Date: Fri, 13 Apr 2012 12:17:05 +0000 (UTC) From: "Sergey A. Osokin" <osa@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/www/nginx-devel Makefile distinfo Message-ID: <201204131217.q3DCH5LP085407@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
osa 2012-04-13 12:17:05 UTC
FreeBSD ports repository
Modified files:
www/nginx-devel Makefile distinfo
Log:
Security update from 1.1.18 to 1.1.19.
<ChangeLog>
*) Security: specially crafted mp4 file might allow to overwrite memory
locations in a worker process if the ngx_http_mp4_module was used,
potentially resulting in arbitrary code execution (CVE-2012-2089).
Thanks to Matthew Daley.
*) Bugfix: nginx/Windows might be terminated abnormally.
Thanks to Vincent Lee.
*) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
"backup".
*) Bugfix: the "allow" and "deny" directives might be inherited
incorrectly if they were used with IPv6 addresses.
*) Bugfix: the "modern_browser" and "ancient_browser" directives might
be inherited incorrectly.
*) Bugfix: timeouts might be handled incorrectly on Solaris/SPARC.
*) Bugfix: in the ngx_http_mp4_module.
</ChangeLog>
Revision Changes Path
1.444 +1 -1 ports/www/nginx-devel/Makefile
1.388 +2 -2 ports/www/nginx-devel/distinfo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201204131217.q3DCH5LP085407>