Merge pull request #66582 (nginx security updates)

This addresses CVE-2019-9511, CVE-2019-9513 and CVE-2019-9516. Details
about these vulnerabilities can be found at:

216433296d/advisories/third-party/2019-002.md

Version 1.16.1 only includes the security fixes, however version 1.17.3
has two additional bugfixes:

  * "zero size buf" alerts might appear in logs when using gzipping; the
    bug had appeared in 1.17.2.
  * a segmentation fault might occur in a worker process if the
    "resolver" directive was used in SMTP proxy.

I haven't extensively tested this, but from a quick test, nginx is still
working and the NixOS tests also succeed.

Thanks to @Izorkin for the pull request.
This commit is contained in:
aszlig 2019-08-14 18:17:38 +02:00
commit 3e78331d96
No known key found for this signature in database
GPG key ID: 684089CE67EBB691
2 changed files with 4 additions and 4 deletions

View file

@ -1,6 +1,6 @@
{ callPackage, ... }@args: { callPackage, ... }@args:
callPackage ./generic.nix (args // { callPackage ./generic.nix (args // {
version = "1.17.2"; version = "1.17.3";
sha256 = "1v39gslwbvpfhqqv74q0lkfrhrwsp59xc8pwhvxns7af8s3kccsy"; sha256 = "0g0g9prwjy0rnv6n5smny5yl5dhnmflqdr3hwgyj5jpr5hfgx11v";
}) })

View file

@ -1,6 +1,6 @@
{ callPackage, ... } @ args: { callPackage, ... } @ args:
callPackage ./generic.nix (args // { callPackage ./generic.nix (args // {
version = "1.16.0"; version = "1.16.1";
sha256 = "0i8krbi1pc39myspwlvb8ck969c8207hz84lh3qyg5w7syx7dlsg"; sha256 = "0az3vf463b538ajvaq94hsz9ipmjgnamfj1jy0v5flfks5njl77i";
}) })