]> rtime.felk.cvut.cz Git - coffee/buildroot.git/commitdiff
projects / coffee / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f5f3eb0)
nginx: security bump to version 1.12.1
authorPeter Korsgaard <peter@korsgaard.com>
Fri, 14 Jul 2017 09:08:12 +0000 (11:08 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Fri, 14 Jul 2017 13:13:55 +0000 (15:13 +0200)
Fixes CVE-2017-7529 - Nginx versions since 0.5.6 up to and including 1.13.2
are vulnerable to integer overflow vulnerability in nginx range filter
module resulting into leak of potentially sensitive information triggered by
specially crafted request.

For more details, see:
http://mailman.nginx.org/pipermail/nginx-announce/2017/000200.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/nginx/nginx.hash patch | blob | history
package/nginx/nginx.mk patch | blob | history

diff --git a/package/nginx/nginx.hash b/package/nginx/nginx.hash
index ffc5a279c16a502e01c62d3b682a6545d4202c3f..22e4007b5f526816e38d302bed9e312112f799eb 100644 (file)
--- a/package/nginx/nginx.hash
+++ b/package/nginx/nginx.hash
@@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256 b4222e26fdb620a8d3c3a3a8b955e08b713672e1bc5198d1e4f462308a795b30        nginx-1.12.0.tar.gz
+sha256 8793bf426485a30f91021b6b945a9fd8a84d87d17b566562c3797aba8fac76fb        nginx-1.12.1.tar.gz
diff --git a/package/nginx/nginx.mk b/package/nginx/nginx.mk
index 54126ab912ddfd13c97701d43085bd192c39c31d..ceb80229d3b2bf17dfe65cd0e949516d3f4d4c06 100644 (file)
--- a/package/nginx/nginx.mk
+++ b/package/nginx/nginx.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-NGINX_VERSION = 1.12.0
+NGINX_VERSION = 1.12.1
 NGINX_SITE = http://nginx.org/download
 NGINX_LICENSE = BSD-2-Clause
 NGINX_LICENSE_FILES = LICENSE