pool/nginx
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 397292 from server:http

Browse Source 
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/397292
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=3
This commit is contained in:
Dominique Leuenberger 2016-05-24 07:35:16 +00:00 committed by Git OBS Bridge
commit 84ebc0ae10
9 changed files with 398 additions and 177 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
nginx-0.4.0-no_Werror.patch
View File

@ -1,13 +0,0 @@
Index: auto/cc/gcc
===================================================================
--- auto/cc/gcc.orig
+++ auto/cc/gcc
@@ -168,7 +168,7 @@ esac
# stop on warning
-CFLAGS="$CFLAGS -Werror"
+CFLAGS="$CFLAGS"
# debug
CFLAGS="$CFLAGS -g"

14
nginx-0.6.38-html.patch
View File

@ -1,14 +0,0 @@
Index: auto/install
===================================================================
--- auto/install.orig
+++ auto/install
@@ -147,8 +147,7 @@ install: $NGX_OBJS${ngx_dirsep}nginx${ng
test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' || \
mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`'
- test -d '\$(DESTDIR)$NGX_PREFIX/html' \
- || cp -R $NGX_HTML '\$(DESTDIR)$NGX_PREFIX'
+ test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r docs/html '\$(DESTDIR)/srv/www/htdocs'
END

11
nginx-1.0.15_docs.patch
View File

@ -1,11 +0,0 @@
--- auto/install
+++ auto/install
@@ -147,7 +147,7 @@
test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' || \
mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`'
- test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r docs/html '\$(DESTDIR)/srv/www/htdocs'
+ test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r html '\$(DESTDIR)/srv/www/htdocs'
END

13
nginx-1.10.0-html.patch Normal file
View File

@ -0,0 +1,13 @@
diff -ur nginx-1.10.0.orig/auto/install nginx-1.10.0/auto/install
--- nginx-1.10.0.orig/auto/install 2016-05-06 09:12:12.617492168 +0200
+++ nginx-1.10.0/auto/install 2016-05-06 09:30:12.164261301 +0200
@@ -154,8 +154,7 @@
test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' \\
|| mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`'
- test -d '\$(DESTDIR)$NGX_PREFIX/html' \\
- || cp -R $NGX_HTML '\$(DESTDIR)$NGX_PREFIX'
+ test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r html '\$(DESTDIR)/srv/www/htdocs'
END

11
nginx-1.10.0-no_Werror.patch Normal file
View File

@ -0,0 +1,11 @@
--- nginx-1.10.0.orig/auto/cc/gcc 2016-05-06 09:12:12.617492168 +0200
+++ nginx-1.10.0/auto/cc/gcc 2016-05-06 10:07:04.218072918 +0200
@@ -173,7 +173,7 @@
# stop on warning
-CFLAGS="$CFLAGS -Werror"
+CFLAGS="$CFLAGS"
# debug
CFLAGS="$CFLAGS -g"

3
nginx-1.10.0.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8ed647c3dd65bc4ced03b0e0f6bf9e633eff6b01bac772bcf97077d58bc2be4d
size 908954

3
nginx-1.8.1.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8f4b3c630966c044ec72715754334d1fdf741caa1d5795fb4646c27d09f797b7
size 833473

