Mercurial > hg > nginx-site
changeset 445:86d441d817dd
nginx-1.1.17, nginx-1.0.14
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 15 Mar 2012 12:16:12 +0000 |
parents | 43c84d19bf92 |
children | bafd6bde3100 |
files | text/en/CHANGES text/en/CHANGES-1.0 text/ru/CHANGES.ru text/ru/CHANGES.ru-1.0 xml/en/download.xml xml/en/security_advisories.xml xml/index.xml xml/ru/download.xml xml/versions.xml |
diffstat | 9 files changed, 68 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/text/en/CHANGES +++ b/text/en/CHANGES @@ -1,11 +1,23 @@ +Changes with nginx 1.1.17 15 Mar 2012 + + *) Security: content of previously freed memory might be sent to a + client if backend returned specially crafted response. + Thanks to Matthew Daley. + + *) Bugfix: in the embedded perl module if used from SSI. + Thanks to Matthew Daley. + + *) Bugfix: in the ngx_http_uwsgi_module. + + Changes with nginx 1.1.16 29 Feb 2012 *) Change: the simultaneous subrequest limit has been raised to 200. *) Feature: the "from" parameter of the "disable_symlinks" directive. - *) Feature: the "return" and "error_page" directives can be used to + *) Feature: the "return" and "error_page" directives can now be used to return 307 redirections. *) Bugfix: a segmentation fault might occur in a worker process if the @@ -45,13 +57,14 @@ Changes with nginx 1.1.15 *) Bugfix: nginx could not be built with the ngx_http_perl_module if the --with-openssl option was used. - *) Bugfix: internal redirects to named locations were not limited. + *) Bugfix: the number of internal redirects to named locations was not + limited. *) Bugfix: calling $r->flush() multiple times might cause errors in the ngx_http_gzip_filter_module. *) Bugfix: temporary files might be not removed if the "proxy_store" - directive were used with SSI includes. + directive was used with SSI includes. *) Bugfix: in some cases non-cacheable variables (such as the $args variable) returned old empty cached value. @@ -72,8 +85,8 @@ Changes with nginx 1.1.14 *) Bugfix: in the OpenSSL library initialization. - *) Bugfix: the "proxy_redirect" directives might not be correctly - inherited. + *) Bugfix: the "proxy_redirect" directives might be inherited + incorrectly. *) Bugfix: memory leak during reconfiguration if the "pcre_jit" directive was used.
--- a/text/en/CHANGES-1.0 +++ b/text/en/CHANGES-1.0 @@ -1,4 +1,11 @@ +Changes with nginx 1.0.14 15 Mar 2012 + + *) Security: content of previously freed memory might be sent to a + client if backend returned specially crafted response. + Thanks to Matthew Daley. + + Changes with nginx 1.0.13 05 Mar 2012 *) Feature: the "return" and "error_page" directives can now be used to
--- a/text/ru/CHANGES.ru +++ b/text/ru/CHANGES.ru @@ -1,4 +1,16 @@ +Изменения в nginx 1.1.17 15.03.2012 + + *) Безопасность: содержимое ранее освобождённой памяти могло быть + отправлено клиенту, если бэкенд возвращал специально созданный ответ. + Спасибо Matthew Daley. + + *) Исправление: при использовании встроенного перла из SSI. + Спасибо Matthew Daley. + + *) Исправление: в модуле ngx_http_uwsgi_module. + + Изменения в nginx 1.1.16 29.02.2012 *) Изменение: ограничение на количество одновременных подзапросов
--- a/text/ru/CHANGES.ru-1.0 +++ b/text/ru/CHANGES.ru-1.0 @@ -1,4 +1,11 @@ +Изменения в nginx 1.0.14 15.03.2012 + + *) Безопасность: содержимое ранее освобождённой памяти могло быть + отправлено клиенту, если бэкенд возвращал специально созданный ответ. + Спасибо Matthew Daley. + + Изменения в nginx 1.0.13 05.03.2012 *) Добавление: директивы return и error_page теперь могут использоваться
--- a/xml/en/download.xml +++ b/xml/en/download.xml @@ -9,6 +9,7 @@ <download last="1" changes="CHANGES"> +<item ver="1.1.17" pgp="yes" win="yes" /> <item ver="1.1.16" pgp="yes" win="yes" /> <item ver="1.1.15" pgp="yes" win="yes" /> <item ver="1.1.14" pgp="yes" win="yes" /> @@ -36,6 +37,7 @@ <download last="1" changes="CHANGES-1.0"> +<item ver="1.0.14" pgp="yes" win="yes" /> <item ver="1.0.13" pgp="yes" win="yes" /> <item ver="1.0.12" pgp="yes" win="yes" /> <item ver="1.0.11" pgp="yes" win="yes" />
--- a/xml/en/security_advisories.xml +++ b/xml/en/security_advisories.xml @@ -12,6 +12,12 @@ <security> +<item name="Memory disclosure with specially crafted backend responses" + severity="major" + good="1.1.17+, 1.0.14+" + vulnerable="0.1.0-1.1.16" + patch="patch.2012.memory.txt" /> + <item name="Vulnerabilities with invalid UTF-8 sequence on Windows" severity="major" cve="2010-2266"
--- a/xml/index.xml +++ b/xml/index.xml @@ -2,6 +2,18 @@ <news name="nginx news" link="/" lang="en"> +<event date="2012-03-15"> +<para> +<link doc="en/download.xml">nginx-1.0.14</link> +stable and +<link doc="en/download.xml">nginx-1.1.17</link> +development versions have been released, +with the fix for the +<link doc="en/security_advisories.xml">memory disclosure</link> +security problem discovered by Matthew Daley. +</para> +</event> + <event date="2012-03-05"> <para> <link doc="en/download.xml">nginx-1.0.13</link>
--- a/xml/ru/download.xml +++ b/xml/ru/download.xml @@ -9,6 +9,7 @@ <download last="1" changes="CHANGES.ru"> +<item ver="1.1.17" pgp="yes" win="yes" /> <item ver="1.1.16" pgp="yes" win="yes" /> <item ver="1.1.15" pgp="yes" win="yes" /> <item ver="1.1.14" pgp="yes" win="yes" /> @@ -36,6 +37,7 @@ <download last="1" changes="CHANGES.ru-1.0"> +<item ver="1.0.14" pgp="yes" win="yes" /> <item ver="1.0.13" pgp="yes" win="yes" /> <item ver="1.0.12" pgp="yes" win="yes" /> <item ver="1.0.11" pgp="yes" win="yes" />
--- a/xml/versions.xml +++ b/xml/versions.xml @@ -1,7 +1,7 @@ <!DOCTYPE versions SYSTEM "../dtd/versions.dtd"> <versions> -<development> 1.1.16 </development> -<stable> 1.0.13 </stable> +<development> 1.1.17 </development> +<stable> 1.0.14 </stable> <legacy_stable> 0.8.55 </legacy_stable> </versions>