[FFe] Please update nginx to 1.9.12

Bug #1549347 reported by Thomas Ward on 2016-02-24
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nginx (Ubuntu)

Bug Description

NGINX has recently uploaded version 1.9.12. This contains bugfixes and feature changes to core functionality in nginx, as well as introduces workarounds due to some issues with OpenSSL.


The upstream changelog is as follows. Comments of mine will be added with hashtags (#):

Changes with nginx 1.9.12 24 Feb 2016

    *) Feature: Huffman encoding of response headers in HTTP/2.
       Thanks to Vlad Krasnov.

    *) Feature: the "worker_cpu_affinity" directive now supports more than
       64 CPUs.

    *) Bugfix: compatibility with 3rd party C++ modules; the bug had
       appeared in 1.9.11.
       Thanks to Piotr Sikora.

    *) Bugfix: nginx could not be built statically with OpenSSL on Linux;
       the bug had appeared in 1.9.11.

    *) Bugfix: the "add_header ... always" directive with an empty value did
       not delete "Last-Modified" and "ETag" header lines from error

    *) Workaround: "called a function you should not call" and "shutdown
       while in init" messages might appear in logs when using OpenSSL

    *) Bugfix: invalid headers might be logged incorrectly.

    *) Bugfix: socket leak when using HTTP/2.

    *) Bugfix: in the ngx_http_v2_module.


Rationale for Update:

A longer term goal of the Server Team is to have NGINX 1.10.x (the next stable release of NGINX) in Ubuntu Xenial, either as a post-Xenial-release SRU, or right before we release, depending on when NGINX releases the 1.10.x branch (which is based off the 1.9.x branch).

To reduce the delta between merges, and to reduce the amount of work necessary to switch from 1.9.x to 1.10.x in the future of Xenial, it is more preferable to have the latest 1.9.x available as close to 1.10.x release as possible; this makes it much more easier to deal with build failures, or to troubleshoot issues between versions, as there is less of an upstream delta.

We do not enable HTTP/2, therefore the only feature change we should be worried about here is the ability of the `worker_cpu_affinity` directive being able to support more than 64 CPUs. This does not affect other functionality.

We have other bugfixes, as well, for other functions in the system, including 'add_header' directives, and incorrect logging of invalid headers. These do not affect any of the other features in Ubuntu, nor does this appear to affect the feature-set of NGINX.


Security Considerations:

* HTTP/2 is disabled in the NGINX builds currently. This is at the request of the Security Team. There is no security concern of HTTP/2 in this release.


Files to be uploaded (Pending creation)

* Debdiff between 1.9.11-0ubuntu2 and 1.9.12-0ubuntu1 (direct upload)
* Local sbuild logs (amd64, i386), including 'lintian' checks
* Installation log (Xenial amd64 VM)

Thomas Ward (teward) on 2016-02-24
summary: - New upstream release - 1.9.12
+ New nginx upstream release - 1.9.12
description: updated

amd64 sbuild logs (plus Lintian checks)

Thomas Ward (teward) wrote :

i386 sbuild logs (plus Lintian checks)

tags: added: patch
Thomas Ward (teward) wrote :

Additional build logs and tests available in https://launchpad.net/~teward/+archive/ubuntu/xenial-buildtests/+packages for package `nginx 1.9.12-0ubuntu1` for other architectures

Thomas Ward (teward) wrote :

Screenshot #1: Image of the VM - Shows "netstat -tulpn | grep :80" output, which will indicate that nginx is indeed running. Obtained right after installation.

Thomas Ward (teward) wrote :

Screenshot #2: IP address of VM, and Default Landing Page (screenshot from Host system, includes VM console)

Thomas Ward (teward) wrote :

NGINX install logs from apt for nginx-core

Thomas Ward (teward) wrote :

NGINX install logs from apt for nginx-light

Thomas Ward (teward) wrote :

NGINX install logs from apt for nginx-full

Thomas Ward (teward) wrote :

NGINX install logs from apt for nginx-extras

Thomas Ward (teward) wrote :

Updated debdiff because I accidentally left the bug number off this.

This is ready for review for a FeatureFreeze Exception.

Changed in nginx (Ubuntu):
assignee: Thomas Ward (teward) → nobody
Thomas Ward (teward) wrote :

I do not have logs here, but I can confirm that all flavors (-core, -light, -full, -extras) can be upgraded to the version in the debdiff without issues and without any failures, outside of configuration failures by users (that is, not Package-specific issues)

Thomas Ward (teward) on 2016-02-25
summary: - New nginx upstream release - 1.9.12
+ Please update nginx to 1.9.12
Thomas Ward (teward) on 2016-02-26
summary: - Please update nginx to 1.9.12
+ [FFe Requested] Please update nginx to 1.9.12
Thomas Ward (teward) on 2016-03-15
summary: - [FFe Requested] Please update nginx to 1.9.12
+ [FFe] Please update nginx to 1.9.12
Thomas Ward (teward) on 2016-03-15
Changed in nginx (Ubuntu):
importance: Undecided → Wishlist
status: New → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package nginx - 1.9.12-0ubuntu1

nginx (1.9.12-0ubuntu1) xenial; urgency=medium

  * New upstream release (1.9.12) - full changelog available at upstream
    website - http://nginx.org/en/CHANGES (LP: #1549347)
  * All Ubuntu specific changes from 1.9.11-0ubuntu1 and -0ubuntu2 remain
    included in this upload.

 -- Thomas Ward <email address hidden> Wed, 24 Feb 2016 10:26:31 -0500

Changed in nginx (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers