[SRU] Please update nginx in Xenial and Yakkety to 1.10.3
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
nginx (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned | ||
Xenial |
Fix Released
|
Wishlist
|
Unassigned | ||
Yakkety |
Fix Committed
|
Wishlist
|
Unassigned |
Bug Description
[Impact]
Two releases are affected: Xenial and Yakkety.
There are a bunch of bugfixes in 1.10.3, including HTTP/2 fixes, that should be included in Ubuntu. This is detailed here in the upstream changelog from nginx:
Changes with nginx 1.10.3 (31 Jan 2017)
*) Bugfix: in the "add_after_body" directive when used with the
"sub_filter" directive.
*) Bugfix: unix domain listen sockets might not be inherited during
binary upgrade on Linux.
*) Bugfix: graceful shutdown of old worker processes might require
infinite time when using HTTP/2.
*) Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
directives client request body might be corrupted; the bug had
appeared in 1.10.2.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2; the bug had appeared in 1.10.2.
*) Bugfix: an incorrect response might be returned when using the
"sendfile" directive on FreeBSD and macOS; the bug had appeared in
1.7.8.
*) Bugfix: a truncated response might be stored in cache when using the
"aio_write" directive.
*) Bugfix: a socket leak might occur when using the "aio_write"
directive.
[Test Case]
No test cases available as there are no bugs filed for any of these in Ubuntu. However, due to HTTP/2, any 'bugs' in these which may corrupt data or not kill worker processes correctly, or segfault, should be addressed.
[Regression Potential]
All these bugfixes were tested upstream by the nginx team, and do not pose a regression risk to the existing software versions or features of Ubuntu in affected releases.
[Other Info]
I will be uploading nginx 1.10.3 directly to Zesty today, and then have a merge ready by the end of the week for Zesty from Debian, which pulls in dynamic module support, etc. This SRU is written here ahead of having the Zesty update done, because this happens to be on my list of things to get done before the Zesty update.
CVE References
description: | updated |
summary: |
- Please update nginx in Xenial and Yakkety to 1.10.3 + [SRU] Please update nginx in Xenial and Yakkety to 1.10.3 |
Changed in nginx (Ubuntu): | |
status: | New → Invalid |
Changed in nginx (Ubuntu Xenial): | |
status: | New → Triaged |
Changed in nginx (Ubuntu Yakkety): | |
status: | New → Incomplete |
status: | Incomplete → Triaged |
Changed in nginx (Ubuntu Xenial): | |
importance: | Undecided → Wishlist |
Changed in nginx (Ubuntu Yakkety): | |
importance: | Undecided → Wishlist |
Changed in nginx (Ubuntu): | |
assignee: | Thomas Ward (teward) → nobody |
description: | updated |
For Xenial, also take into account the changes done between 1.10.0 and 1.10.3. Note the CVE issue is already fixed in the Security repository, but other bugfixes should probably be included.
Changes with nginx 1.10.3 31 Jan 2017
*) Bugfix: in the "add_after_body" directive when used with the
"sub_filter" directive.
*) Bugfix: unix domain listen sockets might not be inherited during
binary upgrade on Linux.
*) Bugfix: graceful shutdown of old worker processes might require
infinite time when using HTTP/2.
*) Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
directives client request body might be corrupted; the bug had
appeared in 1.10.2.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2; the bug had appeared in 1.10.2.
*) Bugfix: an incorrect response might be returned when using the
"sendfile" directive on FreeBSD and macOS; the bug had appeared in
1.7.8.
*) Bugfix: a truncated response might be stored in cache when using the
"aio_write" directive.
*) Bugfix: a socket leak might occur when using the "aio_write"
directive.
Changes with nginx 1.10.2 18 Oct 2016
*) Change: the "421 Misdirected Request" response now used when
rejecting requests to a virtual server different from one negotiated
during an SSL handshake; this improves interoperability with some
HTTP/2 clients when using client certificates.
*) Change: HTTP/2 clients can now start sending request body body_preread_ size" directive controls size of
immediately; the "http2_
the buffer used before nginx will start reading client request body.
*) Bugfix: a segmentation fault might occur in a worker process when request_ buffering" directive.
using HTTP/2 and the "proxy_
*) Bugfix: the "Content-Length" request header line was always added to
requests passed to backends, including requests without body, when
using HTTP/2.
*) Bugfix: "http request count is zero" alerts might appear in logs when
using HTTP/2.
*) Bugfix: unnecessary buffering might occur when using the "sub_filter"
directive; the issue had appeared in 1.9.4.
*) Bugfix: socket leak when using HTTP/2.
*) Bugfix: an incorrect response might be returned when using the "aio
threads" and "sendfile" directives; the bug had appeared in 1.9.13.
*) Workaround: OpenSSL 1.1.0 compatibility.
Changes with nginx 1.10.1 31 May 2016
*) Security: a segmentation fault might occur in a worker process while
(CVE-2016- 4450); the bug had appeared in 1.3.9.
writing a specially crafted request body to a temporary file