Commit Graph

218 Commits

Author SHA256 Message Date
Ana Guerrero
56bf5fbd63 Accepting request 1147449 from server:http
- Updated to 1.25.4
  * Changed nginx.keyring to Sergey Kandaurov’s PGP public key.
  * https://nginx.org/en/CHANGES
  * Fixed segmentation fault might occur in a worker process while
    processing a specially crafted QUIC session (CVE-2024-24989, CVE-2024-24990).
  * Fixed connections with pending AIO operations might be closed
    prematurely during graceful shutdown of old worker processes.
  * Fixed socket leak alerts no longer logged when fast shutdown was
    requested after graceful shutdown of old worker processes.
  * Fixed socket descriptor error, a socket leak, or a segmentation fault
    in a worker process might occur if AIO was used in a subrequest.
  * Fixed segmentation fault might occur in a worker process if SSL
    proxying was used along with the "image_filter" directive and errors
    with code 415 were redirected with the "error_page" directive.

OBS-URL: https://build.opensuse.org/request/show/1147449
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=84
2024-02-20 20:12:29 +00:00
Илья Индиго
58e8109869 Accepting request 1147448 from home:13ilya:branches:server:http
- Updated to 1.25.4
  * Changed nginx.keyring to Sergey Kandaurov’s PGP public key.
  * https://nginx.org/en/CHANGES
  * Fixed segmentation fault might occur in a worker process while
    processing a specially crafted QUIC session (CVE-2024-24989, CVE-2024-24990).
  * Fixed connections with pending AIO operations might be closed
    prematurely during graceful shutdown of old worker processes.
  * Fixed socket leak alerts no longer logged when fast shutdown was
    requested after graceful shutdown of old worker processes.
  * Fixed socket descriptor error, a socket leak, or a segmentation fault
    in a worker process might occur if AIO was used in a subrequest.
  * Fixed segmentation fault might occur in a worker process if SSL
    proxying was used along with the "image_filter" directive and errors
    with code 415 were redirected with the "error_page" directive.

OBS-URL: https://build.opensuse.org/request/show/1147448
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=250
2024-02-18 16:30:12 +00:00
Илья Индиго
c868e41398 Accepting request 1147446 from home:13ilya:branches:server:http
- Updated to 1.25.4
  * Changed nginx.keyring to nginx public key.
  * https://nginx.org/en/CHANGES
  * Fixed segmentation fault might occur in a worker process while
    processing a specially crafted QUIC session (CVE-2024-24989, CVE-2024-24990).
  * Fixed connections with pending AIO operations might be closed
    prematurely during graceful shutdown of old worker processes.
  * Fixed socket leak alerts no longer logged when fast shutdown was
    requested after graceful shutdown of old worker processes.
  * Fixed socket descriptor error, a socket leak, or a segmentation fault
    in a worker process might occur if AIO was used in a subrequest.
  * Fixed segmentation fault might occur in a worker process if SSL
    proxying was used along with the "image_filter" directive and errors
    with code 415 were redirected with the "error_page" directive.

OBS-URL: https://build.opensuse.org/request/show/1147446
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=249
2024-02-18 16:25:02 +00:00
Илья Индиго
604e6d898a Accepting request 1147439 from home:13ilya:branches:server:http
- Updated to 1.25.4
  * https://nginx.org/en/CHANGES
  * Fixed segmentation fault might occur in a worker process while
    processing a specially crafted QUIC session (CVE-2024-24989, CVE-2024-24990).
  * Fixed connections with pending AIO operations might be closed
    prematurely during graceful shutdown of old worker processes.
  * Fixed socket leak alerts no longer logged when fast shutdown was
    requested after graceful shutdown of old worker processes.
  * Fixed socket descriptor error, a socket leak, or a segmentation fault
    in a worker process might occur if AIO was used in a subrequest.
  * Fixed segmentation fault might occur in a worker process if SSL
    proxying was used along with the "image_filter" directive and errors
    with code 415 were redirected with the "error_page" directive.

