Merge pull request #66582 (nginx security updates)
This addresses CVE-2019-9511, CVE-2019-9513 and CVE-2019-9516. Details
about these vulnerabilities can be found at:
216433296d/advisories/third-party/2019-002.md
Version 1.16.1 only includes the security fixes, however version 1.17.3
has two additional bugfixes:
* "zero size buf" alerts might appear in logs when using gzipping; the
bug had appeared in 1.17.2.
* a segmentation fault might occur in a worker process if the
"resolver" directive was used in SMTP proxy.
I haven't extensively tested this, but from a quick test, nginx is still
working and the NixOS tests also succeed.
Thanks to @Izorkin for the pull request.
This commit is contained in:
commit
3e78331d96
2 changed files with 4 additions and 4 deletions
|
@ -1,6 +1,6 @@
|
||||||
{ callPackage, ... }@args:
|
{ callPackage, ... }@args:
|
||||||
|
|
||||||
callPackage ./generic.nix (args // {
|
callPackage ./generic.nix (args // {
|
||||||
version = "1.17.2";
|
version = "1.17.3";
|
||||||
sha256 = "1v39gslwbvpfhqqv74q0lkfrhrwsp59xc8pwhvxns7af8s3kccsy";
|
sha256 = "0g0g9prwjy0rnv6n5smny5yl5dhnmflqdr3hwgyj5jpr5hfgx11v";
|
||||||
})
|
})
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{ callPackage, ... } @ args:
|
{ callPackage, ... } @ args:
|
||||||
|
|
||||||
callPackage ./generic.nix (args // {
|
callPackage ./generic.nix (args // {
|
||||||
version = "1.16.0";
|
version = "1.16.1";
|
||||||
sha256 = "0i8krbi1pc39myspwlvb8ck969c8207hz84lh3qyg5w7syx7dlsg";
|
sha256 = "0az3vf463b538ajvaq94hsz9ipmjgnamfj1jy0v5flfks5njl77i";
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in a new issue