CVS commit: pkgsrc/www/nginx

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/www/nginx
From: "Kimmo Suominen" <kim%netbsd.org@localhost>
Date: Wed, 24 Sep 2014 05:42:48 +0000

Module Name:    pkgsrc
Committed By:   kim
Date:           Wed Sep 24 05:42:48 UTC 2014

Modified Files:
        pkgsrc/www/nginx: Makefile distinfo

Log Message:
Upgrade to nginx-1.6.2 to fix security vulnerability CVE-2014-3616.
Restore module checksums that were lost in last update.

Changes with nginx 1.6.2                                         16 Sep 2014

    *) Security: it was possible to reuse SSL sessions in unrelated contexts
       if a shared SSL session cache or the same TLS session ticket key was
       used for multiple "server" blocks (CVE-2014-3616).
       Thanks to Antoine Delignat-Lavaud.

    *) Bugfix: requests might hang if resolver was used and a DNS server
       returned a malformed response; the bug had appeared in 1.5.8.

    *) Bugfix: requests might hang if resolver was used and a timeout
       occurred during a DNS request.


To generate a diff of this commit:
cvs rdiff -u -r1.56 -r1.57 pkgsrc/www/nginx/Makefile
cvs rdiff -u -r1.43 -r1.44 pkgsrc/www/nginx/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index