Ubuntu
nginx package

  1. Xenial (16.04)
  2. Bug #1663937
  3. Comment #1

Comment 1 for bug 1663937

Revision history for this message
Thomas Ward (teward) wrote :

For Xenial, also take into account the changes done between 1.10.0 and 1.10.3. Note the CVE issue is already fixed in the Security repository, but other bugfixes should probably be included.

Changes with nginx 1.10.3 31 Jan 2017

    *) Bugfix: in the "add_after_body" directive when used with the
       "sub_filter" directive.

    *) Bugfix: unix domain listen sockets might not be inherited during
       binary upgrade on Linux.

    *) Bugfix: graceful shutdown of old worker processes might require
       infinite time when using HTTP/2.

    *) Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
       directives client request body might be corrupted; the bug had
       appeared in 1.10.2.

    *) Bugfix: a segmentation fault might occur in a worker process when
       using HTTP/2; the bug had appeared in 1.10.2.

    *) Bugfix: an incorrect response might be returned when using the
       "sendfile" directive on FreeBSD and macOS; the bug had appeared in
       1.7.8.

    *) Bugfix: a truncated response might be stored in cache when using the
       "aio_write" directive.

    *) Bugfix: a socket leak might occur when using the "aio_write"
       directive.

Changes with nginx 1.10.2 18 Oct 2016

    *) Change: the "421 Misdirected Request" response now used when
       rejecting requests to a virtual server different from one negotiated
       during an SSL handshake; this improves interoperability with some
       HTTP/2 clients when using client certificates.

    *) Change: HTTP/2 clients can now start sending request body
       immediately; the "http2_body_preread_size" directive controls size of
       the buffer used before nginx will start reading client request body.

    *) Bugfix: a segmentation fault might occur in a worker process when
       using HTTP/2 and the "proxy_request_buffering" directive.

    *) Bugfix: the "Content-Length" request header line was always added to
       requests passed to backends, including requests without body, when
       using HTTP/2.

    *) Bugfix: "http request count is zero" alerts might appear in logs when
       using HTTP/2.

    *) Bugfix: unnecessary buffering might occur when using the "sub_filter"
       directive; the issue had appeared in 1.9.4.

    *) Bugfix: socket leak when using HTTP/2.

    *) Bugfix: an incorrect response might be returned when using the "aio
       threads" and "sendfile" directives; the bug had appeared in 1.9.13.

    *) Workaround: OpenSSL 1.1.0 compatibility.

Changes with nginx 1.10.1 31 May 2016

    *) Security: a segmentation fault might occur in a worker process while
       writing a specially crafted request body to a temporary file
       (CVE-2016-4450); the bug had appeared in 1.3.9.