UbuntuUpdates.org

Package "nginx-extras"

Name: nginx-extras

Description:

nginx web/proxy server (extended version)

Latest version: 1.10.3-0ubuntu0.16.04.5
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: nginx
Homepage: http://nginx.net

Links


Download "nginx-extras"


Other versions of "nginx-extras" in Xenial

Repository Area Version
base universe 1.9.15-0ubuntu1
security universe 1.10.3-0ubuntu0.16.04.5
PPA: Nginx 1.16.1-0+xenial1

Changelog

Version: 1.10.0-0ubuntu0.16.04.4 2016-10-28 04:07:39 UTC

  nginx (1.10.0-0ubuntu0.16.04.4) xenial-security; urgency=medium

  * SECURITY REGRESSION: config upgrade failure (LP: #1637058)
    - debian/nginx-common.config: fix return code so script doesn't exit.

 -- Marc Deslauriers <email address hidden> Thu, 27 Oct 2016 10:42:14 -0400

Source diff to previous version
1637058 nginx-common postinst execution fails when upgrading to or reinstalling 1.10.1-0ubuntu3

Version: 1.10.0-0ubuntu0.16.04.3 2016-10-25 22:06:34 UTC

  nginx (1.10.0-0ubuntu0.16.04.3) xenial-security; urgency=medium

  [ Christos Trochalakis ]
  * debian/nginx-common.postinst:
    + Secure log file handling (owner & permissions) against privilege
      escalation attacks. /var/log/nginx is now owned by root:adm.
      Thanks Dawid Golunski (http://legalhackers.com) for the report.
      Changing /var/log/nginx permissions effectively reopens #701112,
      since log files can be world-readable. This is a trade-off until
      a better log opening solution is implemented upstream (trac:376).
  * debian/control:
    Don't allow building against liblua5.1-0-dev on architectures
    that libluajit is available.

 -- Marc Deslauriers <email address hidden> Tue, 18 Oct 2016 11:02:16 +0200

Source diff to previous version

Version: 1.10.0-0ubuntu0.16.04.2 2016-06-02 19:06:48 UTC

  nginx (1.10.0-0ubuntu0.16.04.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Null pointer dereference while writing client request
    body (LP: #1587577)
    - debian/patches/cve-2016-4450.patch: Upstream patch to address issue.
    - CVE-2016-4450

 -- Thomas Ward <email address hidden> Tue, 31 May 2016 19:47:42 -0400

Source diff to previous version
1587577 [CVE-2016-4450] NULL pointer dereference while writing client request body

Version: 1.10.0-0ubuntu0.16.04.1 2016-04-27 03:06:32 UTC

  nginx (1.10.0-0ubuntu0.16.04.1) xenial-proposed; urgency=medium

  * Stable Release Update (LP: #1575212)
  * New upstream release (1.10.0) - full changelog available at upstream
    website - http://nginx.org/en/CHANGES-1.10
  * All Ubuntu specific changes from 1.9.15-0ubuntu1 remain included.
  * Additional changes:
    * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.

 -- Thomas Ward <email address hidden> Tue, 26 Apr 2016 10:21:29 -0400

1575212 [Xenial] [SRU] Update nginx to 1.10.0



About   -   Send Feedback to @ubuntu_updates