Mercurial > hg > nginx-vendor-current
comparison CHANGES @ 670:ad45b044f1e5 NGINX_1_1_19
nginx 1.1.19
*) Security: specially crafted mp4 file might allow to overwrite memory
locations in a worker process if the ngx_http_mp4_module was used,
potentially resulting in arbitrary code execution (CVE-2012-2089).
Thanks to Matthew Daley.
*) Bugfix: nginx/Windows might be terminated abnormally.
Thanks to Vincent Lee.
*) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
"backup".
*) Bugfix: the "allow" and "deny" directives might be inherited
incorrectly if they were used with IPv6 addresses.
*) Bugfix: the "modern_browser" and "ancient_browser" directives might
be inherited incorrectly.
*) Bugfix: timeouts might be handled incorrectly on Solaris/SPARC.
*) Bugfix: in the ngx_http_mp4_module.
| author | Igor Sysoev <http://sysoev.ru> |
|---|---|
| date | Thu, 12 Apr 2012 00:00:00 +0400 |
| parents | 9fbf3ad94cbf |
| children | f41d4b305d22 |
comparison
equal
deleted
inserted
replaced
| 669:3f5d0be5ee74 | 670:ad45b044f1e5 |
|---|---|
| 1 | |
| 2 Changes with nginx 1.1.19 12 Apr 2012 | |
| 3 | |
| 4 *) Security: specially crafted mp4 file might allow to overwrite memory | |
| 5 locations in a worker process if the ngx_http_mp4_module was used, | |
| 6 potentially resulting in arbitrary code execution (CVE-2012-2089). | |
| 7 Thanks to Matthew Daley. | |
| 8 | |
| 9 *) Bugfix: nginx/Windows might be terminated abnormally. | |
| 10 Thanks to Vincent Lee. | |
| 11 | |
| 12 *) Bugfix: nginx hogged CPU if all servers in an upstream were marked as | |
| 13 "backup". | |
| 14 | |
| 15 *) Bugfix: the "allow" and "deny" directives might be inherited | |
| 16 incorrectly if they were used with IPv6 addresses. | |
| 17 | |
| 18 *) Bugfix: the "modern_browser" and "ancient_browser" directives might | |
| 19 be inherited incorrectly. | |
| 20 | |
| 21 *) Bugfix: timeouts might be handled incorrectly on Solaris/SPARC. | |
| 22 | |
| 23 *) Bugfix: in the ngx_http_mp4_module. | |
| 24 | |
| 1 | 25 |
| 2 Changes with nginx 1.1.18 28 Mar 2012 | 26 Changes with nginx 1.1.18 28 Mar 2012 |
| 3 | 27 |
| 4 *) Change: keepalive connections are no longer disabled for Safari by | 28 *) Change: keepalive connections are no longer disabled for Safari by |
| 5 default. | 29 default. |