Change-Id: Iec061829576977265e592cafff1fd758f92585bb
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/1759
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,15 @@ |
0 |
+--- src/os/unix/ngx_files.c |
|
1 |
+@@ -356,6 +356,11 @@ |
|
2 |
+ n = 0; |
|
3 |
+ |
|
4 |
+ for ( /* void */ ; cl; cl = cl->next) { |
|
5 |
++ |
|
6 |
++ if (ngx_buf_special(cl->buf)) { |
|
7 |
++ continue; |
|
8 |
++ } |
|
9 |
++ |
|
10 |
+ size = cl->buf->last - cl->buf->pos; |
|
11 |
+ |
|
12 |
+ if (prev == cl->buf->pos) { |
|
13 |
+ |
... | ... |
@@ -1,31 +1,33 @@ |
1 |
-Summary: High-performance HTTP server and reverse proxy |
|
2 |
-Name: nginx |
|
3 |
-Version: 1.10.0 |
|
4 |
-Release: 4%{?dist} |
|
5 |
-License: BSD-2-Clause |
|
6 |
-URL: http://nginx.org/download/nginx-1.10.0.tar.gz |
|
7 |
-Group: Applications/System |
|
8 |
-Vendor: VMware, Inc. |
|
1 |
+Summary: High-performance HTTP server and reverse proxy |
|
2 |
+Name: nginx |
|
3 |
+Version: 1.10.0 |
|
4 |
+Release: 5%{?dist} |
|
5 |
+License: BSD-2-Clause |
|
6 |
+URL: http://nginx.org/download/nginx-1.10.0.tar.gz |
|
7 |
+Group: Applications/System |
|
8 |
+Vendor: VMware, Inc. |
|
9 | 9 |
Distribution: Photon |
10 |
-Source0: %{name}-%{version}.tar.gz |
|
10 |
+Source0: %{name}-%{version}.tar.gz |
|
11 | 11 |
%define sha1 nginx=7a452cfe37e4134481442dbfa3fbdac6f484c5bc |
12 |
-Source1: nginx.service |
|
13 |
-BuildRequires: openssl-devel |
|
12 |
+Source1: nginx.service |
|
13 |
+Patch0: nginx-CVE-2016-4450.patch |
|
14 |
+BuildRequires: openssl-devel |
|
14 | 15 |
BuildRequires: pcre-devel |
15 | 16 |
%description |
16 | 17 |
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. |
17 | 18 |
|
18 | 19 |
%prep |
19 | 20 |
%setup -q |
21 |
+%patch0 |
|
20 | 22 |
%build |
21 | 23 |
./configure \ |
22 |
- --prefix=%{_sysconfdir}//nginx \ |
|
23 |
- --sbin-path=/usr/sbin/nginx \ |
|
24 |
- --conf-path=/etc/nginx/nginx.conf \ |
|
25 |
- --pid-path=/var/run/nginx.pid \ |
|
26 |
- --lock-path=/var/run/nginx.lock \ |
|
27 |
- --error-log-path=/var/log/nginx/error.log \ |
|
28 |
- --http-log-path=/var/log/nginx/access.log \ |
|
24 |
+ --prefix=%{_sysconfdir}//nginx \ |
|
25 |
+ --sbin-path=/usr/sbin/nginx \ |
|
26 |
+ --conf-path=/etc/nginx/nginx.conf \ |
|
27 |
+ --pid-path=/var/run/nginx.pid \ |
|
28 |
+ --lock-path=/var/run/nginx.lock \ |
|
29 |
+ --error-log-path=/var/log/nginx/error.log \ |
|
30 |
+ --http-log-path=/var/log/nginx/access.log \ |
|
29 | 31 |
--with-http_ssl_module \ |
30 | 32 |
--with-pcre \ |
31 | 33 |
--with-ipv6 |
... | ... |
@@ -45,11 +47,13 @@ install -p -m 0644 %{SOURCE1} %{buildroot}/usr/lib/systemd/system/nginx.service |
45 | 45 |
%dir %{_var}/log/nginx |
46 | 46 |
|
47 | 47 |
%changelog |
48 |
+* Fri Nov 18 2016 Anish Swaminathan <anishs@vmware.com> 1.10.0-5 |
|
49 |
+- Add patch for CVE-2016-4450 |
|
48 | 50 |
* Wed Jul 27 2016 Divya Thaluru<dthaluru@vmware.com> 1.10.0-4 |
49 | 51 |
- Removed packaging of debug files |
50 | 52 |
* Fri Jul 8 2016 Divya Thaluru<dthaluru@vmware.com> 1.10.0-3 |
51 | 53 |
- Modified default pid filepath and fixed nginx systemd service |
52 |
-* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 1.10.0-2 |
|
53 |
-- GA - Bump release of all rpms |
|
54 |
+* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 1.10.0-2 |
|
55 |
+- GA - Bump release of all rpms |
|
54 | 56 |
* Mon May 16 2016 Xiaolin Li <xiaolinl@vmware.com> 1.10.0-1 |
55 |
-- Initial build. First version |
|
57 |
+- Initial build. First version |