Accepting request 1030026 from home:stroeder:network

Updated to 1.23.2

OBS-URL: https://build.opensuse.org/request/show/1030026
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=233

nginx-1.23.1.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:5eee1bd1c23e3b9477a45532f1f36ae6178b43d571a9607e6953cef26d5df1e2
-size 1104352

nginx-1.23.1.tar.gz.asc

@@ -1,14 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQHEBAABCAAuFiEEE8gqY7YDV2FW4wpOoOqYG2aw2WcFAmLWv/wQHGsucGF2bG92
-QGY1LmNvbQAKCRCg6pgbZrDZZ4QJC/4025219nTTLuSjQ11K8v4R6DAdZVRAkx5S
-d9VL4LIrZOGGOnE2jCTRT9W+kSqGhI4h8SgY8ny8B/fCD26rIL+7SnTVy5ifqcTp
-9L8/1kCmVrcraR5v+jbuo/PV3Ij+rmRPEQlOoPyWsj+IK9qN2RboxQTDjlHsUoda
-HDsGkCbm1iYxxvrNZTs1/dgGaHpbgEGA7V4JebksLy4lcPCr142B+H7SV1+jlbZE
-LX8wBn7mEBRVVjnHxVntBjbpzMsy4oLDBkduO6L3VLb1HHG3T7FnO6sqqWhvFpYs
-HOdRFR/ndsQsJ6ej8uX8s7z+OvK+XrW5EmDIXC501PFlfiMW7kpHXsQX5vloUZVF
-0z3N4mJNEIR+4fQzVWqkCCOojMLrfW3w5ClSAC/70oUO4/2W/m5A5xmOV+i1CngO
-eq8BR6n3z7x9Dj42Ce2a9PB8MJNYyUKYU/qwxCjoBp3yXpGp7Dj9qNk1HxjNbzgQ
-fkmfgrzPhhotW86luOtyj8YGJeAg0zE=
-=j6Zi
------END PGP SIGNATURE-----

nginx-1.23.2.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a80cc272d3d72aaee70aa8b517b4862a635c0256790434dbfc4d618a999b0b46
+size 1108243

nginx-1.23.2.tar.gz.asc

@@ -0,0 +1,14 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQHEBAABCAAuFiEEE8gqY7YDV2FW4wpOoOqYG2aw2WcFAmNPwSoQHGsucGF2bG92
+QGY1LmNvbQAKCRCg6pgbZrDZZ1WDDACZQADQTx/UoKYArnf2C/inL1Ogz/icfaHe
+Wy+r/x8NLZVCM34TTVQGLjdSAByOIf3Syj7vRdxv+pYTMOQj/qkdep/llrtSKs01
+eex0/ctiSZIgkBJMrqoZgRIbblo56mpion6axvk5fK7cKR76TvMm3Z7Sz8EMjMUu
+vCMP/PcIcvA3v6e/Y4tmL+d3vbgPqLrwMqYw0eQHWlU6+uaXxDAQ75URRm5BazMS
+OeueGQcD67m8gxmfRS4bOI7v+hVT7B+90bXwbpiVWK7sZ07a+AuUmx9OefGVBUOZ
+/ZfuijnGhFLIRJvvm/QfsRlkPFpwsxOOZINPLHb4NoODs7KBANVf0tKvRtTPXT2R
+8cJiiK8oGS65jtHyQnWgDe59DnmasMU3pwZxCMfKbfsayJ0LpyWOYu+4rruXmiAf
+PkKyJ0v9UqhDosuG1FSaoqI+hOm4r9RLZmZRDkEU2VF6AoKcQnDrv66wnfqhb2Qx
+vdvVPYygGl6e4HslpFtj7/v42Ib6USI=
+=uIfV
+-----END PGP SIGNATURE-----

nginx.changes

@@ -1,3 +1,27 @@
+-------------------------------------------------------------------
+Wed Oct 19 14:06:29 UTC 2022 - Michael Ströder <michael@stroeder.com>
+
+- Updated to 1.23.2
+  * Security: processing of a specially crafted mp4 file by the
+    ngx_http_mp4_module might cause a worker process crash, worker
+    process memory disclosure, or might have potential other impact
+    (CVE-2022-41741, CVE-2022-41742).
+  * Feature: the "$proxy_protocol_tlv_..." variables.
+  * Feature: TLS session tickets encryption keys are now automatically
+    rotated when using shared memory in the "ssl_session_cache"
+    directive.
+  * Change: the logging level of the "bad record type" SSL errors has
+    been lowered from "crit" to "info".
+  * Change: now when using shared memory in the "ssl_session_cache"
+    directive the "could not allocate new session" errors are logged at
+    the "warn" level instead of "alert" and not more often than once per second.
+  * Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x.
+  * Bugfix: in logging of the PROXY protocol errors.
+  * Workaround: shared memory from the "ssl_session_cache" directive was
+    spent on sessions using TLS session tickets when using TLSv1.3 with OpenSSL.
+  * Workaround: timeout specified with the "ssl_session_timeout"
+    directive did not work when using TLSv1.3 with OpenSSL or BoringSSL.
+
 -------------------------------------------------------------------
 Tue Jul 19 17:47:28 UTC 2022 - Michael Ströder <michael@stroeder.com>
 

nginx.spec

@@ -23,7 +23,7 @@
 %bcond_with    ngx_google_perftools
 #
 Name:           nginx
-Version:        1.23.1
+Version:        1.23.2
 Release:        0
 Summary:        A HTTP server and IMAP/POP3 proxy server
 License:        BSD-2-Clause