a78d7d5f82
- Updated to 1.29.4 * https://nginx.org/en/CHANGES * Added the ngx_http_proxy_module supports HTTP/2. * Added Encrypted ClientHello TLS extension support when using OpenSSL ECH feature branch; the "ssl_ech_file" directive. * Changed validation of host and port in the request line, "Host" header field, and ":authority" pseudo-header field has been changed to follow RFC 3986. * Changed now a single LF used as a line terminator in a chunked request or response body is considered an error. * Fixed when using HTTP/3 with OpenSSL 3.5.1 or newer a segmentation fault might occur in a worker process; the bug had appeared in 1.29.1. * Fixed a segmentation fault might occur in a worker process if the "try_files" directive and "proxy_pass" with a URI were used.
Илья Индиго
2025-12-10 06:25:02 +00:00
35eb7bf3cd
Accepting request 1314089 from server:http
Ana Guerrero2025-10-29 20:04:06 +00:00
dd983cdf96
- Updated to 1.29.3 * Changed nginx-conf.patch file. * https://nginx.org/en/CHANGES * Added the "add_header_inherit" and "add_trailer_inherit" directives. * Added the $request_port and $is_request_port variables. * Added the $ssl_sigalg and $ssl_client_sigalg variables. * Added the "volatile" parameter of the "geo" directive. * Added now certificate compression is available with BoringSSL. * Fixed now certificate compression is disabled with OCSP stapling.
Илья Индиго
2025-10-28 14:06:12 +00:00
29ab507cd1
- Updated to 1.29.2 * Changed nginx-conf.patch file. * https://nginx.org/en/CHANGES * Fixed now the "ssl_protocols" directive works in a virtual server different from the default server when using OpenSSL 1.1.1 or newer. * Fixed SSL handshake always failed when using TLSv1.3 with OpenSSL and client certificates and resuming a session with a different SNI value; the bug had appeared in 1.27.4. * Fixed the "ignoring stale global SSL error" alerts might appear in logs when using QUIC and the "ssl_reject_handshake" directive; the bug had appeared in 1.29.0. * Fixed in delta-seconds processing in the "Cache-Control" backend response header line. * Fixed an XCLIENT command didn't use the xtext encoding. * Fixed in SSL certificate caching during reconfiguration.
Илья Индиго
2025-10-08 01:01:50 +00:00
a340febec1
- Updated to 1.29.1 * https://nginx.org/en/CHANGES * Fixed processing of a specially crafted login/password when using the "none" authentication method in the ngx_mail_smtp_module might cause worker process memory disclosure to the authentication server (CVE-2025-53859). * Changed TLSv1.3 certificate compression is disabled by default. * Added the "ssl_certificate_compression" directive. * Added support for 0-RTT in QUIC when using OpenSSL 3.5.1 or newer. * Fixed the 103 response might be buffered when using HTTP/2 and the "early_hints" directive. * Fixed in handling "Host" and ":authority" header lines with equal values when using HTTP/2; the bug had appeared in 1.17.9. * Fixed in handling "Host" header lines with a port when using HTTP/3. * Fixed in the "none" parameter of the "smtp_auth" directive.
Илья Индиго
2025-08-14 08:37:14 +00:00
1fae1b6260
Accepting request 1293972 from server:http
Ana Guerrero2025-07-20 13:28:27 +00:00
0acd39241a
- Changed nginx.logrotate and nginx-conf.patch files. * Removed hardcoded user and group definitions. - Removed ending slashes wherever possible. - Removed root privileges when running logrotate (bsc#1246090).
Илья Индиго
2025-07-16 22:50:22 +00:00
02820af414
- Drop root priviledges while running logrotate (bsc#1246090)
Илья Индиго
2025-07-16 22:07:01 +00:00
b19a5a4c17
Accepting request 1288818 from server:http
Ana Guerrero2025-06-27 21:00:26 +00:00
2ea46e960d
- Updated to 1.29.0 * https://nginx.org/en/CHANGES * Added support for response code 103 from proxy and gRPC backends; the "early_hints" directive. * Added loading of secret keys from hardware tokens with OpenSSL provider. * Changed the logging level of SSL errors in a QUIC handshake has been changed from "error" to "crit" for critical errors, and to "info" for the rest; the logging level of unsupported QUIC transport parameters has been lowered from "info" to "debug". * Disabled OpenSSL 3.5 QUIC API support by default.
Илья Индиго
2025-06-27 09:42:27 +00:00
bb977f7b5f
- Updated to 1.28.0: * Fixed -Wunterminated-string-initialization with gcc15 * HTTP/3: fixed NGX_HTTP_V3_VARLEN_INT_LEN value
Илья Индиго
2025-06-02 14:17:50 +00:00
e76e94ac55
Accepting request 1279422 from server:http
Ana Guerrero2025-05-26 16:32:02 +00:00
734c74345c
Changed service to prevent 'timed out. Killing' messages on service stopping
Илья Индиго
2025-05-22 23:51:19 +00:00
caff628312
Accepting request 1270052 from server:http
Ana Guerrero2025-04-18 14:14:20 +00:00
33e69d37f5
- Updated to 1.27.5 * https://nginx.org/en/CHANGES * Changed the maximum size limit for SSL sessions cached in shared memory has been raised to 8192. * Fixed in the "grpc_ssl_password_file", "proxy_ssl_password_file", and "uwsgi_ssl_password_file" directives when loading SSL certificates and encrypted keys from variables; the bug had appeared in 1.23.1. * Fixed in the $ssl_curve and $ssl_curves variables when using pluggable curves in OpenSSL.