478
nginx.changes
View File

@ -1,3 +1,239 @@
-------------------------------------------------------------------
Sun May 15 05:34:35 UTC 2016 - mrueckert@suse.de
- enable slice and stream module
-------------------------------------------------------------------
Fri May 6 07:05:56 UTC 2016 - dmacvicar@suse.de
- update to version 1.10.0 stable
* Bugfix: "recv() failed" errors might occur when using HHVM as a
FastCGI server.
* Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
directives a timeout or a "client violated flow control" error might
occur while reading client request body; the bug had appeared in
1.9.14.
* Workaround: a response might not be shown by some browsers if HTTP/2
was used and client request body was not fully read; the bug had
appeared in 1.9.14.
* Bugfix: connections might hang when using the "aio threads"
directive.
Thanks to Mindaugas Rasiukevicius.
* Feature: OpenSSL 1.1.0 compatibility.
* Feature: the "proxy_request_buffering", "fastcgi_request_buffering",
"scgi_request_buffering", and "uwsgi_request_buffering" directives
now work with HTTP/2.
* Bugfix: "zero size buf in output" alerts might appear in logs when
using HTTP/2.
* Bugfix: the "client_max_body_size" directive might work incorrectly
when using HTTP/2.
* Bugfix: of minor bugs in logging.
* Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
passed to the next server by default if a request has been sent to a
backend; the "non_idempotent" parameter of the "proxy_next_upstream"
directive explicitly allows retrying such requests.
* Feature: the ngx_http_perl_module can be built dynamically.
* Feature: UDP support in the stream module.
* Feature: the "aio_write" directive.
* Feature: now cache manager monitors number of elements in caches and
tries to avoid cache keys zone overflows.
* Bugfix: "task already active" and "second aio post" alerts might
appear in logs when using the "sendfile" and "aio" directives with
subrequests.
* Bugfix: "zero size buf in output" alerts might appear in logs if
caching was used and a client closed a connection prematurely.
* Bugfix: connections with clients might be closed needlessly if
caching was used.
Thanks to Justin Li.
* Bugfix: nginx might hog CPU if the "sendfile" directive was used on
Linux or Solaris and a file being sent was changed during sending.
* Bugfix: connections might hang when using the "sendfile" and "aio
threads" directives.
* Bugfix: in the "proxy_pass", "fastcgi_pass", "scgi_pass", and
"uwsgi_pass" directives when using variables.
Thanks to Piotr Sikora.
* Bugfix: in the ngx_http_sub_filter_module.
* Bugfix: if an error occurred in a cached backend connection, the
request was passed to the next server regardless of the
proxy_next_upstream directive.
* Bugfix: "CreateFile() failed" errors when creating temporary files on
Windows.
* Feature: Huffman encoding of response headers in HTTP/2.
Thanks to Vlad Krasnov.
* Feature: the "worker_cpu_affinity" directive now supports more than
64 CPUs.
* Bugfix: compatibility with 3rd party C++ modules; the bug had
appeared in 1.9.11.
Thanks to Piotr Sikora.
* Bugfix: nginx could not be built statically with OpenSSL on Linux;
the bug had appeared in 1.9.11.
* Bugfix: the "add_header ... always" directive with an empty value did
not delete "Last-Modified" and "ETag" header lines from error
responses.
* Workaround: "called a function you should not call" and "shutdown
while in init" messages might appear in logs when using OpenSSL
1.0.2f.
* Bugfix: invalid headers might be logged incorrectly.
* Bugfix: socket leak when using HTTP/2.
* Bugfix: in the ngx_http_v2_module.
* Feature: TCP support in resolver.
* Feature: dynamic modules.
* Bugfix: the $request_length variable did not include size of request
headers when using HTTP/2.
* Bugfix: in the ngx_http_v2_module.
* Security: invalid pointer dereference might occur during DNS server
response processing if the "resolver" directive was used, allowing an
attacker who is able to forge UDP packets from the DNS server to
cause segmentation fault in a worker process (CVE-2016-0742).
* Security: use-after-free condition might occur during CNAME response
processing if the "resolver" directive was used, allowing an attacker
who is able to trigger name resolution to cause segmentation fault in
a worker process, or might have potential other impact
(CVE-2016-0746).
* Security: CNAME resolution was insufficiently limited if the
"resolver" directive was used, allowing an attacker who is able to
trigger arbitrary name resolution to cause excessive resource
consumption in worker processes (CVE-2016-0747).
* Feature: the "auto" parameter of the "worker_cpu_affinity" directive.
* Bugfix: the "proxy_protocol" parameter of the "listen" directive did
not work with IPv6 listen sockets.
* Bugfix: connections to upstream servers might be cached incorrectly
when using the "keepalive" directive.
* Bugfix: proxying used the HTTP method of the original request after
an "X-Accel-Redirect" redirection.
* Bugfix: proxying to unix domain sockets did not work when using
variables; the bug had appeared in 1.9.8.
* Feature: pwritev() support.
* Feature: the "include" directive inside the "upstream" block.
* Feature: the ngx_http_slice_module.
* Bugfix: a segmentation fault might occur in a worker process when
using LibreSSL; the bug had appeared in 1.9.6.
* Bugfix: nginx could not be built on OS X in some cases.
* Feature: the "nohostname" parameter of logging to syslog.
* Feature: the "proxy_cache_convert_head" directive.
* Feature: the $realip_remote_addr variable in the
ngx_http_realip_module.
* Bugfix: the "expires" directive might not work when using variables.
* Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2; the bug had appeared in 1.9.6.
* Bugfix: if nginx was built with the ngx_http_v2_module it was
possible to use the HTTP/2 protocol even if the "http2" parameter of
the "listen" directive was not specified.
* Bugfix: in the ngx_http_v2_module.
* Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2.
Thanks to Piotr Sikora and Denis Andzakovic.