OBS-URL: https://build.opensuse.org/request/show/1147439
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=248
2024-02-18 15:28:52 +00:00
Ana Guerrero
69a2170410 Accepting request 1120596 from server:http
- Updated to 1.25.3
  * https://nginx.org/en/CHANGES
  * Changed: improved detection of misbehaving clients when using HTTP/2.
  * Added: startup speedup when using a large number of locations.
  * Fixed: a segmentation fault might occur in a worker process when
    using HTTP/2 without SSL; the bug had appeared in 1.25.1.
  * Fixed: the "Status" backend response header line with an empty
    reason phrase was handled incorrectly.
  * Fixed: memory leak during reconfiguration when using the PCRE2 library.

OBS-URL: https://build.opensuse.org/request/show/1120596
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=83
2023-10-27 20:27:33 +00:00
Илья Индиго
4a71d02af7 Accepting request 1120595 from home:13ilya:branches:server:http
- Updated to 1.25.3
  * https://nginx.org/en/CHANGES
  * Changed: improved detection of misbehaving clients when using HTTP/2.
  * Added: startup speedup when using a large number of locations.
  * Fixed: a segmentation fault might occur in a worker process when
    using HTTP/2 without SSL; the bug had appeared in 1.25.1.
  * Fixed: the "Status" backend response header line with an empty
    reason phrase was handled incorrectly.
  * Fixed: memory leak during reconfiguration when using the PCRE2 library.

OBS-URL: https://build.opensuse.org/request/show/1120595
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=246
2023-10-26 13:52:22 +00:00
Ana Guerrero
0489441858 Accepting request 1104919 from server:http
- Updated to 1.25.2
  * https://nginx.org/en/CHANGES
  * Changed: uses appname "nginx" when loading OpenSSL configuration.
  * Changed: does not try to load OpenSSL configuration if the
    --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
    environment variable is not set.

OBS-URL: https://build.opensuse.org/request/show/1104919
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=82
2023-08-21 09:42:49 +00:00
Илья Индиго
23248b153e Accepting request 1104918 from home:13ilya:branches:server:http
- Updated to 1.25.2
  * https://nginx.org/en/CHANGES
  * Changed: uses appname "nginx" when loading OpenSSL configuration.
  * Changed: does not try to load OpenSSL configuration if the
    --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
    environment variable is not set.

OBS-URL: https://build.opensuse.org/request/show/1104918
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=244
2023-08-20 16:15:47 +00:00
Dominique Leuenberger
1196bc5434 Accepting request 1093008 from server:http
- Updated to 1.25.1
  * https://nginx.org/en/CHANGES
  * Added "http2" directive, which enables HTTP/2 on a per-server basis.
  * Deprecated "http2" parameter of the "listen" directive.
  * Removed HTTP/2 server push support.
  * Deprecated "ssl" directive is not supported anymore.

OBS-URL: https://build.opensuse.org/request/show/1093008
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=81
2023-06-16 14:53:02 +00:00
Илья Индиго
4dfab11efa Accepting request 1093007 from home:13ilya:branches:server:http
- Updated to 1.25.1
  * https://nginx.org/en/CHANGES
  * Added "http2" directive, which enables HTTP/2 on a per-server basis.
  * Deprecated "http2" parameter of the "listen" directive.
  * Removed HTTP/2 server push support.
  * Deprecated "ssl" directive is not supported anymore.

OBS-URL: https://build.opensuse.org/request/show/1093007
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=242
2023-06-14 05:11:52 +00:00
Dominique Leuenberger
57d23d16f2 Accepting request 1088736 from server:http
- Updated to 1.25.0
  * https://nginx.org/en/CHANGES
  * Added experimental HTTP/3 support.

OBS-URL: https://build.opensuse.org/request/show/1088736
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=80
2023-05-25 21:52:11 +00:00
Илья Индиго
8542efea64 Accepting request 1088735 from home:13ilya:branches:server:http
- Updated to 1.25.0
  * https://nginx.org/en/CHANGES
  * Added experimental HTTP/3 support.

