Commit Graph

210 Commits

Author SHA256 Message Date
Dominique Leuenberger
1196bc5434 Accepting request 1093008 from server:http
- Updated to 1.25.1
  * https://nginx.org/en/CHANGES
  * Added "http2" directive, which enables HTTP/2 on a per-server basis.
  * Deprecated "http2" parameter of the "listen" directive.
  * Removed HTTP/2 server push support.
  * Deprecated "ssl" directive is not supported anymore.

OBS-URL: https://build.opensuse.org/request/show/1093008
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=81
2023-06-16 14:53:02 +00:00
Илья Индиго
4dfab11efa Accepting request 1093007 from home:13ilya:branches:server:http
- Updated to 1.25.1
  * https://nginx.org/en/CHANGES
  * Added "http2" directive, which enables HTTP/2 on a per-server basis.
  * Deprecated "http2" parameter of the "listen" directive.
  * Removed HTTP/2 server push support.
  * Deprecated "ssl" directive is not supported anymore.

OBS-URL: https://build.opensuse.org/request/show/1093007
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=242
2023-06-14 05:11:52 +00:00
Dominique Leuenberger
57d23d16f2 Accepting request 1088736 from server:http
- Updated to 1.25.0
  * https://nginx.org/en/CHANGES
  * Added experimental HTTP/3 support.

OBS-URL: https://build.opensuse.org/request/show/1088736
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=80
2023-05-25 21:52:11 +00:00
Илья Индиго
8542efea64 Accepting request 1088735 from home:13ilya:branches:server:http
- Updated to 1.25.0
  * https://nginx.org/en/CHANGES
  * Added experimental HTTP/3 support.

OBS-URL: https://build.opensuse.org/request/show/1088735
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=240
2023-05-23 21:53:21 +00:00
Илья Индиго
b361273e1e Accepting request 1078810 from home:13ilya:branches:server:http
- Updated to stable branch 1.24.0.

OBS-URL: https://build.opensuse.org/request/show/1078810
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=239
2023-04-12 21:20:27 +00:00
Dominique Leuenberger
4ff2b66617 Accepting request 1075335 from server:http
- Updated to 1.23.4
  * https://nginx.org/en/CHANGES
  * Enabled TLSv1.3 protocol by default.
  * Supported byte ranges support in the ngx_http_gzip_static_module.
  * Fixed port ranges in the "listen" directive did not work.
  * Fixed incorrect location might be chosen to process a request if a
    prefix location longer than 255 characters.
  * Fixed a socket leak might occur when using HTTP/2 and the
    "error_page" directive to redirect errors with code 400.

OBS-URL: https://build.opensuse.org/request/show/1075335
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=79
2023-03-31 19:13:54 +00:00
Илья Индиго
d5a48c865c Accepting request 1075334 from home:13ilya:branches:server:http
- Updated to 1.23.4
  * https://nginx.org/en/CHANGES
  * Enabled TLSv1.3 protocol by default.
  * Supported byte ranges support in the ngx_http_gzip_static_module.
  * Fixed port ranges in the "listen" directive did not work.
  * Fixed incorrect location might be chosen to process a request if a
    prefix location longer than 255 characters.
  * Fixed a socket leak might occur when using HTTP/2 and the
    "error_page" directive to redirect errors with code 400.

OBS-URL: https://build.opensuse.org/request/show/1075334
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=237
2023-03-29 18:47:59 +00:00
Dominique Leuenberger
e5470b9df0 Accepting request 1043486 from server:http
- Updated to 1.23.3
  * Bugfix: an error might occur when reading PROXY protocol version 2
    header with large number of TLVs.
  * Bugfix: a segmentation fault might occur in a worker process if SSI
    was used to process subrequests created by other modules.
  * Workaround: when a hostname used in the "listen" directive resolves
    to multiple addresses, nginx now ignores duplicates within these
    addresses.
  * Bugfix: nginx might hog CPU during unbuffered proxying if SSL
    connections to backends were used.

