby.png) = 7509986e2ced0f0b77813efdaf51d02cf6716863fd1a767a80bd096065086abb9f0f2691b50a72058cbfa2e3df08759b0deb13e0a0e78de97e314dab315a7cca