Илья Индиго
2025-04-16 14:59:06 +00:00
9adae25cf9
Accepting request 1266982 from server:http
Ana Guerrero2025-04-07 15:34:50 +00:00
833f64453b
Accepting request 1243543 from server:http
Ana Guerrero2025-02-06 21:02:24 +00:00
1efb13abf9
- Changed URL's from nginx.org to github.com . - Updated to 1.27.4 * https://nginx.org/en/CHANGES * Fixed insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a different virtual server, to bypass client SSL certificates verification (CVE-2025-23419). * Added the "ssl_object_cache_inheritable", "ssl_certificate_cache", "proxy_ssl_certificate_cache", "grpc_ssl_certificate_cache", and "uwsgi_ssl_certificate_cache", "keepalive_min_timeout" directives. * Fixed nginx could not build libatomic library using the library sources if the --with-libatomic=DIR option was used.
Илья Индиго
2025-02-06 04:48:43 +00:00
e502c32e76
Accepting request 1226763 from server:http
Ana Guerrero2024-11-27 21:06:23 +00:00
5111159ef7
- Updated to 1.27.3 * https://github.com/nginx/nginx/releases/tag/release-1.27.3 * Added the "server" directive in the "upstream" block supports the "resolve" parameter. * Added the "resolver" and "resolver_timeout" directives in the "upstream" block. * Added SmarterMail specific mode support for IMAP LOGIN with untagged CAPABILITY response in the mail proxy module. * Changed TLSv1 and TLSv1.1 protocols are disabled by default. * Changed IPv6 address in square brackets and no port can be specified in the "proxy_bind", "fastcgi_bind", "grpc_bind", "memcached_bind", "scgi_bind", and "uwsgi_bind" directives, and as client address in ngx_http_realip_module. * Fixed ngx_http_mp4_module and "proxy_store" directive.
Илья Индиго
2024-11-27 04:28:59 +00:00
d89c21608d
Accepting request 1205364 from server:http
Ana Guerrero2024-10-03 16:00:39 +00:00
31cf02ba3e
- Updated to 1.27.2 * https://nginx.org/en/CHANGES * Added SSL certificates, secret keys, and CRLs are now cached on start or during reconfiguration. * Added client certificate validation with OCSP in the stream module. * Added OCSP stapling support in the stream module. * Added the "proxy_pass_trailers" directive in the ngx_http_proxy_module. * Added the "ssl_client_certificate" directive now supports certificates with auxiliary information. * Changed now the "ssl_client_certificate" directive is not required for client SSL certificates verification.
Илья Индиго
2024-10-03 06:56:17 +00:00
4ee1f5dcce
Accepting request 1204304 from server:http
Ana Guerrero2024-09-29 16:09:49 +00:00
6670ffcf84
- Renamed nginx-1.6.1-default_config.patch to nginx-conf.patch. - Renamed nginx-1.2.4-perl_vendor_install.patch to nginx-perl.patch. - Used atosetup -p1 macro and replaced editor from perl to sed. - Added %check section with gpg signature source verification. - Updated to 1.27.1 * https://nginx.org/en/CHANGES * Fixed crash in ngx_http_mp4_module via specially crafted mp4 file (CVE-2024-7347). * Now the stream module handler is not mandatory. * Fixed new HTTP/2 connections might ignore graceful shutdown of old worker processes.
Илья Индиго
2024-08-16 02:31:06 +00:00
cddb5da178
- Renamed nginx-1.6.1-default_config.patch to nginx-conf.patch. - Renamed nginx-1.2.4-perl_vendor_install.patch to nginx-perl.patch. - Used atosetup -p1 macro and replaced editor from perl to sed. - Added %check section with gpg signature source_verification. - Updated to 1.27.1 * https://nginx.org/en/CHANGES * Fixed crash in ngx_http_mp4_module via specially crafted mp4 file (CVE-2024-7347). * Now the stream module handler is not mandatory. * Fixed new HTTP/2 connections might ignore graceful shutdown of old worker processes.
Илья Индиго
2024-08-16 02:26:21 +00:00
60e6941e1b
- Renamed nginx-1.6.1-default_config.patch to nginx-conf.patch. - Renamed nginx-1.2.4-perl_vendor_install.patch to nginx-perl.patch. - Used atosetup -p1 macro and replaced editor from perl to sed. - Updated to 1.27.1 * https://nginx.org/en/CHANGES * Fixed crash in ngx_http_mp4_module via specially crafted mp4 file (CVE-2024-7347). * Now the stream module handler is not mandatory. * Fixed new HTTP/2 connections might ignore graceful shutdown of old worker processes.
Илья Индиго
2024-08-16 00:09:31 +00:00
6ed1fa8c90
- Changed nginx-1.6.1-default_config.patch file (added ngx_http_fancyindex_module.so). - Updated to 1.27.1 * https://nginx.org/en/CHANGES * Fixed crash in ngx_http_mp4_module via specially crafted mp4 file (CVE-2024-7347). * Now the stream module handler is not mandatory. * Fixed new HTTP/2 connections might ignore graceful shutdown of old worker processes.
Илья Индиго
2024-08-15 21:19:38 +00:00
0cabb334ee
Accepting request 1177870 from server:http
Ana Guerrero2024-06-04 10:50:42 +00:00
Ana Guerrero
Илья Индиго
Dominique Leuenberger
Adrian Schröter
Richard Brown