Mercurial > hg > nginx-site

--- a/text/en/CHANGES
+++ b/text/en/CHANGES
@@ -1,11 +1,23 @@

+Changes with nginx 1.1.17                                        15 Mar 2012
+
+    *) Security: content of previously freed memory might be sent to a
+       client if backend returned specially crafted response.
+       Thanks to Matthew Daley.
+
+    *) Bugfix: in the embedded perl module if used from SSI.
+       Thanks to Matthew Daley.
+
+    *) Bugfix: in the ngx_http_uwsgi_module.
+
+
 Changes with nginx 1.1.16                                        29 Feb 2012

     *) Change: the simultaneous subrequest limit has been raised to 200.

     *) Feature: the "from" parameter of the "disable_symlinks" directive.

-    *) Feature: the "return" and "error_page" directives can be used to
+    *) Feature: the "return" and "error_page" directives can now be used to
        return 307 redirections.

     *) Bugfix: a segmentation fault might occur in a worker process if the
@@ -45,13 +57,14 @@ Changes with nginx 1.1.15
     *) Bugfix: nginx could not be built with the ngx_http_perl_module if the
        --with-openssl option was used.

-    *) Bugfix: internal redirects to named locations were not limited.
+    *) Bugfix: the number of internal redirects to named locations was not
+       limited.

     *) Bugfix: calling $r->flush() multiple times might cause errors in the
        ngx_http_gzip_filter_module.

     *) Bugfix: temporary files might be not removed if the "proxy_store"
-       directive were used with SSI includes.
+       directive was used with SSI includes.

     *) Bugfix: in some cases non-cacheable variables (such as the $args
        variable) returned old empty cached value.
@@ -72,8 +85,8 @@ Changes with nginx 1.1.14

     *) Bugfix: in the OpenSSL library initialization.

-    *) Bugfix: the "proxy_redirect" directives might not be correctly
-       inherited.
+    *) Bugfix: the "proxy_redirect" directives might be inherited
+       incorrectly.

     *) Bugfix: memory leak during reconfiguration if the "pcre_jit"
        directive was used.
--- a/text/en/CHANGES-1.0
+++ b/text/en/CHANGES-1.0
@@ -1,4 +1,11 @@

+Changes with nginx 1.0.14                                        15 Mar 2012
+
+    *) Security: content of previously freed memory might be sent to a
+       client if backend returned specially crafted response.
+       Thanks to Matthew Daley.
+
+
 Changes with nginx 1.0.13                                        05 Mar 2012

     *) Feature: the "return" and "error_page" directives can now be used to
--- a/text/ru/CHANGES.ru
+++ b/text/ru/CHANGES.ru
@@ -1,4 +1,16 @@

+Изменения в nginx 1.1.17                                          15.03.2012
+
+    *) Безопасность: содержимое ранее освобождённой памяти могло быть
+       отправлено клиенту, если бэкенд возвращал специально созданный ответ.
+       Спасибо Matthew Daley.
+
+    *) Исправление: при использовании встроенного перла из SSI.
+       Спасибо Matthew Daley.
+
+    *) Исправление: в модуле ngx_http_uwsgi_module.
+
+
 Изменения в nginx 1.1.16                                          29.02.2012

     *) Изменение: ограничение на количество одновременных подзапросов
--- a/text/ru/CHANGES.ru-1.0
+++ b/text/ru/CHANGES.ru-1.0
@@ -1,4 +1,11 @@

+Изменения в nginx 1.0.14                                          15.03.2012
+
+    *) Безопасность: содержимое ранее освобождённой памяти могло быть
+       отправлено клиенту, если бэкенд возвращал специально созданный ответ.
+       Спасибо Matthew Daley.
+
+
 Изменения в nginx 1.0.13                                          05.03.2012

     *) Добавление: директивы return и error_page теперь могут использоваться
--- a/xml/en/download.xml
+++ b/xml/en/download.xml
@@ -9,6 +9,7 @@

 <download last="1" changes="CHANGES">

+<item ver="1.1.17" pgp="yes" win="yes" />
 <item ver="1.1.16" pgp="yes" win="yes" />
 <item ver="1.1.15" pgp="yes" win="yes" />
 <item ver="1.1.14" pgp="yes" win="yes" />
@@ -36,6 +37,7 @@

 <download last="1" changes="CHANGES-1.0">

+<item ver="1.0.14" pgp="yes" win="yes" />
 <item ver="1.0.13" pgp="yes" win="yes" />
 <item ver="1.0.12" pgp="yes" win="yes" />
 <item ver="1.0.11" pgp="yes" win="yes" />
--- a/xml/en/security_advisories.xml
+++ b/xml/en/security_advisories.xml
@@ -12,6 +12,12 @@

 <security>

+<item name="Memory disclosure with specially crafted backend responses"
+      severity="major"
+      good="1.1.17+, 1.0.14+"
+      vulnerable="0.1.0-1.1.16"
+      patch="patch.2012.memory.txt" />
+
 <item name="Vulnerabilities with invalid UTF-8 sequence on Windows"
       severity="major"
       cve="2010-2266"
--- a/xml/index.xml
+++ b/xml/index.xml
@@ -2,6 +2,18 @@

 <news name="nginx news" link="/" lang="en">

+<event date="2012-03-15">
+<para>
+<link doc="en/download.xml">nginx-1.0.14</link>
+stable and
+<link doc="en/download.xml">nginx-1.1.17</link>
+development versions have been released,
+with the fix for the
+<link doc="en/security_advisories.xml">memory disclosure</link>
+security problem discovered by Matthew Daley.
+</para>
+</event>
+
 <event date="2012-03-05">
 <para>
 <link doc="en/download.xml">nginx-1.0.13</link>
--- a/xml/ru/download.xml
+++ b/xml/ru/download.xml
@@ -9,6 +9,7 @@

 <download last="1" changes="CHANGES.ru">

+<item ver="1.1.17" pgp="yes" win="yes" />
 <item ver="1.1.16" pgp="yes" win="yes" />
 <item ver="1.1.15" pgp="yes" win="yes" />
 <item ver="1.1.14" pgp="yes" win="yes" />
@@ -36,6 +37,7 @@

 <download last="1" changes="CHANGES.ru-1.0">

+<item ver="1.0.14" pgp="yes" win="yes" />
 <item ver="1.0.13" pgp="yes" win="yes" />
 <item ver="1.0.12" pgp="yes" win="yes" />
 <item ver="1.0.11" pgp="yes" win="yes" />
--- a/xml/versions.xml
+++ b/xml/versions.xml
@@ -1,7 +1,7 @@
 <!DOCTYPE versions SYSTEM "../dtd/versions.dtd">

 <versions>
-<development> 1.1.16 </development>
-<stable> 1.0.13 </stable>
+<development> 1.1.17 </development>
+<stable> 1.0.14 </stable>
 <legacy_stable> 0.8.55 </legacy_stable>
 </versions>