* Bugfix: the $server_protocol variable was empty when using HTTP/2.
* Bugfix: backend SSL connections in the stream module might be timed
out unexpectedly.
* Bugfix: a segmentation fault might occur in a worker process if
different ssl_session_cache settings were used in different virtual
servers.
* Bugfix: nginx/Windows could not be built with MinGW gcc; the bug had
appeared in 1.9.4.
Thanks to Kouhei Sutou.
* Bugfix: time was not updated when the timer_resolution directive was
used on Windows.
* Miscellaneous minor fixes and improvements.
Thanks to Markus Linnala, Kurtis Nusbaum and Piotr Sikora.
* Feature: the ngx_http_v2_module (replaces ngx_http_spdy_module).
Thanks to Dropbox and Automattic for sponsoring this work.
* Change: now the "output_buffers" directive uses two buffers by
default.
* Change: now nginx limits subrequests recursion, not simultaneous
subrequests.
* Change: now nginx checks the whole cache key when returning a
response from cache.
Thanks to Gena Makhomed and Sergey Brester.
* Bugfix: "header already sent" alerts might appear in logs when using
cache; the bug had appeared in 1.7.5.
* Bugfix: "writev() failed (4: Interrupted system call)" errors might
appear in logs when using CephFS and the "timer_resolution" directive
on Linux.
* Bugfix: in invalid configurations handling.
Thanks to Markus Linnala.
* Bugfix: a segmentation fault occurred in a worker process if the
"sub_filter" directive was used at http level; the bug had appeared
in 1.9.4.
* Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
directives of the stream module are replaced with the
"proxy_buffer_size" directive.
* Feature: the "tcp_nodelay" directive in the stream module.
* Feature: multiple "sub_filter" directives can be used simultaneously.
* Feature: variables support in the search string of the "sub_filter"
directive.
* Workaround: configuration testing might fail under Linux OpenVZ.
Thanks to Gena Makhomed.
* Bugfix: old worker processes might hog CPU after reconfiguration with
a large number of worker_connections.
* Bugfix: a segmentation fault might occur in a worker process if the
"try_files" and "alias" directives were used inside a location given
by a regular expression; the bug had appeared in 1.7.1.
* Bugfix: the "try_files" directive inside a nested location given by a
regular expression worked incorrectly if the "alias" directive was
used in the outer location.
* Bugfix: in hash table initialization error handling.
* Bugfix: nginx could not be built with Visual Studio 2015.
* Change: duplicate "http", "mail", and "stream" blocks are now
disallowed.
* Feature: connection limiting in the stream module.
* Feature: data rate limiting in the stream module.
* Bugfix: the "zone" directive inside the "upstream" block did not work
on Windows.
* Bugfix: compatibility with LibreSSL in the stream module.
Thanks to Piotr Sikora.
* Bugfix: in the "--builddir" configure parameter.
Thanks to Piotr Sikora.
* Bugfix: the "ssl_stapling_file" directive did not work; the bug had
appeared in 1.9.2.
Thanks to Faidon Liambotis and Brandon Black.
* Bugfix: a segmentation fault might occur in a worker process if the
"ssl_stapling" directive was used; the bug had appeared in 1.9.2.
Thanks to Matthew Baldwin.
* Feature: the "backlog" parameter of the "listen" directives of the
mail proxy and stream modules.
* Feature: the "allow" and "deny" directives in the stream module.
* Feature: the "proxy_bind" directive in the stream module.
* Feature: the "proxy_protocol" directive in the stream module.
* Feature: the -T switch.
* Feature: the REQUEST_SCHEME parameter added to the fastcgi.conf,
fastcgi_params, scgi_params, and uwsgi_params standard configuration
files.
* Bugfix: the "reuseport" parameter of the "listen" directive of the
stream module did not work.
* Bugfix: OCSP stapling might return an expired OCSP response in some
cases.
* Change: now SSLv3 protocol is disabled by default.
* Change: some long deprecated directives are not supported anymore.
* Feature: the "reuseport" parameter of the "listen" directive.
Thanks to Yingqi Lu at Intel and Sepherosa Ziehau.
* Feature: the $upstream_connect_time variable.
* Bugfix: in the "hash" directive on big-endian platforms.
* Bugfix: nginx might fail to start on some old Linux variants; the bug
had appeared in 1.7.11.
* Bugfix: in IP address parsing.
Thanks to Sergey Polovko.
* Change: obsolete aio and rtsig event methods have been removed.
* Feature: the "zone" directive inside the "upstream" block.
* Feature: the stream module.
* Feature: byte ranges support in the ngx_http_memcached_module.
Thanks to Martin Mlynář.
* Feature: shared memory can now be used on Windows versions with
address space layout randomization.
Thanks to Sergey Brester.
* Feature: the "error_log" directive can now be used on mail and server
levels in mail proxy.
* Bugfix: the "proxy_protocol" parameter of the "listen" directive did
not work if not specified in the first "listen" directive for a
listen socket.
- removed patches already present upstream
* nginx-0.4.0-no_Werror.patch
- refreshed patches
* nginx-0.6.38-html.patch to nginx-1.10.0-html.patch
* nginx-0.4.0-no_Werror.patch to nginx-1.10.0-no_Werror.patch
* merged nginx-1.0.15_docs.patch in nginx-1.10.0-html.patch
- config option with-http_spdy_module is now with-http_v2_module
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Jan 28 01:36:01 UTC 2016 - i@marguerite.su Thu Jan 28 01:36:01 UTC 2016 - i@marguerite.su
@ -167,38 +403,38 @@ Wed Mar 19 10:04:14 UTC 2014 - aj@ajaissle.de
- Update to nginx 1.4.7 - Update to nginx 1.4.7
- Changelog nginx 1.4.7 - Changelog nginx 1.4.7
*) Security: a heap memory buffer overflow might occur in a worker * Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133). execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr. Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr.
Manuel Sadosky, Buenos Aires, Argentina. Manuel Sadosky, Buenos Aires, Argentina.
*) Bugfix: in the "fastcgi_next_upstream" directive. * Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas. Thanks to Lucas Molas.
