Accepting request 895436 from home:13ilya:branches:server:http

- Update to 1.20.1 * https://nginx.org/en/CHANGES * 1-byte memory overwrite might occur during DNS server response processing if the "resolver" directive was used, allowing an attacker who is able to forge UDP packets from the DNS server to cause worker process crash or, potentially, arbitrary code execution (CVE-2021-23017). OBS-URL: https://build.opensuse.org/request/show/895436 OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=203
2021-05-26 02:51:51 +00:00 · 2021-05-26 02:51:51 +00:00 · 5b6c245592
commit 5b6c245592
parent 83750ddf69
6 changed files with 25 additions and 15 deletions
--- a/nginx-1.20.0.tar.gz
+++ b/nginx-1.20.0.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:54ef91ec8ebcaa486c640c09c92d832eaeaff149b10ee52ef140f407b1b04d1c
-size 1061070
--- a/nginx-1.20.0.tar.gz.asc
+++ b/nginx-1.20.0.tar.gz.asc
@ -1,10 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-
-iQEcBAABCAAGBQJgfue4AAoJEFIKmZOhwFL4SkkH/jpg8qiBxqdgDe1YC2dxsoPf
-/a97suEIf89J3Wxor5JuhTWnGz9sMSl7z3/dGyuOp6kqVPFG9Kei3YA7fVO6wMa7
-4sy+L/zugnnoiDtJ3f7s4GjMs4ohWV8T9+G8IJBtvAPLYQxtqGj4kDBJbuqgHSEw
-/yO0otZ0igGecgIdOGOU85Jx6NxVwK3aXE7BUpMNFqpuJ1qbSDqaNnEXg9geGVm4
-eUIkfsEhyIHCpYmY21OSH+Dbcdy2Nqtc7ZTSdl7jsvefMCVDcOd0/i/ZYTRfOxE0
-n/OsTOjOrgkY6KxjcJMdQyO4jhgS0n1Z5yntVskyONxfJbwlExERD62XRfHlA78=
-=EpMI
-----END PGP SIGNATURE-----
--- a/nginx-1.20.1.tar.gz
+++ b/nginx-1.20.1.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e462e11533d5c30baa05df7652160ff5979591d291736cfa5edb9fd2edb48c49
+size 1061461
--- a/nginx-1.20.1.tar.gz.asc
+++ b/nginx-1.20.1.tar.gz.asc
@ -0,0 +1,10 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQEcBAABCAAGBQJgrPDQAAoJEFIKmZOhwFL4dlIH/RFvUn4wiazXVujdm1df2/Q5
+b+NVlr+O9WZ2Mb35dooOshG/G2wVjI95Cd5NU6svulJ05uv6tGgHA0CUZP6PLqIm
+4os5QcgbEbfdDbfQEw7wyc831DqiBPwzk/xt954vsqwzX3mkXvUNTEYpynguwN1J
+2iMb/bFRSlLZkKGbKOmLMO7iav0r88qtpmQIzG1mFTDg3leH0q3hEMAJl7pIicYd
+Of3+/EHnM8CXORtA1q6YTLbcHAzhSmjdrMyw+RQGQkxoPtdj9vwL4Z6Wk8+6dDK7
+dVBaiKp80tDM/iJizPbkbrBVbnR/9W48+QBC7tmOJMuj2c1Q/kvwJg9CLyHlqCU=
+=tPti
+-----END PGP SIGNATURE-----
--- a/nginx.changes
+++ b/nginx.changes
@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Wed May 26 02:44:27 UTC 2021 - Илья Индиго <ilya@ilya.pp.ua>
+
+- Update to 1.20.1
+  * https://nginx.org/en/CHANGES
+  * 1-byte memory overwrite might occur during DNS server response processing
+    if the "resolver" directive was used, allowing an attacker who is able to
+    forge UDP packets from the DNS server to cause worker process crash or,
+    potentially, arbitrary code execution (CVE-2021-23017).
+
 -------------------------------------------------------------------
 Wed Apr 21 04:54:21 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>

--- a/nginx.spec
+++ b/nginx.spec
@ -23,7 +23,7 @@
 %bcond_with    ngx_google_perftools
 #
 Name:           nginx
-Version:        1.20.0
+Version:        1.20.1
 Release:        0
 Summary:        A HTTP server and IMAP/POP3 proxy server
 License:        BSD-2-Clause
@ -83,8 +83,8 @@ It has been running on many heavily loaded Russian sites for more than two years
 Summary:        VIM support for nginx config files
 Group:          Productivity/Text/Editors
 %requires_eq    vim
-BuildArch:      noarch
 Supplements:    (nginx and vim_client)
+BuildArch:      noarch

 %description -n vim-plugin-nginx
 nginx [engine x] is a HTTP server and IMAP/POP3 proxy server written by Igor Sysoev.