OBS-URL: https://build.opensuse.org/request/show/1088735
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=240
2023-05-23 21:53:21 +00:00
Илья Индиго
b361273e1e Accepting request 1078810 from home:13ilya:branches:server:http
- Updated to stable branch 1.24.0.

OBS-URL: https://build.opensuse.org/request/show/1078810
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=239
2023-04-12 21:20:27 +00:00
Dominique Leuenberger
4ff2b66617 Accepting request 1075335 from server:http
- Updated to 1.23.4
  * https://nginx.org/en/CHANGES
  * Enabled TLSv1.3 protocol by default.
  * Supported byte ranges support in the ngx_http_gzip_static_module.
  * Fixed port ranges in the "listen" directive did not work.
  * Fixed incorrect location might be chosen to process a request if a
    prefix location longer than 255 characters.
  * Fixed a socket leak might occur when using HTTP/2 and the
    "error_page" directive to redirect errors with code 400.

OBS-URL: https://build.opensuse.org/request/show/1075335
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=79
2023-03-31 19:13:54 +00:00
Илья Индиго
d5a48c865c Accepting request 1075334 from home:13ilya:branches:server:http
- Updated to 1.23.4
  * https://nginx.org/en/CHANGES
  * Enabled TLSv1.3 protocol by default.
  * Supported byte ranges support in the ngx_http_gzip_static_module.
  * Fixed port ranges in the "listen" directive did not work.
  * Fixed incorrect location might be chosen to process a request if a
    prefix location longer than 255 characters.
  * Fixed a socket leak might occur when using HTTP/2 and the
    "error_page" directive to redirect errors with code 400.

OBS-URL: https://build.opensuse.org/request/show/1075334
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=237
2023-03-29 18:47:59 +00:00
Dominique Leuenberger
e5470b9df0 Accepting request 1043486 from server:http
- Updated to 1.23.3
  * Bugfix: an error might occur when reading PROXY protocol version 2
    header with large number of TLVs.
  * Bugfix: a segmentation fault might occur in a worker process if SSI
    was used to process subrequests created by other modules.
  * Workaround: when a hostname used in the "listen" directive resolves
    to multiple addresses, nginx now ignores duplicates within these
    addresses.
  * Bugfix: nginx might hog CPU during unbuffered proxying if SSL
    connections to backends were used.

OBS-URL: https://build.opensuse.org/request/show/1043486
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=78
2022-12-18 16:22:24 +00:00
Илья Индиго
6f82ef3ee6 Accepting request 1043482 from home:stroeder:network
Updated to 1.23.3

OBS-URL: https://build.opensuse.org/request/show/1043482
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=235
2022-12-17 20:51:20 +00:00
Dominique Leuenberger
5827373505 Accepting request 1030027 from server:http
- Updated to 1.23.2
  * Security: processing of a specially crafted mp4 file by the
    ngx_http_mp4_module might cause a worker process crash, worker
    process memory disclosure, or might have potential other impact
    (CVE-2022-41741, CVE-2022-41742).
  * Feature: the "$proxy_protocol_tlv_..." variables.
  * Feature: TLS session tickets encryption keys are now automatically
    rotated when using shared memory in the "ssl_session_cache"
    directive.
  * Change: the logging level of the "bad record type" SSL errors has
    been lowered from "crit" to "info".
  * Change: now when using shared memory in the "ssl_session_cache"
    directive the "could not allocate new session" errors are logged at
    the "warn" level instead of "alert" and not more often than once per second.
  * Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x.
  * Bugfix: in logging of the PROXY protocol errors.
  * Workaround: shared memory from the "ssl_session_cache" directive was
    spent on sessions using TLS session tickets when using TLSv1.3 with OpenSSL.
  * Workaround: timeout specified with the "ssl_session_timeout"
    directive did not work when using TLSv1.3 with OpenSSL or BoringSSL.