OBS-URL: https://build.opensuse.org/request/show/1043486
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=78
2022-12-18 16:22:24 +00:00
Илья Индиго
6f82ef3ee6 Accepting request 1043482 from home:stroeder:network
Updated to 1.23.3

OBS-URL: https://build.opensuse.org/request/show/1043482
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=235
2022-12-17 20:51:20 +00:00
Dominique Leuenberger
5827373505 Accepting request 1030027 from server:http
- Updated to 1.23.2
  * Security: processing of a specially crafted mp4 file by the
    ngx_http_mp4_module might cause a worker process crash, worker
    process memory disclosure, or might have potential other impact
    (CVE-2022-41741, CVE-2022-41742).
  * Feature: the "$proxy_protocol_tlv_..." variables.
  * Feature: TLS session tickets encryption keys are now automatically
    rotated when using shared memory in the "ssl_session_cache"
    directive.
  * Change: the logging level of the "bad record type" SSL errors has
    been lowered from "crit" to "info".
  * Change: now when using shared memory in the "ssl_session_cache"
    directive the "could not allocate new session" errors are logged at
    the "warn" level instead of "alert" and not more often than once per second.
  * Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x.
  * Bugfix: in logging of the PROXY protocol errors.
  * Workaround: shared memory from the "ssl_session_cache" directive was
    spent on sessions using TLS session tickets when using TLSv1.3 with OpenSSL.
  * Workaround: timeout specified with the "ssl_session_timeout"
    directive did not work when using TLSv1.3 with OpenSSL or BoringSSL.

OBS-URL: https://build.opensuse.org/request/show/1030027
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=77
2022-10-22 12:12:45 +00:00
Илья Индиго
1febfe5d66 Accepting request 1030026 from home:stroeder:network
Updated to 1.23.2

OBS-URL: https://build.opensuse.org/request/show/1030026
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=233
2022-10-19 15:41:55 +00:00
Richard Brown
fe76f2c732 Accepting request 990292 from server:http
- Updated to 1.23.1
  * Feature: memory usage optimization in configurations with SSL proxying.
  * Feature: looking up of IPv4 addresses while resolving now can be
    disabled with the "ipv4=off" parameter of the "resolver" directive.
  * Change: the logging level of the "bad key share", "bad extension",
    "bad cipher", and "bad ecpoint" SSL errors has been lowered from "crit" to "info".
  * Bugfix: while returning byte ranges nginx did not remove the
    "Content-Range" header line if it was present in the original backend response.
  * Bugfix: a proxied response might be truncated during reconfiguration
    on Linux; the bug had appeared in 1.17.5.

OBS-URL: https://build.opensuse.org/request/show/990292
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=76
2022-07-22 17:20:12 +00:00
Илья Индиго
68accb1483 Accepting request 990290 from home:stroeder:network
Updated to 1.23.1

OBS-URL: https://build.opensuse.org/request/show/990290
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=231
2022-07-19 17:58:32 +00:00
Dominique Leuenberger
b5a96cd489 Accepting request 984278 from server:http
- Changed nginx.keyring to Konstantin Pavlov’s PGP public key.
- Removed nginx.init.
- Updated to 1.23.0
  * https://nginx.org/en/CHANGES
  * Now header lines are represented as linked lists.
  * Now nginx combines arbitrary header lines with identical
    names when sending to FastCGI, SCGI, and uwsgi backends, in the
    $r->header_in() method of the ngx_http_perl_module, and during lookup
    of the "$http_...", "$sent_http_...", "$sent_trailer_...",
    "$upstream_http_...", and "$upstream_trailer_..." variables.
  * Fixed: if there were multiple "Vary" header lines in the backend
    response, nginx only used the last of them when caching.
  * Fixed: if there were multiple "WWW-Authenticate" header lines in the
    backend response and errors with code 401 were intercepted or the
    "auth_request" directive was used, nginx only sent the first of the
    header lines to the client.
  * The logging level of the "application data after close
    notify" SSL errors has been lowered from "crit" to "info".
  * Fixed: connections might hang if nginx was built on Linux 2.6.17 or
    newer, but was used on systems without EPOLLRDHUP support, notably
    with epoll emulation layers; the bug had appeared in 1.17.5.
  * Fixed: nginx did not cache the response if the "Expires" response
    header line disabled caching, but following "Cache-Control" header
    line enabled caching.

