diff --git a/nginx-1.23.1.tar.gz b/nginx-1.23.1.tar.gz deleted file mode 100644 index 073e5a0..0000000 --- a/nginx-1.23.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5eee1bd1c23e3b9477a45532f1f36ae6178b43d571a9607e6953cef26d5df1e2 -size 1104352 diff --git a/nginx-1.23.1.tar.gz.asc b/nginx-1.23.1.tar.gz.asc deleted file mode 100644 index 607089b..0000000 --- a/nginx-1.23.1.tar.gz.asc +++ /dev/null @@ -1,14 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQHEBAABCAAuFiEEE8gqY7YDV2FW4wpOoOqYG2aw2WcFAmLWv/wQHGsucGF2bG92 -QGY1LmNvbQAKCRCg6pgbZrDZZ4QJC/4025219nTTLuSjQ11K8v4R6DAdZVRAkx5S -d9VL4LIrZOGGOnE2jCTRT9W+kSqGhI4h8SgY8ny8B/fCD26rIL+7SnTVy5ifqcTp -9L8/1kCmVrcraR5v+jbuo/PV3Ij+rmRPEQlOoPyWsj+IK9qN2RboxQTDjlHsUoda -HDsGkCbm1iYxxvrNZTs1/dgGaHpbgEGA7V4JebksLy4lcPCr142B+H7SV1+jlbZE -LX8wBn7mEBRVVjnHxVntBjbpzMsy4oLDBkduO6L3VLb1HHG3T7FnO6sqqWhvFpYs -HOdRFR/ndsQsJ6ej8uX8s7z+OvK+XrW5EmDIXC501PFlfiMW7kpHXsQX5vloUZVF -0z3N4mJNEIR+4fQzVWqkCCOojMLrfW3w5ClSAC/70oUO4/2W/m5A5xmOV+i1CngO -eq8BR6n3z7x9Dj42Ce2a9PB8MJNYyUKYU/qwxCjoBp3yXpGp7Dj9qNk1HxjNbzgQ -fkmfgrzPhhotW86luOtyj8YGJeAg0zE= -=j6Zi ------END PGP SIGNATURE----- diff --git a/nginx-1.23.2.tar.gz b/nginx-1.23.2.tar.gz new file mode 100644 index 0000000..bf97584 --- /dev/null +++ b/nginx-1.23.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a80cc272d3d72aaee70aa8b517b4862a635c0256790434dbfc4d618a999b0b46 +size 1108243 diff --git a/nginx-1.23.2.tar.gz.asc b/nginx-1.23.2.tar.gz.asc new file mode 100644 index 0000000..f21b242 --- /dev/null +++ b/nginx-1.23.2.tar.gz.asc @@ -0,0 +1,14 @@ +-----BEGIN PGP SIGNATURE----- + +iQHEBAABCAAuFiEEE8gqY7YDV2FW4wpOoOqYG2aw2WcFAmNPwSoQHGsucGF2bG92 +QGY1LmNvbQAKCRCg6pgbZrDZZ1WDDACZQADQTx/UoKYArnf2C/inL1Ogz/icfaHe +Wy+r/x8NLZVCM34TTVQGLjdSAByOIf3Syj7vRdxv+pYTMOQj/qkdep/llrtSKs01 +eex0/ctiSZIgkBJMrqoZgRIbblo56mpion6axvk5fK7cKR76TvMm3Z7Sz8EMjMUu +vCMP/PcIcvA3v6e/Y4tmL+d3vbgPqLrwMqYw0eQHWlU6+uaXxDAQ75URRm5BazMS +OeueGQcD67m8gxmfRS4bOI7v+hVT7B+90bXwbpiVWK7sZ07a+AuUmx9OefGVBUOZ +/ZfuijnGhFLIRJvvm/QfsRlkPFpwsxOOZINPLHb4NoODs7KBANVf0tKvRtTPXT2R +8cJiiK8oGS65jtHyQnWgDe59DnmasMU3pwZxCMfKbfsayJ0LpyWOYu+4rruXmiAf +PkKyJ0v9UqhDosuG1FSaoqI+hOm4r9RLZmZRDkEU2VF6AoKcQnDrv66wnfqhb2Qx +vdvVPYygGl6e4HslpFtj7/v42Ib6USI= +=uIfV +-----END PGP SIGNATURE----- diff --git a/nginx.changes b/nginx.changes index bf16125..c47bb6a 100644 --- a/nginx.changes +++ b/nginx.changes @@ -1,3 +1,27 @@ +------------------------------------------------------------------- +Wed Oct 19 14:06:29 UTC 2022 - Michael Ströder + +- Updated to 1.23.2 + * Security: processing of a specially crafted mp4 file by the + ngx_http_mp4_module might cause a worker process crash, worker + process memory disclosure, or might have potential other impact + (CVE-2022-41741, CVE-2022-41742). + * Feature: the "$proxy_protocol_tlv_..." variables. + * Feature: TLS session tickets encryption keys are now automatically + rotated when using shared memory in the "ssl_session_cache" + directive. + * Change: the logging level of the "bad record type" SSL errors has + been lowered from "crit" to "info". + * Change: now when using shared memory in the "ssl_session_cache" + directive the "could not allocate new session" errors are logged at + the "warn" level instead of "alert" and not more often than once per second. + * Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x. + * Bugfix: in logging of the PROXY protocol errors. + * Workaround: shared memory from the "ssl_session_cache" directive was + spent on sessions using TLS session tickets when using TLSv1.3 with OpenSSL. + * Workaround: timeout specified with the "ssl_session_timeout" + directive did not work when using TLSv1.3 with OpenSSL or BoringSSL. + ------------------------------------------------------------------- Tue Jul 19 17:47:28 UTC 2022 - Michael Ströder diff --git a/nginx.spec b/nginx.spec index bd69082..87076ae 100644 --- a/nginx.spec +++ b/nginx.spec @@ -23,7 +23,7 @@ %bcond_with ngx_google_perftools # Name: nginx -Version: 1.23.1 +Version: 1.23.2 Release: 0 Summary: A HTTP server and IMAP/POP3 proxy server License: BSD-2-Clause