OBS-URL: https://build.opensuse.org/request/show/1030027
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=77
2022-10-22 12:12:45 +00:00
Илья Индиго
1febfe5d66 Accepting request 1030026 from home:stroeder:network
Updated to 1.23.2

OBS-URL: https://build.opensuse.org/request/show/1030026
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=233
2022-10-19 15:41:55 +00:00
Richard Brown
fe76f2c732 Accepting request 990292 from server:http
- Updated to 1.23.1
  * Feature: memory usage optimization in configurations with SSL proxying.
  * Feature: looking up of IPv4 addresses while resolving now can be
    disabled with the "ipv4=off" parameter of the "resolver" directive.
  * Change: the logging level of the "bad key share", "bad extension",
    "bad cipher", and "bad ecpoint" SSL errors has been lowered from "crit" to "info".
  * Bugfix: while returning byte ranges nginx did not remove the
    "Content-Range" header line if it was present in the original backend response.
  * Bugfix: a proxied response might be truncated during reconfiguration
    on Linux; the bug had appeared in 1.17.5.

OBS-URL: https://build.opensuse.org/request/show/990292
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=76
2022-07-22 17:20:12 +00:00
Илья Индиго
68accb1483 Accepting request 990290 from home:stroeder:network
Updated to 1.23.1

OBS-URL: https://build.opensuse.org/request/show/990290
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=231
2022-07-19 17:58:32 +00:00
Dominique Leuenberger
b5a96cd489 Accepting request 984278 from server:http
- Changed nginx.keyring to Konstantin Pavlov’s PGP public key.
- Removed nginx.init.
- Updated to 1.23.0
  * https://nginx.org/en/CHANGES
  * Now header lines are represented as linked lists.
  * Now nginx combines arbitrary header lines with identical
    names when sending to FastCGI, SCGI, and uwsgi backends, in the
    $r->header_in() method of the ngx_http_perl_module, and during lookup
    of the "$http_...", "$sent_http_...", "$sent_trailer_...",
    "$upstream_http_...", and "$upstream_trailer_..." variables.
  * Fixed: if there were multiple "Vary" header lines in the backend
    response, nginx only used the last of them when caching.
  * Fixed: if there were multiple "WWW-Authenticate" header lines in the
    backend response and errors with code 401 were intercepted or the
    "auth_request" directive was used, nginx only sent the first of the
    header lines to the client.
  * The logging level of the "application data after close
    notify" SSL errors has been lowered from "crit" to "info".
  * Fixed: connections might hang if nginx was built on Linux 2.6.17 or
    newer, but was used on systems without EPOLLRDHUP support, notably
    with epoll emulation layers; the bug had appeared in 1.17.5.
  * Fixed: nginx did not cache the response if the "Expires" response
    header line disabled caching, but following "Cache-Control" header
    line enabled caching.

OBS-URL: https://build.opensuse.org/request/show/984278
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=75
2022-06-24 06:45:10 +00:00
Илья Индиго
49be8b975a Accepting request 984277 from home:13ilya
- Changed nginx.keyring to Konstantin Pavlov’s PGP public key.
- Removed nginx.init.
- Updated to 1.23.0
  * https://nginx.org/en/CHANGES
  * Now header lines are represented as linked lists.
  * Now nginx combines arbitrary header lines with identical
    names when sending to FastCGI, SCGI, and uwsgi backends, in the
    $r->header_in() method of the ngx_http_perl_module, and during lookup
    of the "$http_...", "$sent_http_...", "$sent_trailer_...",
    "$upstream_http_...", and "$upstream_trailer_..." variables.
  * Fixed: if there were multiple "Vary" header lines in the backend
    response, nginx only used the last of them when caching.
  * Fixed: if there were multiple "WWW-Authenticate" header lines in the
    backend response and errors with code 401 were intercepted or the
    "auth_request" directive was used, nginx only sent the first of the
    header lines to the client.
  * The logging level of the "application data after close
    notify" SSL errors has been lowered from "crit" to "info".
  * Fixed: connections might hang if nginx was built on Linux 2.6.17 or
    newer, but was used on systems without EPOLLRDHUP support, notably
    with epoll emulation layers; the bug had appeared in 1.17.5.
  * Fixed: nginx did not cache the response if the "Expires" response
    header line disabled caching, but following "Cache-Control" header
    line enabled caching.