- Changelog nginx 1.4.6 - Changelog nginx 1.4.6
*) Bugfix: the "client_max_body_size" directive might not work when * Bugfix: the "client_max_body_size" directive might not work when
reading a request body using chunked transfer encoding; the bug had reading a request body using chunked transfer encoding; the bug had
appeared in 1.3.9. appeared in 1.3.9.
Thanks to Lucas Molas. Thanks to Lucas Molas.
*) Bugfix: a segmentation fault might occur in a worker process when * Bugfix: a segmentation fault might occur in a worker process when
proxying WebSocket connections. proxying WebSocket connections.
- Changelog nginx 1.4.5 - Changelog nginx 1.4.5
*) Bugfix: the $ssl_session_id variable contained full session * Bugfix: the $ssl_session_id variable contained full session
serialized instead of just a session id. serialized instead of just a session id.
Thanks to Ivan Ristić. Thanks to Ivan Ristić.
*) Bugfix: client connections might be immediately closed if deferred * Bugfix: client connections might be immediately closed if deferred
accept was used; the bug had appeared in 1.3.15. accept was used; the bug had appeared in 1.3.15.
*) Bugfix: alerts "zero size buf in output" might appear in logs while * Bugfix: alerts "zero size buf in output" might appear in logs while
proxying; the bug had appeared in 1.3.9. proxying; the bug had appeared in 1.3.9.
*) Bugfix: a segmentation fault might occur in a worker process if the * Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used. ngx_http_spdy_module was used.
*) Bugfix: proxied WebSocket connections might hang right after * Bugfix: proxied WebSocket connections might hang right after
handshake if the select, poll, or /dev/poll methods were used. handshake if the select, poll, or /dev/poll methods were used.
*) Bugfix: a timeout might occur while reading client request body in an * Bugfix: a timeout might occur while reading client request body in an
SSL connection using chunked transfer encoding. SSL connection using chunked transfer encoding.
*) Bugfix: memory leak in nginx/Windows. * Bugfix: memory leak in nginx/Windows.
- Updated Url (nginx.org instead of www.nginx.net) - Updated Url (nginx.org instead of www.nginx.net)
- Added nginx.rpmlintrc as Source100 - Added nginx.rpmlintrc as Source100
@ -372,43 +608,43 @@ Thu Oct 11 14:53:37 UTC 2012 - suse@ammler.ch
- remove version from package name - remove version from package name
- update to 1.2.4 - update to 1.2.4
*) Bugfix: in the "limit_req" directive; the bug had appeared in 1.1.14. * Bugfix: in the "limit_req" directive; the bug had appeared in 1.1.14.
Thanks to Charles Chen. Thanks to Charles Chen.
*) Bugfix: nginx could not be built by gcc 4.7 with -O2 optimization if * Bugfix: nginx could not be built by gcc 4.7 with -O2 optimization if
the --with-ipv6 option was used. the --with-ipv6 option was used.
*) Bugfix: a segmentation fault might occur in a worker process if the * Bugfix: a segmentation fault might occur in a worker process if the
"map" directive was used with variables as values. "map" directive was used with variables as values.
*) Bugfix: a segmentation fault might occur in a worker process if the * Bugfix: a segmentation fault might occur in a worker process if the
"geo" directive was used with the "ranges" parameter but without the "geo" directive was used with the "ranges" parameter but without the
"default" parameter; the bug had appeared in 0.8.43. "default" parameter; the bug had appeared in 0.8.43.
Thanks to Zhen Chen and Weibin Yao. Thanks to Zhen Chen and Weibin Yao.
*) Bugfix: in the -p command-line parameter handling. * Bugfix: in the -p command-line parameter handling.
*) Bugfix: in the mail proxy server. * Bugfix: in the mail proxy server.
*) Bugfix: of minor potential bugs. * Bugfix: of minor potential bugs.
Thanks to Coverity. Thanks to Coverity.
- Changes with nginx 1.2.3 - Changes with nginx 1.2.3
*) Feature: the Clang compiler support. * Feature: the Clang compiler support.
*) Bugfix: extra listening sockets might be created. * Bugfix: extra listening sockets might be created.
Thanks to Roman Odaisky. Thanks to Roman Odaisky.
*) Bugfix: the "proxy_pass_header", "fastcgi_pass_header", * Bugfix: the "proxy_pass_header", "fastcgi_pass_header",
"scgi_pass_header", "uwsgi_pass_header", "proxy_hide_header", "scgi_pass_header", "uwsgi_pass_header", "proxy_hide_header",
"fastcgi_hide_header", "scgi_hide_header", and "uwsgi_hide_header" "fastcgi_hide_header", "scgi_hide_header", and "uwsgi_hide_header"
directives might be inherited incorrectly. directives might be inherited incorrectly.
*) Bugfix: trailing dot in a source value was not ignored if the "map" * Bugfix: trailing dot in a source value was not ignored if the "map"
directive was used with the "hostnames" parameter. directive was used with the "hostnames" parameter.
*) Bugfix: incorrect location might be used to process a request if a * Bugfix: incorrect location might be used to process a request if a
URI was changed via a "rewrite" directive before an internal redirect URI was changed via a "rewrite" directive before an internal redirect
to a named location. to a named location.
- update patch perl_vendor_install - update patch perl_vendor_install
@ -438,12 +674,12 @@ Mon Apr 16 08:42:51 UTC 2012 - schubi@suse.com
- Update to version 1.0.15 - Update to version 1.0.15
Changes with nginx 1.0.15 12 Apr 2012 Changes with nginx 1.0.15 12 Apr 2012
*) Security: specially crafted mp4 file might allow to overwrite memory * Security: specially crafted mp4 file might allow to overwrite memory
locations in a worker process if the ngx_http_mp4_module was used, locations in a worker process if the ngx_http_mp4_module was used,
potentially resulting in arbitrary code execution (CVE-2012-2089). potentially resulting in arbitrary code execution (CVE-2012-2089).
Thanks to Matthew Daley. Thanks to Matthew Daley.
*) Bugfix: in the ngx_http_mp4_module. * Bugfix: in the ngx_http_mp4_module.
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Mar 16 14:16:44 UTC 2012 - schubi@suse.com Fri Mar 16 14:16:44 UTC 2012 - schubi@suse.com
