Mercurial > hg > nginx-vendor-current
diff src/http/modules/ngx_http_browser_module.c @ 670:ad45b044f1e5 NGINX_1_1_19
nginx 1.1.19
*) Security: specially crafted mp4 file might allow to overwrite memory
locations in a worker process if the ngx_http_mp4_module was used,
potentially resulting in arbitrary code execution (CVE-2012-2089).
Thanks to Matthew Daley.
*) Bugfix: nginx/Windows might be terminated abnormally.
Thanks to Vincent Lee.
*) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
"backup".
*) Bugfix: the "allow" and "deny" directives might be inherited
incorrectly if they were used with IPv6 addresses.
*) Bugfix: the "modern_browser" and "ancient_browser" directives might
be inherited incorrectly.
*) Bugfix: timeouts might be handled incorrectly on Solaris/SPARC.
*) Bugfix: in the ngx_http_mp4_module.
| author | Igor Sysoev <http://sysoev.ru> |
|---|---|
| date | Thu, 12 Apr 2012 00:00:00 +0400 |
| parents | d0f7a625f27c |
| children |
line wrap: on
line diff
--- a/src/http/modules/ngx_http_browser_module.c +++ b/src/http/modules/ngx_http_browser_module.c @@ -458,10 +458,11 @@ ngx_http_browser_merge_conf(ngx_conf_t * * with a real skip value. The zero value means Opera. */ - if (conf->modern_browsers == NULL) { + if (conf->modern_browsers == NULL && conf->modern_unlisted_browsers == 0) { conf->modern_browsers = prev->modern_browsers; + conf->modern_unlisted_browsers = prev->modern_unlisted_browsers; - } else { + } else if (conf->modern_browsers != NULL) { browsers = conf->modern_browsers->elts; for (i = 0; i < conf->modern_browsers->nelts; i++) { @@ -501,8 +502,9 @@ found: } } - if (conf->ancient_browsers == NULL) { + if (conf->ancient_browsers == NULL && conf->netscape4 == 0) { conf->ancient_browsers = prev->ancient_browsers; + conf->netscape4 = prev->netscape4; } if (conf->modern_browser_value == NULL) {