OBS-URL: https://build.opensuse.org/request/show/984277
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=229
2022-06-21 23:47:25 +00:00
Илья Индиго
a4da3ae6f4 Accepting request 984274 from home:13ilya
Test keyring for factory-auto.

OBS-URL: https://build.opensuse.org/request/show/984274
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=228
2022-06-21 23:35:17 +00:00
Илья Индиго
4539c3c0a0 Accepting request 984271 from home:13ilya
- Updated nginx.keyring.
- Removed nginx.init.
- Updated to 1.23.0
  * https://nginx.org/en/CHANGES
  * Now header lines are represented as linked lists.
  * Now nginx combines arbitrary header lines with identical
    names when sending to FastCGI, SCGI, and uwsgi backends, in the
    $r->header_in() method of the ngx_http_perl_module, and during lookup
    of the "$http_...", "$sent_http_...", "$sent_trailer_...",
    "$upstream_http_...", and "$upstream_trailer_..." variables.
  * Fixed: if there were multiple "Vary" header lines in the backend
    response, nginx only used the last of them when caching.
  * Fixed: if there were multiple "WWW-Authenticate" header lines in the
    backend response and errors with code 401 were intercepted or the
    "auth_request" directive was used, nginx only sent the first of the
    header lines to the client.
  * The logging level of the "application data after close
    notify" SSL errors has been lowered from "crit" to "info".
  * Fixed: connections might hang if nginx was built on Linux 2.6.17 or
    newer, but was used on systems without EPOLLRDHUP support, notably
    with epoll emulation layers; the bug had appeared in 1.17.5.
  * Fixed: nginx did not cache the response if the "Expires" response
    header line disabled caching, but following "Cache-Control" header
    line enabled caching.

OBS-URL: https://build.opensuse.org/request/show/984271
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=227
2022-06-21 23:27:46 +00:00
Илья Индиго
1272ec2e71 Accepting request 984266 from home:13ilya
- Updated nginx.keyring.
- Updated to 1.23.0
  * https://nginx.org/en/CHANGES
  * Now header lines are represented as linked lists.
  * Now nginx combines arbitrary header lines with identical
    names when sending to FastCGI, SCGI, and uwsgi backends, in the
    $r->header_in() method of the ngx_http_perl_module, and during lookup
    of the "$http_...", "$sent_http_...", "$sent_trailer_...",
    "$upstream_http_...", and "$upstream_trailer_..." variables.
  * Fixed: if there were multiple "Vary" header lines in the backend
    response, nginx only used the last of them when caching.
  * Fixed: if there were multiple "WWW-Authenticate" header lines in the
    backend response and errors with code 401 were intercepted or the
    "auth_request" directive was used, nginx only sent the first of the
    header lines to the client.
  * The logging level of the "application data after close
    notify" SSL errors has been lowered from "crit" to "info".
  * Fixed: connections might hang if nginx was built on Linux 2.6.17 or
    newer, but was used on systems without EPOLLRDHUP support, notably
    with epoll emulation layers; the bug had appeared in 1.17.5.
  * Fixed: nginx did not cache the response if the "Expires" response
    header line disabled caching, but following "Cache-Control" header
    line enabled caching.

OBS-URL: https://build.opensuse.org/request/show/984266
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=226
2022-06-21 22:52:57 +00:00
Илья Индиго
371e023fc6 OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=225 2022-05-24 19:05:30 +00:00
Илья Индиго
cf83f78146 OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=224 2022-05-24 19:03:56 +00:00
Илья Индиго
3ea9761da6 Accepting request 979031 from home:13ilya:branches:server:http
- Used pkgconfig wherever possible.
- Updated to 1.22.0 (1.22.x stable branch).