OBS-URL: https://build.opensuse.org/request/show/984278
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=75
2022-06-24 06:45:10 +00:00
Илья Индиго
49be8b975a Accepting request 984277 from home:13ilya
- Changed nginx.keyring to Konstantin Pavlov’s PGP public key.
- Removed nginx.init.
- Updated to 1.23.0
  * https://nginx.org/en/CHANGES
  * Now header lines are represented as linked lists.
  * Now nginx combines arbitrary header lines with identical
    names when sending to FastCGI, SCGI, and uwsgi backends, in the
    $r->header_in() method of the ngx_http_perl_module, and during lookup
    of the "$http_...", "$sent_http_...", "$sent_trailer_...",
    "$upstream_http_...", and "$upstream_trailer_..." variables.
  * Fixed: if there were multiple "Vary" header lines in the backend
    response, nginx only used the last of them when caching.
  * Fixed: if there were multiple "WWW-Authenticate" header lines in the
    backend response and errors with code 401 were intercepted or the
    "auth_request" directive was used, nginx only sent the first of the
    header lines to the client.
  * The logging level of the "application data after close
    notify" SSL errors has been lowered from "crit" to "info".
  * Fixed: connections might hang if nginx was built on Linux 2.6.17 or
    newer, but was used on systems without EPOLLRDHUP support, notably
    with epoll emulation layers; the bug had appeared in 1.17.5.
  * Fixed: nginx did not cache the response if the "Expires" response
    header line disabled caching, but following "Cache-Control" header
    line enabled caching.

OBS-URL: https://build.opensuse.org/request/show/984277
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=229
2022-06-21 23:47:25 +00:00
Илья Индиго
a4da3ae6f4 Accepting request 984274 from home:13ilya
Test keyring for factory-auto.

OBS-URL: https://build.opensuse.org/request/show/984274
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=228
2022-06-21 23:35:17 +00:00
Илья Индиго
4539c3c0a0 Accepting request 984271 from home:13ilya
- Updated nginx.keyring.
- Removed nginx.init.
- Updated to 1.23.0
  * https://nginx.org/en/CHANGES
  * Now header lines are represented as linked lists.
  * Now nginx combines arbitrary header lines with identical
    names when sending to FastCGI, SCGI, and uwsgi backends, in the
    $r->header_in() method of the ngx_http_perl_module, and during lookup
    of the "$http_...", "$sent_http_...", "$sent_trailer_...",
    "$upstream_http_...", and "$upstream_trailer_..." variables.
  * Fixed: if there were multiple "Vary" header lines in the backend
    response, nginx only used the last of them when caching.
  * Fixed: if there were multiple "WWW-Authenticate" header lines in the
    backend response and errors with code 401 were intercepted or the
    "auth_request" directive was used, nginx only sent the first of the
    header lines to the client.
  * The logging level of the "application data after close
    notify" SSL errors has been lowered from "crit" to "info".
  * Fixed: connections might hang if nginx was built on Linux 2.6.17 or
    newer, but was used on systems without EPOLLRDHUP support, notably
    with epoll emulation layers; the bug had appeared in 1.17.5.
  * Fixed: nginx did not cache the response if the "Expires" response
    header line disabled caching, but following "Cache-Control" header
    line enabled caching.

OBS-URL: https://build.opensuse.org/request/show/984271
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=227
2022-06-21 23:27:46 +00:00
Илья Индиго
1272ec2e71 Accepting request 984266 from home:13ilya
- Updated nginx.keyring.
- Updated to 1.23.0
  * https://nginx.org/en/CHANGES
  * Now header lines are represented as linked lists.
  * Now nginx combines arbitrary header lines with identical
    names when sending to FastCGI, SCGI, and uwsgi backends, in the
    $r->header_in() method of the ngx_http_perl_module, and during lookup
    of the "$http_...", "$sent_http_...", "$sent_trailer_...",
    "$upstream_http_...", and "$upstream_trailer_..." variables.
  * Fixed: if there were multiple "Vary" header lines in the backend
    response, nginx only used the last of them when caching.
  * Fixed: if there were multiple "WWW-Authenticate" header lines in the
    backend response and errors with code 401 were intercepted or the
    "auth_request" directive was used, nginx only sent the first of the
    header lines to the client.
  * The logging level of the "application data after close
    notify" SSL errors has been lowered from "crit" to "info".
  * Fixed: connections might hang if nginx was built on Linux 2.6.17 or
    newer, but was used on systems without EPOLLRDHUP support, notably
    with epoll emulation layers; the bug had appeared in 1.17.5.
  * Fixed: nginx did not cache the response if the "Expires" response
    header line disabled caching, but following "Cache-Control" header
    line enabled caching.

OBS-URL: https://build.opensuse.org/request/show/984266
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=226
2022-06-21 22:52:57 +00:00
Илья Индиго
371e023fc6 OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=225 2022-05-24 19:05:30 +00:00
Илья Индиго
cf83f78146 OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=224 2022-05-24 19:03:56 +00:00
Илья Индиго
3ea9761da6 Accepting request 979031 from home:13ilya:branches:server:http
- Used pkgconfig wherever possible.
- Updated to 1.22.0 (1.22.x stable branch).

OBS-URL: https://build.opensuse.org/request/show/979031
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=223
2022-05-24 18:53:10 +00:00
Dominique Leuenberger
e257bf29d8 Accepting request 950462 from server:http
- Updated to 1.21.6
  * https://nginx.org/en/CHANGES
  * Fixed when using EPOLLEXCLUSIVE on Linux client connections were
    unevenly distributed among worker processes.
  * Fixed nginx returned the "Connection: keep-alive" header line in
    responses during graceful shutdown of old worker processes.
  * Fixed in the "ssl_session_ticket_key" when using TLSv1.3.

OBS-URL: https://build.opensuse.org/request/show/950462
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=74
2022-02-03 23:45:51 +00:00
Илья Индиго
a8cf90a0d7 Accepting request 950461 from home:13ilya:branches:server:http
- Updated to 1.21.6
  * https://nginx.org/en/CHANGES
  * Fixed when using EPOLLEXCLUSIVE on Linux client connections were
    unevenly distributed among worker processes.
  * Fixed nginx returned the "Connection: keep-alive" header line in
    responses during graceful shutdown of old worker processes.
  * Fixed in the "ssl_session_ticket_key" when using TLSv1.3.

OBS-URL: https://build.opensuse.org/request/show/950461
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=222
2022-02-01 14:57:10 +00:00
Dominique Leuenberger
2236b89ef3 Accepting request 943052 from server:http
- Updated to 1.21.5
  * https://nginx.org/en/CHANGES
  * Build with the PCRE2.
  * Supported the $ssl_curve variable.
  * Fixed connections might hang when using HTTP/2 without SSL
    with the "sendfile" and "aio" directives.

OBS-URL: https://build.opensuse.org/request/show/943052
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=73
2021-12-30 14:55:30 +00:00
Илья Индиго
7ec1081d5e Accepting request 943051 from home:13ilya:branches:server:http
- Updated to 1.21.5
  * https://nginx.org/en/CHANGES
  * Build with the PCRE2.
  * Supported the $ssl_curve variable.
  * Fixed connections might hang when using HTTP/2 without SSL
    with the "sendfile" and "aio" directives.

OBS-URL: https://build.opensuse.org/request/show/943051
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=221
2021-12-29 11:30:43 +00:00
Илья Индиго
0d561f8f31 Accepting request 943047 from home:AndreasStieger:branches:server:http
nginx 1.21.5

OBS-URL: https://build.opensuse.org/request/show/943047
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=220
2021-12-29 11:22:41 +00:00
Dominique Leuenberger
550410a145 Accepting request 930156 from server:http
- Updated to 1.21.4
  * https://nginx.org/en/CHANGES
  * Support for NPN instead of ALPN to establish HTTP/2
    connections has been removed.
  * Now nginx rejects SSL connections if ALPN is used by the
    client, but no supported protocols can be negotiated.
  * The default value of the "sendfile_max_chunk" directive was
    changed to 2 megabytes.
  * The "proxy_half_close" directive in the stream module.
  * The "ssl_alpn" directive in the stream module.
  * The $ssl_alpn_protocol variable.
  * Support for SSL_sendfile() when using OpenSSL 3.0.
  * The "mp4_start_key_frame" directive in the ngx_http_mp4_module.
  * In the $content_length variable when using chunked transfer encoding.
  * After receiving a response with incorrect length from a proxied
    backend nginx might nevertheless cache the connection.
  * Invalid headers from backends were logged at the "info" level
    instead of "error"; the bug had appeared in 1.21.1.
  * Requests might hang when using HTTP/2 and the "aio_write" directive.
- drop vim-plugin-nginx, now is provided directly by vim

OBS-URL: https://build.opensuse.org/request/show/930156
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=72
2021-11-09 22:54:00 +00:00
Илья Индиго
d8ce311b41 Accepting request 930155 from server:http
Revert to 217.

OBS-URL: https://build.opensuse.org/request/show/930155
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=219
2021-11-08 11:22:33 +00:00
Илья Индиго
9f0de93157 Accepting request 930116 from home:susnux:branches:server:http
- Add nginx-vim-syntax.patch
  * Fix the vim syntax file to work with vim 8, boo#1187888
    https://trac.nginx.org/nginx/ticket/2276

OBS-URL: https://build.opensuse.org/request/show/930116
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=218
2021-11-08 10:38:48 +00:00
Илья Индиго
e89e7af7f8 Accepting request 929778 from home:13ilya:branches:server:http
- Updated to 1.21.4
  * https://nginx.org/en/CHANGES
  * Support for NPN instead of ALPN to establish HTTP/2
    connections has been removed.
  * Now nginx rejects SSL connections if ALPN is used by the
    client, but no supported protocols can be negotiated.
  * The default value of the "sendfile_max_chunk" directive was
    changed to 2 megabytes.
  * The "proxy_half_close" directive in the stream module.
  * The "ssl_alpn" directive in the stream module.
  * The $ssl_alpn_protocol variable.
  * Support for SSL_sendfile() when using OpenSSL 3.0.
  * The "mp4_start_key_frame" directive in the ngx_http_mp4_module.
  * In the $content_length variable when using chunked transfer encoding.
  * After receiving a response with incorrect length from a proxied
    backend nginx might nevertheless cache the connection.
  * Invalid headers from backends were logged at the "info" level
    instead of "error"; the bug had appeared in 1.21.1.
  * Requests might hang when using HTTP/2 and the "aio_write" directive.

OBS-URL: https://build.opensuse.org/request/show/929778
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=217
2021-11-05 21:39:19 +00:00
Илья Индиго
ab143ca8c6 Accepting request 929740 from home:mimi_vx:branches:server:http
- drop vim-plugin-nginx, now is provided directly by vim

OBS-URL: https://build.opensuse.org/request/show/929740
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=216
2021-11-05 20:27:23 +00:00
Dominique Leuenberger
f7329e12b5 Accepting request 925491 from server:http
- Add CONFIG parameter to %sysusers_generate_pre
- Added hardening to systemd service(s) (bsc#1181400). Modified:
  * nginx.service

OBS-URL: https://build.opensuse.org/request/show/925491
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=71
2021-10-20 18:22:53 +00:00
Илья Индиго
7448a9c7db Accepting request 925488 from home:gmbr3:Active
- Add CONFIG parameter to %sysusers_generate_pre

OBS-URL: https://build.opensuse.org/request/show/925488
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=215
2021-10-15 14:30:55 +00:00
Илья Индиго
7f33063b38 Accepting request 924900 from home:jsegitz:branches:systemdhardening:server:http
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort

OBS-URL: https://build.opensuse.org/request/show/924900
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=214
2021-10-12 14:29:14 +00:00
Dominique Leuenberger
457d9802dd Accepting request 918014 from server:http
- Updated to 1.21.3
  * https://nginx.org/en/CHANGES
  * Optimization of client request body reading when using HTTP/2.
  * Fixed request body filters internal API when using HTTP/2 and
    buffering of the data being processed.

OBS-URL: https://build.opensuse.org/request/show/918014
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=70
2021-09-16 21:14:30 +00:00
Илья Индиго
66f5bdebd0 Accepting request 918013 from home:13ilya
- Updated to 1.21.3
  * https://nginx.org/en/CHANGES
  * Optimization of client request body reading when using HTTP/2.
  * Fixed request body filters internal API when using HTTP/2 and
    buffering of the data being processed.

