Merge nginx from Debian unstable for plucky

Bug #2085256 reported by Bryce Harrington
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nginx (Ubuntu)
Fix Released
Undecided
Bryce Harrington

Bug Description

Scheduled-For: Backlog
Upstream: tbd
Debian: 1.26.0-3
Ubuntu: 1.26.0-2ubuntu3

ubuntu-server has maintained this package's merge in the past.

If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.

If this merge pulls in a new upstream version, also consider adding an entry to the Jammy Release Notes: https://discourse.ubuntu.com/c/release/38

### New Debian Changes ###

nginx (1.26.0-3) unstable; urgency=medium

  * d/control: Resolve dependency loop between nginx and nginx-common.
    (Fixes: #1082373)

 -- Thomas Ward <email address hidden> Fri, 20 Sep 2024 21:35:42 -0400

nginx (1.26.0-2) unstable; urgency=medium

  [ Jan Mojžíš ]
  * d/rules: enable QUIC and HTTP/3 module (Closes: 1070488)
  * d/control: bump Standards-Version: 4.7.0, no changes
  * d/p/nginx-1.26.1.patch add, backport changes from the nginx 1.26.1 and fix
    CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161
  * d/p/CVE-2024-7347.patch add, backport CVE-2024-7347 fix (Closes: 1078971)
  * d/libnginx-mod.abisubstvars updated comment when ABI needs to be changed

  [ Thomas Ward ]
  * d/conf/nginx.conf: Update default options for current security
    practices and standards. SSL protos, disable prefer server
    ciphers, hide server tokens/versions in responses.

 -- Jan Mojžíš <email address hidden> Mon, 19 Aug 2024 18:46:30 +0200

nginx (1.26.0-1) unstable; urgency=medium

  * New upstream version 1.26.0
  * nginx ABI release: nginx-abi-1.26.0-1 (Closes: 1069997)
  * d/libnginx-mod.abisubstvars: remove third-party modules version constraints
  * d/u/signing-key.asc add Roman Arutyunyan’s PGP public key,
    the key is used to sign the 1.26.0 release
  * d/p/CVE-2023-44487.patch remove, fixed in upstream
  * d/ufw/nginx update, add QUICK, thanks Marcus Bointon
  * d/conf/mime.types add application/xslt+xml, thanks K. Widholm
  * d/copyright: updated copyright related to new upstream version
  * d/copyright: bump my copyright year
  * d/conf/nginx.conf: add worker_cpu_affinity auto (Closes: 1063659)
  * d/gbp.conf: add sign-tags = True, [pull] track-missing = True,
    [import-orig] merge-mode = replace

 -- Jan Mojžíš <email address hidden> Sun, 05 May 2024 18:48:05 +0200

nginx (1.24.0-2) unstable; urgency=medium

  * d/control added dependency nginx-common to nginx (Closes: 1039905)
    After nginx installation, the nginx-common package is installed
    automatically due to its dependencies. The nginx-common package includes
    the systemd unit, which becomes enabled and activated upon installation.
    When the nginx is removed, nginx-common package and the systemd unit will
    remain in the system. Adding a dependency nginx-common to nginx solves
    this problem.
  * d/control fixed binNMU safe dependency declaration nginx to nginx-common,
    nginx is 'any', nginx-common is 'all' -> dependency '= ${source:Version}'
  * d/rules removed override_dh_strip, migration to automatic debug symbols is
    already done, fixes debug-symbol-migration-possibly-complete lint. warning
  * d/po/ro.po added Romanian debconf translation. (Closes: 1033084),
    Thanks to Remus-Gabriel Chelu
  * d/po/sv.po added Swedish debconf translation. (Closes: 1050443),
    Thanks to Peter Kvillegård
  * d/conf/mime.types added video/ogg, video/x-matroska (Closes: 1028144)
  * d/p/CVE-2023-44487.patch adds additional mitigations for CVE-2023-44487
    that according to NGINX developers on nginx-devel are already suitably
    mitigated with the default config options for keepalive. (Closes: 1053770)
  * d/control added nginx-dev dependency on ${nginx:abi}
  * d/debhelper/nginx_mod.pm automatic libnginx-mod-stream dependencies

 -- Jan Mojžíš <email address hidden> Wed, 11 Oct 2023 01:17:51 +0200

nginx (1.24.0-1) unstable; urgency=medium

  * New upstream version 1.24.0
  * nginx ABI release: nginx-abi-1.24.0-1
  * d/libnginx-mod.abisubstvars update version constraints of the 3rd party
    modules
  * d/p/bug-{1024605,973861}.patch removed, fixed in upstream
  * d/copyright: updated copyright for files src/event/ngx_event_udp.h,
    src/os/win32/ngx_dlopen

 -- Jan Mojžíš <email address hidden> Tue, 27 Jun 2023 23:19:31 +0200

nginx (1.22.1-9) unstable; urgency=medium

  * d/control: nginx-common Breaks+Replaces: nginx (<< 1.22.1-8)
    (Closes: 1032929)

 -- Jan Mojžíš <email address hidden> Tue, 14 Mar 2023 16:19:32 +0100

nginx (1.22.1-8) unstable; urgency=medium

  * Main change:
    Configuration files returned to nginx-common package. This fixes
    the serious problem of losing configuration files during upgrade.
    This is a rollback of a change made in 1.22.1-6 (Closes: 1032517)
  * d/control: fix nginx-full dependencies
  * d/libnginx-mod.abisubstvars: update libnginx-mod-http-lua version

 -- Jan Mojžíš <email address hidden> Tue, 14 Mar 2023 06:53:32 +0100

nginx (1.22.1-7) unstable; urgency=medium

### Old Ubuntu Delta ###

nginx (1.26.0-2ubuntu3) oracular; urgency=medium

  * Rebuild against new debhelper 13.18ubuntu2 with fixed
    dh_installlogrotate.

 -- Gianfranco Costamagna <email address hidden> Sun, 22 Sep 2024 21:12:02 +0200

nginx (1.26.0-2ubuntu2) oracular; urgency=medium

  * Drop ubuntu-branding patch, use instead --build=Ubuntu build flag.
  * Use server_tokens build, to make the branding effective

 -- Gianfranco Costamagna <email address hidden> Thu, 05 Sep 2024 12:00:16 +0200

nginx (1.26.0-2ubuntu1) oracular; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Branding for Ubuntu
      + d/p/ubuntu-branding.patch: add Ubuntu branding
      + d/t/branding: Add autopkgtest to validate branding presence
    - d/control: Drop the Lua module (libnginx-mod-http-lua) as a
      dependency for NGINX (Server Team Decision) - future support
      for Lua module now requires resty-core from OpenResty, meaning that if
      we want to continue to support the Lua module, we have to start becoming
      OpenResty - users should just use OpenResty at this point for Lua.
    - d/control: let nginx-core depend on geoip2 instead of geoip.
    - d/t/control: Drop autopkgtest dependencies on libnginx-mod-http-lua too

 -- Gianfranco Costamagna <email address hidden> Tue, 03 Sep 2024 20:14:02 +0200

Bryce Harrington (bryce)
summary: - Merge nginx from Debian unstable for jammy
+ Merge nginx from Debian unstable for plucky
Changed in nginx (Ubuntu):
milestone: none → ubuntu-25.01
Bryce Harrington (bryce)
Changed in nginx (Ubuntu):
assignee: nobody → Bryce Harrington (bryce)
Revision history for this message
Bryce Harrington (bryce) wrote :

Looks like doko tackled this merge already a few weeks ago during the sprint.

Changed in nginx (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.