@ -452,7 +688,7 @@ Fri Mar 16 14:16:44 UTC 2012 - schubi@suse.com
Changes with nginx 1.0.14 15 Mar 2012 Changes with nginx 1.0.14 15 Mar 2012
*) Security: content of previously freed memory might be sent to a * Security: content of previously freed memory might be sent to a
client if backend returned specially crafted response. client if backend returned specially crafted response.
Thanks to Matthew Daley. Thanks to Matthew Daley.
@ -463,132 +699,132 @@ Tue Mar 13 09:49:05 UTC 2012 - schubi@suse.com
Changes with nginx 1.0.13 05 Mar 2012 Changes with nginx 1.0.13 05 Mar 2012
*) Feature: the "return" and "error_page" directives can now be used to * Feature: the "return" and "error_page" directives can now be used to
return 307 redirections. return 307 redirections.
*) Bugfix: a segmentation fault might occur in a worker process if the * Bugfix: a segmentation fault might occur in a worker process if the
"resolver" directive was used and there was no "error_log" directive "resolver" directive was used and there was no "error_log" directive
specified at global level. specified at global level.
Thanks to Roman Arutyunyan. Thanks to Roman Arutyunyan.
*) Bugfix: memory leaks. * Bugfix: memory leaks.
Thanks to Lanshun Zhou. Thanks to Lanshun Zhou.
*) Bugfix: nginx might log incorrect error "upstream prematurely closed * Bugfix: nginx might log incorrect error "upstream prematurely closed
connection" instead of correct "upstream sent too big header" one. connection" instead of correct "upstream sent too big header" one.
Thanks to Feibo Li. Thanks to Feibo Li.
*) Bugfix: on ZFS filesystem disk cache size might be calculated * Bugfix: on ZFS filesystem disk cache size might be calculated
incorrectly; the bug had appeared in 1.0.1. incorrectly; the bug had appeared in 1.0.1.
*) Bugfix: the number of internal redirects to named locations was not * Bugfix: the number of internal redirects to named locations was not
limited. limited.
*) Bugfix: temporary files might be not removed if the "proxy_store" * Bugfix: temporary files might be not removed if the "proxy_store"
directive was used with SSI includes. directive was used with SSI includes.
*) Bugfix: in some cases non-cacheable variables (such as the $args * Bugfix: in some cases non-cacheable variables (such as the $args
variable) returned old empty cached value. variable) returned old empty cached value.
*) Bugfix: the "proxy_redirect" directives might be inherited * Bugfix: the "proxy_redirect" directives might be inherited
incorrectly. incorrectly.
*) Bugfix: nginx could not be built with the ngx_http_perl_module if the * Bugfix: nginx could not be built with the ngx_http_perl_module if the
--with-openssl option was used. --with-openssl option was used.
*) Bugfix: nginx could not be built by the icc 12.1 compiler. * Bugfix: nginx could not be built by the icc 12.1 compiler.
Changes with nginx 1.0.12 06 Feb 2012 Changes with nginx 1.0.12 06 Feb 2012
*) Feature: the "TLSv1.1" and "TLSv1.2" parameters of the * Feature: the "TLSv1.1" and "TLSv1.2" parameters of the
"ssl_protocols" directive. "ssl_protocols" directive.
*) Feature: the "if" SSI command supports captures in regular * Feature: the "if" SSI command supports captures in regular
expressions. expressions.
*) Bugfix: the "if" SSI command did not work inside the "block" command. * Bugfix: the "if" SSI command did not work inside the "block" command.
*) Bugfix: in AIO error handling on FreeBSD. * Bugfix: in AIO error handling on FreeBSD.
*) Bugfix: in the OpenSSL library initialization. * Bugfix: in the OpenSSL library initialization.
*) Bugfix: the "worker_cpu_affinity" directive might not work. * Bugfix: the "worker_cpu_affinity" directive might not work.
*) Bugfix: the "limit_conn_log_level" and "limit_req_log_level" * Bugfix: the "limit_conn_log_level" and "limit_req_log_level"
directives might not work. directives might not work.
*) Bugfix: the "read_ahead" directive might not work combined with * Bugfix: the "read_ahead" directive might not work combined with
"try_files" and "open_file_cache". "try_files" and "open_file_cache".
*) Bugfix: the "proxy_cache_use_stale" directive with "error" parameter * Bugfix: the "proxy_cache_use_stale" directive with "error" parameter
did not return answer from cache if there were no live upstreams. did not return answer from cache if there were no live upstreams.
*) Bugfix: a segmentation fault might occur in a worker process if small * Bugfix: a segmentation fault might occur in a worker process if small
time was used in the "inactive" parameter of the "proxy_cache_path" time was used in the "inactive" parameter of the "proxy_cache_path"
directive. directive.
*) Bugfix: responses from cache might hang. * Bugfix: responses from cache might hang.
*) Bugfix: in error handling while connecting to a backend. * Bugfix: in error handling while connecting to a backend.
Thanks to Piotr Sikora. Thanks to Piotr Sikora.
*) Bugfix: in the "epoll" event method. * Bugfix: in the "epoll" event method.
Thanks to Yichun Zhang. Thanks to Yichun Zhang.
*) Bugfix: the $sent_http_cache_control variable might contain a wrong * Bugfix: the $sent_http_cache_control variable might contain a wrong
value if the "expires" directive was used. value if the "expires" directive was used.
Thanks to Yichun Zhang. Thanks to Yichun Zhang.
*) Bugfix: the "limit_rate" directive did not allow to use full * Bugfix: the "limit_rate" directive did not allow to use full
throughput, even if limit value was very high. throughput, even if limit value was very high.
*) Bugfix: the "sendfile_max_chunk" directive did not work, if the * Bugfix: the "sendfile_max_chunk" directive did not work, if the
"limit_rate" directive was used. "limit_rate" directive was used.
*) Bugfix: nginx could not be built on Solaris; the bug had appeared in * Bugfix: nginx could not be built on Solaris; the bug had appeared in
1.0.11. 1.0.11.
*) Bugfix: in the ngx_http_scgi_module. * Bugfix: in the ngx_http_scgi_module.
*) Bugfix: in the ngx_http_mp4_module. * Bugfix: in the ngx_http_mp4_module.
Changes with nginx 1.0.11 15 Dec 2011 Changes with nginx 1.0.11 15 Dec 2011
*) Change: now double quotes are encoded in an "echo" SSI-command * Change: now double quotes are encoded in an "echo" SSI-command
output. output.
Thanks to Zaur Abasmirzoev. Thanks to Zaur Abasmirzoev.
*) Feature: the "image_filter_sharpen" directive. * Feature: the "image_filter_sharpen" directive.
*) Bugfix: a segmentation fault might occur in a worker process if SNI * Bugfix: a segmentation fault might occur in a worker process if SNI
was used; the bug had appeared in 1.0.9. was used; the bug had appeared in 1.0.9.
*) Bugfix: SIGWINCH signal did not work after first binary upgrade; the * Bugfix: SIGWINCH signal did not work after first binary upgrade; the
bug had appeared in 1.0.9. bug had appeared in 1.0.9.
*) Bugfix: the "If-Modified-Since", "If-Range", etc. client request * Bugfix: the "If-Modified-Since", "If-Range", etc. client request
header lines might be passed to backend while caching; or not passed header lines might be passed to backend while caching; or not passed
without caching if caching was enabled in another part of the without caching if caching was enabled in another part of the
configuration. configuration.
*) Bugfix: in the "scgi_param" directive, if complex parameters were * Bugfix: in the "scgi_param" directive, if complex parameters were
used. used.
*) Bugfix: "add_header" and "expires" directives did not work if a * Bugfix: "add_header" and "expires" directives did not work if a
request was proxied and response status code was 206. request was proxied and response status code was 206.
*) Bugfix: in the "expires @time" directive. * Bugfix: in the "expires @time" directive.
*) Bugfix: in the ngx_http_flv_module. * Bugfix: in the ngx_http_flv_module.
Thanks to Piotr Sikora. Thanks to Piotr Sikora.
*) Bugfix: in the ngx_http_mp4_module. * Bugfix: in the ngx_http_mp4_module.
*) Bugfix: nginx could not be built on FreeBSD 10. * Bugfix: nginx could not be built on FreeBSD 10.
*) Bugfix: nginx could not be built on AIX. * Bugfix: nginx could not be built on AIX.
------------------------------------------------------------------- -------------------------------------------------------------------
@ -603,14 +839,14 @@ Fri Nov 18 12:56:55 UTC 2011 - schubi@suse.com
- Uppstream update to 1.0.10 - Uppstream update to 1.0.10
Changes with nginx 1.0.10 Changes with nginx 1.0.10
*) Bugfix: a segmentation fault might occur in a worker process if * Bugfix: a segmentation fault might occur in a worker process if
resolver got a big DNS response. resolver got a big DNS response.
Thanks to Ben Hawkes. Thanks to Ben Hawkes.
*) Bugfix: in cache key calculation if internal MD5 implementation was * Bugfix: in cache key calculation if internal MD5 implementation was
used; the bug had appeared in 1.0.4. used; the bug had appeared in 1.0.4.
*) Bugfix: the module ngx_http_mp4_module sent incorrect * Bugfix: the module ngx_http_mp4_module sent incorrect
"Content-Length" response header line if the "start" argument was "Content-Length" response header line if the "start" argument was
used. used.
Thanks to Piotr Sikora. Thanks to Piotr Sikora.
@ -618,151 +854,151 @@ Fri Nov 18 12:56:55 UTC 2011 - schubi@suse.com
Changes with nginx 1.0.9 Changes with nginx 1.0.9
*) Change: now the 0x7F-0x1F characters are escaped as \xXX in an * Change: now the 0x7F-0x1F characters are escaped as \xXX in an
access_log. access_log.
*) Change: now SIGWINCH signal works only in daemon mode. * Change: now SIGWINCH signal works only in daemon mode.
*) Feature: "proxy/fastcgi/scgi/uwsgi_ignore_headers" directives support * Feature: "proxy/fastcgi/scgi/uwsgi_ignore_headers" directives support
the following additional values: X-Accel-Limit-Rate, the following additional values: X-Accel-Limit-Rate,
X-Accel-Buffering, X-Accel-Charset. X-Accel-Buffering, X-Accel-Charset.
*) Feature: decrease of memory consumption if SSL is used. * Feature: decrease of memory consumption if SSL is used.
*) Feature: accept filters are now supported on NetBSD. * Feature: accept filters are now supported on NetBSD.
*) Feature: the "uwsgi_buffering" and "scgi_buffering" directives. * Feature: the "uwsgi_buffering" and "scgi_buffering" directives.
Thanks to Peter Smit. Thanks to Peter Smit.
*) Bugfix: a segmentation fault occurred on start or while * Bugfix: a segmentation fault occurred on start or while
reconfiguration if the "ssl" directive was used at http level and reconfiguration if the "ssl" directive was used at http level and
there was no "ssl_certificate" defined. there was no "ssl_certificate" defined.
*) Bugfix: some UTF-8 characters were processed incorrectly. * Bugfix: some UTF-8 characters were processed incorrectly.
Thanks to Alexey Kuts. Thanks to Alexey Kuts.
*) Bugfix: the ngx_http_rewrite_module directives specified at "server" * Bugfix: the ngx_http_rewrite_module directives specified at "server"
level were executed twice if no matching locations were defined. level were executed twice if no matching locations were defined.
*) Bugfix: a socket leak might occurred if "aio sendfile" was used. * Bugfix: a socket leak might occurred if "aio sendfile" was used.
*) Bugfix: connections with fast clients might be closed after * Bugfix: connections with fast clients might be closed after
send_timeout if file AIO was used. send_timeout if file AIO was used.
*) Bugfix: in the ngx_http_autoindex_module. * Bugfix: in the ngx_http_autoindex_module.
*) Bugfix: the module ngx_http_mp4_module did not support seeking on * Bugfix: the module ngx_http_mp4_module did not support seeking on
32-bit platforms. 32-bit platforms.
*) Bugfix: non-cacheable responses might be cached if * Bugfix: non-cacheable responses might be cached if
"proxy_cache_bypass" directive was used. "proxy_cache_bypass" directive was used.
Thanks to John Ferlito. Thanks to John Ferlito.
*) Bugfix: cached responses with an empty body were returned * Bugfix: cached responses with an empty body were returned
incorrectly; the bug had appeared in 0.8.31. incorrectly; the bug had appeared in 0.8.31.
*) Bugfix: 201 responses of the ngx_http_dav_module were incorrect; the * Bugfix: 201 responses of the ngx_http_dav_module were incorrect; the
bug had appeared in 0.8.32. bug had appeared in 0.8.32.
*) Bugfix: in the "return" directive. * Bugfix: in the "return" directive.
*) Bugfix: the "ssl_verify_client", "ssl_verify_depth", and * Bugfix: the "ssl_verify_client", "ssl_verify_depth", and
"ssl_prefer_server_ciphers" directives might work incorrectly if SNI "ssl_prefer_server_ciphers" directives might work incorrectly if SNI
was used. was used.
Changes with nginx 1.0.8 Changes with nginx 1.0.8
*) Bugfix: nginx could not be built --with-http_mp4_module and without * Bugfix: nginx could not be built --with-http_mp4_module and without
--with-debug option. --with-debug option.
Changes with nginx 1.0.7 Changes with nginx 1.0.7
*) Change: now if total size of all ranges is greater than source * Change: now if total size of all ranges is greater than source
response size, then nginx disables ranges and returns just the source response size, then nginx disables ranges and returns just the source
response. response.
*) Feature: the "max_ranges" directive. * Feature: the "max_ranges" directive.
*) Feature: the module ngx_http_mp4_module. * Feature: the module ngx_http_mp4_module.
*) Feature: the "worker_aio_requests" directive. * Feature: the "worker_aio_requests" directive.
*) Bugfix: if nginx was built --with-file-aio it could not be run on * Bugfix: if nginx was built --with-file-aio it could not be run on
Linux kernel which did not support AIO. Linux kernel which did not support AIO.
*) Bugfix: in Linux AIO error processing. * Bugfix: in Linux AIO error processing.
Thanks to Hagai Avrahami. Thanks to Hagai Avrahami.
*) Bugfix: in Linux AIO combined with open_file_cache. * Bugfix: in Linux AIO combined with open_file_cache.
*) Bugfix: open_file_cache did not update file info on retest if file * Bugfix: open_file_cache did not update file info on retest if file
was not atomically changed. was not atomically changed.
*) Bugfix: reduced memory consumption for long-lived requests. * Bugfix: reduced memory consumption for long-lived requests.
*) Bugfix: in the "proxy/fastcgi/scgi/uwsgi_ignore_client_abort" * Bugfix: in the "proxy/fastcgi/scgi/uwsgi_ignore_client_abort"
directives. directives.
*) Bugfix: nginx could not be built on MacOSX 10.7. * Bugfix: nginx could not be built on MacOSX 10.7.
*) Bugfix: request body might be processed incorrectly if client used * Bugfix: request body might be processed incorrectly if client used
pipelining. pipelining.
*) Bugfix: in the "request_body_in_single_buf" directive. * Bugfix: in the "request_body_in_single_buf" directive.
*) Bugfix: in "proxy_set_body" and "proxy_pass_request_body" directives * Bugfix: in "proxy_set_body" and "proxy_pass_request_body" directives
if SSL connection to backend was used. if SSL connection to backend was used.
*) Bugfix: nginx hogged CPU if all servers in an upstream were marked as * Bugfix: nginx hogged CPU if all servers in an upstream were marked as
"down". "down".
*) Bugfix: a segmentation fault might occur during reconfiguration if * Bugfix: a segmentation fault might occur during reconfiguration if
ssl_session_cache was defined but not used in previous configuration. ssl_session_cache was defined but not used in previous configuration.
*) Bugfix: a segmentation fault might occur in a worker process if many * Bugfix: a segmentation fault might occur in a worker process if many
backup servers were used in an upstream. backup servers were used in an upstream.
Changes with nginx 1.0.6 Changes with nginx 1.0.6
*) Feature: cache loader run time decrease. * Feature: cache loader run time decrease.
*) Feature: loading time decrease of configuration with large number of * Feature: loading time decrease of configuration with large number of
HTTPS sites. HTTPS sites.
*) Feature: now nginx supports ECDHE key exchange ciphers. * Feature: now nginx supports ECDHE key exchange ciphers.
Thanks to Adrian Kotelba. Thanks to Adrian Kotelba.
*) Feature: the "lingering_close" directive. * Feature: the "lingering_close" directive.
*) Feature: now shared zones and caches use POSIX semaphores on Solaris. * Feature: now shared zones and caches use POSIX semaphores on Solaris.
Thanks to Den Ivanov. Thanks to Den Ivanov.
*) Bugfix: nginx could not be built on Linux 3.0. * Bugfix: nginx could not be built on Linux 3.0.
*) Bugfix: a segmentation fault might occur in a worker process if * Bugfix: a segmentation fault might occur in a worker process if
"fastcgi/scgi/uwsgi_param" directives were used with values starting "fastcgi/scgi/uwsgi_param" directives were used with values starting
with "HTTP_"; the bug had appeared in 0.8.40. with "HTTP_"; the bug had appeared in 0.8.40.
*) Bugfix: in closing connection for pipelined requests. * Bugfix: in closing connection for pipelined requests.
*) Bugfix: nginx did not disable gzipping if client sent "gzip;q=0" in * Bugfix: nginx did not disable gzipping if client sent "gzip;q=0" in
"Accept-Encoding" request header line. "Accept-Encoding" request header line.
*) Bugfix: in timeout in unbuffered proxied mode. * Bugfix: in timeout in unbuffered proxied mode.
*) Bugfix: memory leaks when a "proxy_pass" directive contains variables * Bugfix: memory leaks when a "proxy_pass" directive contains variables
and proxies to an HTTPS backend. and proxies to an HTTPS backend.
*) Bugfix: in parameter validaiton of a "proxy_pass" directive with * Bugfix: in parameter validaiton of a "proxy_pass" directive with
variables. variables.
Thanks to Lanshun Zhou. Thanks to Lanshun Zhou.
*) Bugfix: SSL did not work on QNX. * Bugfix: SSL did not work on QNX.
*) Bugfix: SSL modules could not be built by gcc 4.6 without * Bugfix: SSL modules could not be built by gcc 4.6 without
--with-debug option. --with-debug option.
------------------------------------------------------------------- -------------------------------------------------------------------

29
nginx.spec
View File

@ -63,7 +63,7 @@
%endif %endif
# #
Name: nginx Name: nginx
Version: 1.8.1 Version: 1.10.0
Release: 0 Release: 0
%define fancyindex_version 0.3.5 %define fancyindex_version 0.3.5
Summary: A HTTP server and IMAP/POP3 proxy server Summary: A HTTP server and IMAP/POP3 proxy server
@ -76,18 +76,16 @@ Source2: nginx.logrotate
Source3: nginx.service Source3: nginx.service
Source4: https://github.com/aperezdc/ngx-fancyindex/archive/v%{fancyindex_version}/ngx-fancyindex-%{fancyindex_version}.tar.gz Source4: https://github.com/aperezdc/ngx-fancyindex/archive/v%{fancyindex_version}/ngx-fancyindex-%{fancyindex_version}.tar.gz
Source100: nginx.rpmlintrc Source100: nginx.rpmlintrc
# PATCH-FIX-UPSTREAM nginx-0.4.0-no_Werror.patch # PATCH-FIX-UPSTREAM nginx-1.10.0-no_Werror.patch
Patch0: nginx-0.4.0-no_Werror.patch Patch0: nginx-1.10.0-no_Werror.patch
# PATCH-FIX-UPSTREAM nginx-0.6.38-html.patch # PATCH-FIX-OPENSUSE nginx-1.10.0-html.patch
Patch2: nginx-0.6.38-html.patch Patch1: nginx-1.10.0-html.patch
# PATCH-FIX-UPSTREAM nginx-1.2.4-perl_vendor_install.patch # PATCH-FIX-UPSTREAM nginx-1.2.4-perl_vendor_install.patch
Patch3: nginx-1.2.4-perl_vendor_install.patch Patch2: nginx-1.2.4-perl_vendor_install.patch
# PATCH-FIX-UPSTREAM fix /etc/nginx/nginx.conf to suit Linux env # PATCH-FIX-UPSTREAM fix /etc/nginx/nginx.conf to suit Linux env
Patch4: nginx-1.6.1-default_config.patch Patch3: nginx-1.6.1-default_config.patch
# PATCH for fixing docs/html path
Patch5: nginx-1.0.15_docs.patch
# PATCH-FIX-UPSTREAM nginx-aio.patch fix support for Linux AIO # PATCH-FIX-UPSTREAM nginx-aio.patch fix support for Linux AIO
Patch6: nginx-aio.patch Patch4: nginx-aio.patch
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: gd-devel BuildRequires: gd-devel
BuildRequires: libxslt-devel BuildRequires: libxslt-devel
@ -130,12 +128,11 @@ It has been running on many heavily loaded Russian sites for more than two years
%else %else
%setup -q -n %{pkg_name}-%{version} %setup -q -n %{pkg_name}-%{version}
%endif %endif
%patch0 %patch0 -p1
%patch1 -p1
%patch2 %patch2
%patch3 %patch3
%patch4 %patch4 -p1
%patch5
%patch6 -p1
perl -pi -e 's|\r\n|\n|g' contrib/geo2nginx.pl perl -pi -e 's|\r\n|\n|g' contrib/geo2nginx.pl
@ -172,7 +169,7 @@ sed -i "s/\/var\/run/\/run/" %{_sourcedir}/nginx.init
--with-ipv6 \ --with-ipv6 \
--with-http_ssl_module \ --with-http_ssl_module \
%if %{with http2} %if %{with http2}
--with-http_spdy_module \ --with-http_v2_module \
%endif %endif
--with-http_realip_module \ --with-http_realip_module \
--with-http_addition_module \ --with-http_addition_module \
@ -189,10 +186,12 @@ sed -i "s/\/var\/run/\/run/" %{_sourcedir}/nginx.init
--with-http_random_index_module \ --with-http_random_index_module \
--with-http_secure_link_module \ --with-http_secure_link_module \
--with-http_degradation_module \ --with-http_degradation_module \
--with-http_slice_module \
--with-http_stub_status_module \ --with-http_stub_status_module \
--with-http_perl_module \ --with-http_perl_module \
--with-perl=%{_bindir}/perl \ --with-perl=%{_bindir}/perl \
--with-mail \ --with-mail \
--with-stream \
--with-mail_ssl_module \ --with-mail_ssl_module \
--with-pcre \ --with-pcre \
%if %{with libatomic} %if %{with libatomic}