OBS-URL: https://build.opensuse.org/request/show/979031
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=223
2022-05-24 18:53:10 +00:00
Dominique Leuenberger
e257bf29d8 Accepting request 950462 from server:http
- Updated to 1.21.6
  * https://nginx.org/en/CHANGES
  * Fixed when using EPOLLEXCLUSIVE on Linux client connections were
    unevenly distributed among worker processes.
  * Fixed nginx returned the "Connection: keep-alive" header line in
    responses during graceful shutdown of old worker processes.
  * Fixed in the "ssl_session_ticket_key" when using TLSv1.3.

OBS-URL: https://build.opensuse.org/request/show/950462
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=74
2022-02-03 23:45:51 +00:00
Илья Индиго
a8cf90a0d7 Accepting request 950461 from home:13ilya:branches:server:http
- Updated to 1.21.6
  * https://nginx.org/en/CHANGES
  * Fixed when using EPOLLEXCLUSIVE on Linux client connections were
    unevenly distributed among worker processes.
  * Fixed nginx returned the "Connection: keep-alive" header line in
    responses during graceful shutdown of old worker processes.
  * Fixed in the "ssl_session_ticket_key" when using TLSv1.3.

OBS-URL: https://build.opensuse.org/request/show/950461
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=222
2022-02-01 14:57:10 +00:00
Dominique Leuenberger
2236b89ef3 Accepting request 943052 from server:http
- Updated to 1.21.5
  * https://nginx.org/en/CHANGES
  * Build with the PCRE2.
  * Supported the $ssl_curve variable.
  * Fixed connections might hang when using HTTP/2 without SSL
    with the "sendfile" and "aio" directives.

OBS-URL: https://build.opensuse.org/request/show/943052
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=73
2021-12-30 14:55:30 +00:00
Илья Индиго
7ec1081d5e Accepting request 943051 from home:13ilya:branches:server:http
- Updated to 1.21.5
  * https://nginx.org/en/CHANGES
  * Build with the PCRE2.
  * Supported the $ssl_curve variable.
  * Fixed connections might hang when using HTTP/2 without SSL
    with the "sendfile" and "aio" directives.

OBS-URL: https://build.opensuse.org/request/show/943051
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=221
2021-12-29 11:30:43 +00:00
Илья Индиго
0d561f8f31 Accepting request 943047 from home:AndreasStieger:branches:server:http
nginx 1.21.5

OBS-URL: https://build.opensuse.org/request/show/943047
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=220
2021-12-29 11:22:41 +00:00
Dominique Leuenberger
550410a145 Accepting request 930156 from server:http
- Updated to 1.21.4
  * https://nginx.org/en/CHANGES
  * Support for NPN instead of ALPN to establish HTTP/2
    connections has been removed.
  * Now nginx rejects SSL connections if ALPN is used by the
    client, but no supported protocols can be negotiated.
  * The default value of the "sendfile_max_chunk" directive was
    changed to 2 megabytes.
  * The "proxy_half_close" directive in the stream module.
  * The "ssl_alpn" directive in the stream module.
  * The $ssl_alpn_protocol variable.
  * Support for SSL_sendfile() when using OpenSSL 3.0.
  * The "mp4_start_key_frame" directive in the ngx_http_mp4_module.
  * In the $content_length variable when using chunked transfer encoding.
  * After receiving a response with incorrect length from a proxied
    backend nginx might nevertheless cache the connection.
  * Invalid headers from backends were logged at the "info" level
    instead of "error"; the bug had appeared in 1.21.1.
  * Requests might hang when using HTTP/2 and the "aio_write" directive.
- drop vim-plugin-nginx, now is provided directly by vim

OBS-URL: https://build.opensuse.org/request/show/930156
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=72
2021-11-09 22:54:00 +00:00
Илья Индиго
d8ce311b41 Accepting request 930155 from server:http
Revert to 217.