OBS-URL: https://build.opensuse.org/request/show/918013
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=213
2021-09-10 17:53:00 +00:00
Dominique Leuenberger
5fa1477078 Accepting request 915419 from server:http
- Updated to 1.21.2
  * https://nginx.org/en/CHANGES
  * Now nginx rejects HTTP/1.0 requests with the "Transfer-Encoding" header line.
  * Export ciphers are no longer supported.
  * Added OpenSSL 3.0 compatibility.
  * Added the "Auth-SSL-Protocol" and "Auth-SSL-Cipher" header lines
    are now passed to the mail proxy authentication server.
  * Added request body filters API now permits buffering of the data being processed.
  * Fixed backend SSL connections in the stream module might hang after an SSL handshake.
  * Fixed the security level, which is available in OpenSSL 1.1.0 or newer,
    did not affect loading of the server certificates when set
    with "@SECLEVEL=N" in the "ssl_ciphers" directive.
  * Fixed SSL connections with gRPC backends might hang if select, poll,
    or /dev/poll methods were used.
  * Fixed when using HTTP/2 client request body was always written to
    disk if the "Content-Length" header line was not present in the request.

OBS-URL: https://build.opensuse.org/request/show/915419
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=69
2021-09-03 19:25:25 +00:00
Илья Индиго
919c95c500 Accepting request 915418 from home:13ilya:branches:server:http
- Updated to 1.21.2
  * https://nginx.org/en/CHANGES
  * Now nginx rejects HTTP/1.0 requests with the "Transfer-Encoding" header line.
  * Export ciphers are no longer supported.
  * Added OpenSSL 3.0 compatibility.
  * Added the "Auth-SSL-Protocol" and "Auth-SSL-Cipher" header lines
    are now passed to the mail proxy authentication server.
  * Added request body filters API now permits buffering of the data being processed.
  * Fixed backend SSL connections in the stream module might hang after an SSL handshake.
  * Fixed the security level, which is available in OpenSSL 1.1.0 or newer,
    did not affect loading of the server certificates when set
    with "@SECLEVEL=N" in the "ssl_ciphers" directive.
  * Fixed SSL connections with gRPC backends might hang if select, poll,
    or /dev/poll methods were used.
  * Fixed when using HTTP/2 client request body was always written to
    disk if the "Content-Length" header line was not present in the request.

OBS-URL: https://build.opensuse.org/request/show/915418
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=212
2021-09-01 07:19:48 +00:00
Dominique Leuenberger
ba4c2dd167 Accepting request 904635 from server:http
OBS-URL: https://build.opensuse.org/request/show/904635
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=68
2021-07-11 23:24:38 +00:00
Илья Индиго
3073eba3e8 Accepting request 904634 from home:13ilya:branches:server:http
- Updated to 1.21.1
  * https://nginx.org/en/CHANGES
  * Now nginx always returns an error for the CONNECT method.
  * Now nginx always returns an error if both "Content-Length"
    and "Transfer-Encoding" header lines are present in the request.
  * Now nginx always returns an error if spaces or control
    characters are used in the request line.
  * Now nginx always returns an error if spaces or control
    characters are used in a header name.
  * Now nginx always returns an error if spaces or control
    characters are used in the "Host" request header line.
  * Optimization of configuration testing when using many
    listening sockets.
  * Fixed: nginx did not escape """, "<", ">", "\", "^", "`", "{", "|",
    and "}" characters when proxying with changed URI.
  * Fixed: SSL variables might be empty when used in logs; the bug had
    appeared in 1.19.5.
  * Fixed: keepalive connections with gRPC backends might not be closed
    after receiving a GOAWAY frame.
  * Fixed: reduced memory consumption for long-lived requests when
    proxying with more than 64 buffers.

OBS-URL: https://build.opensuse.org/request/show/904634
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=211
2021-07-07 19:01:27 +00:00
Dominique Leuenberger
f41257e939 Accepting request 900390 from server:http
OBS-URL: https://build.opensuse.org/request/show/900390
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=67
2021-06-19 21:02:00 +00:00
Илья Индиго
8075b49267 Accepting request 900388 from home:fschnizlein:branches:server:http
Fix race condition between nginx and logrotate causing mass reopening of files
(bsc#1183876).

OBS-URL: https://build.opensuse.org/request/show/900388
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=209
2021-06-16 13:39:51 +00:00
Dominique Leuenberger
9ff35ce3e5 Accepting request 896986 from server:http
- Updated to 1.21.0
  * https://nginx.org/en/CHANGES
  * Added variables support in the "proxy_ssl_certificate",
    "proxy_ssl_certificate_key" "grpc_ssl_certificate",
    "grpc_ssl_certificate_key", "uwsgi_ssl_certificate", and
    "uwsgi_ssl_certificate_key" directives.
  * Added the "max_errors" directive in the mail proxy module.
  * Added the mail proxy module supports POP3 and IMAP pipelining.
  * Added the "fastopen" parameter of the "listen" directive in the
    stream module.
  * Fixed special characters were not escaped during automatic redirect
    with appended trailing slash.
  * Fixed connections with clients in the mail proxy module might be
    closed unexpectedly when using SMTP pipelining.

OBS-URL: https://build.opensuse.org/request/show/896986
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=66
2021-06-10 22:17:38 +00:00
Илья Индиго
2b80ff0988 Accepting request 896985 from home:13ilya:branches:server:http
- Updated to 1.21.0
  * https://nginx.org/en/CHANGES
  * Added variables support in the "proxy_ssl_certificate",
    "proxy_ssl_certificate_key" "grpc_ssl_certificate",
    "grpc_ssl_certificate_key", "uwsgi_ssl_certificate", and
    "uwsgi_ssl_certificate_key" directives.
  * Added the "max_errors" directive in the mail proxy module.
  * Added the mail proxy module supports POP3 and IMAP pipelining.
  * Added the "fastopen" parameter of the "listen" directive in the
    stream module.
  * Fixed special characters were not escaped during automatic redirect
    with appended trailing slash.
  * Fixed connections with clients in the mail proxy module might be
    closed unexpectedly when using SMTP pipelining.

OBS-URL: https://build.opensuse.org/request/show/896985
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=207
2021-06-02 20:23:28 +00:00
Илья Индиго
4609fd3ee1 Accepting request 895804 from home:dirkmueller:Factory
- update to 1.21.0:
  * Feature: variables support in the "proxy_ssl_certificate",
    "proxy_ssl_certificate_key" "grpc_ssl_certificate",
    "grpc_ssl_certificate_key", "uwsgi_ssl_certificate", and
    "uwsgi_ssl_certificate_key" directives.
  * Feature: the "max_errors" directive in the mail proxy module.
  * Feature: the mail proxy module supports POP3 and IMAP pipelining.
  * Feature: the "fastopen" parameter of the "listen" directive in the
    stream module.
  * Bugfix: special characters were not escaped during automatic redirect
    with appended trailing slash.
  * Bugfix: connections with clients in the mail proxy module might be
    closed unexpectedly when using SMTP pipelining.

OBS-URL: https://build.opensuse.org/request/show/895804
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=206
2021-06-02 20:16:39 +00:00
Dominique Leuenberger
9eb37d7734 Accepting request 895782 from server:http
- Update to 1.20.1
  * https://nginx.org/en/CHANGES
  * 1-byte memory overwrite might occur during DNS server response processing
    if the "resolver" directive was used, allowing an attacker who is able to
    forge UDP packets from the DNS server to cause worker process crash or,
    potentially, arbitrary code execution (CVE-2021-23017, boo#1186126).

OBS-URL: https://build.opensuse.org/request/show/895782
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=65
2021-06-02 20:10:29 +00:00
Илья Индиго
ead3163509 Accepting request 895781 from home:AndreasStieger:branches:server:http
Add reference to boo#1186126

OBS-URL: https://build.opensuse.org/request/show/895781
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=204
2021-05-27 14:43:04 +00:00
Илья Индиго
5b6c245592 Accepting request 895436 from home:13ilya:branches:server:http
- Update to 1.20.1
  * https://nginx.org/en/CHANGES
  * 1-byte memory overwrite might occur during DNS server response processing
    if the "resolver" directive was used, allowing an attacker who is able to
    forge UDP packets from the DNS server to cause worker process crash or,
    potentially, arbitrary code execution (CVE-2021-23017).

OBS-URL: https://build.opensuse.org/request/show/895436
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=203
2021-05-26 02:51:51 +00:00
Dominique Leuenberger
1dba9ff3a8 Accepting request 888899 from server:http
Automatic submission by obs-autosubmit

OBS-URL: https://build.opensuse.org/request/show/888899
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=64
2021-04-29 20:44:41 +00:00
Dominique Leuenberger
28d2612cb2 Accepting request 887093 from server:http
OBS-URL: https://build.opensuse.org/request/show/887093
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=63
2021-04-22 16:03:26 +00:00