OBS-URL: https://build.opensuse.org/request/show/930155
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=219
2021-11-08 11:22:33 +00:00
Илья Индиго
9f0de93157 Accepting request 930116 from home:susnux:branches:server:http
- Add nginx-vim-syntax.patch
  * Fix the vim syntax file to work with vim 8, boo#1187888
    https://trac.nginx.org/nginx/ticket/2276

OBS-URL: https://build.opensuse.org/request/show/930116
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=218
2021-11-08 10:38:48 +00:00
Илья Индиго
e89e7af7f8 Accepting request 929778 from home:13ilya:branches:server:http
- Updated to 1.21.4
  * https://nginx.org/en/CHANGES
  * Support for NPN instead of ALPN to establish HTTP/2
    connections has been removed.
  * Now nginx rejects SSL connections if ALPN is used by the
    client, but no supported protocols can be negotiated.
  * The default value of the "sendfile_max_chunk" directive was
    changed to 2 megabytes.
  * The "proxy_half_close" directive in the stream module.
  * The "ssl_alpn" directive in the stream module.
  * The $ssl_alpn_protocol variable.
  * Support for SSL_sendfile() when using OpenSSL 3.0.
  * The "mp4_start_key_frame" directive in the ngx_http_mp4_module.
  * In the $content_length variable when using chunked transfer encoding.
  * After receiving a response with incorrect length from a proxied
    backend nginx might nevertheless cache the connection.
  * Invalid headers from backends were logged at the "info" level
    instead of "error"; the bug had appeared in 1.21.1.
  * Requests might hang when using HTTP/2 and the "aio_write" directive.

OBS-URL: https://build.opensuse.org/request/show/929778
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=217
2021-11-05 21:39:19 +00:00
Илья Индиго
ab143ca8c6 Accepting request 929740 from home:mimi_vx:branches:server:http
- drop vim-plugin-nginx, now is provided directly by vim

OBS-URL: https://build.opensuse.org/request/show/929740
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=216
2021-11-05 20:27:23 +00:00
Dominique Leuenberger
f7329e12b5 Accepting request 925491 from server:http
- Add CONFIG parameter to %sysusers_generate_pre
- Added hardening to systemd service(s) (bsc#1181400). Modified:
  * nginx.service

OBS-URL: https://build.opensuse.org/request/show/925491
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=71
2021-10-20 18:22:53 +00:00
Илья Индиго
7448a9c7db Accepting request 925488 from home:gmbr3:Active
- Add CONFIG parameter to %sysusers_generate_pre

OBS-URL: https://build.opensuse.org/request/show/925488
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=215
2021-10-15 14:30:55 +00:00
Илья Индиго
7f33063b38 Accepting request 924900 from home:jsegitz:branches:systemdhardening:server:http
Automatic systemd hardening effort by the security team. This has not been tested. For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort

OBS-URL: https://build.opensuse.org/request/show/924900
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=214
2021-10-12 14:29:14 +00:00
Dominique Leuenberger
457d9802dd Accepting request 918014 from server:http
- Updated to 1.21.3
  * https://nginx.org/en/CHANGES
  * Optimization of client request body reading when using HTTP/2.
  * Fixed request body filters internal API when using HTTP/2 and
    buffering of the data being processed.

OBS-URL: https://build.opensuse.org/request/show/918014
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=70
2021-09-16 21:14:30 +00:00
Илья Индиго
66f5bdebd0 Accepting request 918013 from home:13ilya
- Updated to 1.21.3
  * https://nginx.org/en/CHANGES
  * Optimization of client request body reading when using HTTP/2.
  * Fixed request body filters internal API when using HTTP/2 and
    buffering of the data being processed.

OBS-URL: https://build.opensuse.org/request/show/918013
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=213
2021-09-10 17:53:00 +00:00
Dominique Leuenberger
5fa1477078 Accepting request 915419 from server:http
- Updated to 1.21.2
  * https://nginx.org/en/CHANGES
  * Now nginx rejects HTTP/1.0 requests with the "Transfer-Encoding" header line.
  * Export ciphers are no longer supported.
  * Added OpenSSL 3.0 compatibility.
  * Added the "Auth-SSL-Protocol" and "Auth-SSL-Cipher" header lines
    are now passed to the mail proxy authentication server.
  * Added request body filters API now permits buffering of the data being processed.
  * Fixed backend SSL connections in the stream module might hang after an SSL handshake.
  * Fixed the security level, which is available in OpenSSL 1.1.0 or newer,
    did not affect loading of the server certificates when set
    with "@SECLEVEL=N" in the "ssl_ciphers" directive.
  * Fixed SSL connections with gRPC backends might hang if select, poll,
    or /dev/poll methods were used.
  * Fixed when using HTTP/2 client request body was always written to
    disk if the "Content-Length" header line was not present in the request.

OBS-URL: https://build.opensuse.org/request/show/915419
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=69
2021-09-03 19:25:25 +00:00
Илья Индиго
919c95c500 Accepting request 915418 from home:13ilya:branches:server:http
- Updated to 1.21.2
  * https://nginx.org/en/CHANGES
  * Now nginx rejects HTTP/1.0 requests with the "Transfer-Encoding" header line.
  * Export ciphers are no longer supported.
  * Added OpenSSL 3.0 compatibility.
  * Added the "Auth-SSL-Protocol" and "Auth-SSL-Cipher" header lines
    are now passed to the mail proxy authentication server.
  * Added request body filters API now permits buffering of the data being processed.
  * Fixed backend SSL connections in the stream module might hang after an SSL handshake.
  * Fixed the security level, which is available in OpenSSL 1.1.0 or newer,
    did not affect loading of the server certificates when set
    with "@SECLEVEL=N" in the "ssl_ciphers" directive.
  * Fixed SSL connections with gRPC backends might hang if select, poll,
    or /dev/poll methods were used.
  * Fixed when using HTTP/2 client request body was always written to
    disk if the "Content-Length" header line was not present in the request.

OBS-URL: https://build.opensuse.org/request/show/915418
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=212
2021-09-01 07:19:48 +00:00
Dominique Leuenberger
ba4c2dd167 Accepting request 904635 from server:http
OBS-URL: https://build.opensuse.org/request/show/904635
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=68
2021-07-11 23:24:38 +00:00
Илья Индиго
3073eba3e8 Accepting request 904634 from home:13ilya:branches:server:http
- Updated to 1.21.1
  * https://nginx.org/en/CHANGES
  * Now nginx always returns an error for the CONNECT method.
  * Now nginx always returns an error if both "Content-Length"
    and "Transfer-Encoding" header lines are present in the request.
  * Now nginx always returns an error if spaces or control
    characters are used in the request line.
  * Now nginx always returns an error if spaces or control
    characters are used in a header name.
  * Now nginx always returns an error if spaces or control
    characters are used in the "Host" request header line.
  * Optimization of configuration testing when using many
    listening sockets.
  * Fixed: nginx did not escape """, "<", ">", "\", "^", "`", "{", "|",
    and "}" characters when proxying with changed URI.
  * Fixed: SSL variables might be empty when used in logs; the bug had
    appeared in 1.19.5.
  * Fixed: keepalive connections with gRPC backends might not be closed
    after receiving a GOAWAY frame.
  * Fixed: reduced memory consumption for long-lived requests when
    proxying with more than 64 buffers.

OBS-URL: https://build.opensuse.org/request/show/904634
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=211
2021-07-07 19:01:27 +00:00
Dominique Leuenberger
f41257e939 Accepting request 900390 from server:http
OBS-URL: https://build.opensuse.org/request/show/900390
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=67
2021-06-19 21:02:00 +00:00
Илья Индиго
8075b49267 Accepting request 900388 from home:fschnizlein:branches:server:http
Fix race condition between nginx and logrotate causing mass reopening of files
(bsc#1183876).

OBS-URL: https://build.opensuse.org/request/show/900388
OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=209
2021-06-16 13:39:51 +00:00