From patchwork Sun Sep 15 16:43:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 8129 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4X6DQT3LGlz3wxp for ; Sun, 15 Sep 2024 16:44:01 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E6" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4X6DQQ3dDXz5mb; Sun, 15 Sep 2024 16:43:58 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4X6DQQ2vtfz33wZ; Sun, 15 Sep 2024 16:43:58 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R10" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4X6DQF55m4z33vV for ; Sun, 15 Sep 2024 16:43:49 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4X6DQF3dyCz1sb; Sun, 15 Sep 2024 16:43:49 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1726418629; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=uA9J/30XcRbg+8fY0kYgqSHmL0saFm/mekKr1yORahM=; b=fw3eF7Fa+7+SY8d2IyfClbomkpUa6wrjoIU8QToV/bL/xnLCCjD/4n7ADQrE5Xcu1ETYVE NaBVSylIzYcxxPDg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1726418629; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=uA9J/30XcRbg+8fY0kYgqSHmL0saFm/mekKr1yORahM=; b=isLHyHeUWiXrF/ELFMS+rrhP1Qtr9UX1lek/kANfkKasgDK20OmUxK0kNaBzuSK1WtdwzA M/UTKVjIrHBQ5BPkWHcbsMRpU44LILY2bVsh8bFEUtiPXqh6yjYsnXI7RDzagQyv8w/gOJ 4cAt70XDDDH4zHLBZs5PgimjsnIGSSRyZwbFDS+BlyQ9eOv1waVCAL7fCoAPDOBHBbARLm V0VnE7nHAeokXUSpQ/qKlVDt7G+2BfCWyOdusRXwpXdNOuPaFwVSEmbdOEFMw/ZeV7HCQo E9MzuXMD/XWi2i7OyasOub46IfSqaXytrcFUvUCrzRT2EoxPpzHgTJOOPy6sBQ== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] nginx: Update to version 1.26.2 Date: Sun, 15 Sep 2024 18:43:41 +0200 Message-ID: <20240915164342.4134180-8-adolf.belka@ipfire.org> In-Reply-To: <20240915164342.4134180-1-adolf.belka@ipfire.org> References: <20240915164342.4134180-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: 2PZ4ABS3QJMGSRCSVUQV6H4KZQKULV6B X-Message-ID-Hash: 2PZ4ABS3QJMGSRCSVUQV6H4KZQKULV6B X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - Update from version 1.26.1 to 1.26.2 - Update of rootfile not required - CVE Fix in this version - Changelog 1.26.2 *) Security: processing of a specially crafted mp4 file by the ngx_http_mp4_module might cause a worker process crash (CVE-2024-7347). Thanks to Nils Bars. Signed-off-by: Adolf Belka --- lfs/nginx | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lfs/nginx b/lfs/nginx index c344b2955..0468fed11 100644 --- a/lfs/nginx +++ b/lfs/nginx @@ -25,7 +25,7 @@ include Config SUMMARY = A HTTP server and IMAP/POP3 proxy server -VER = 1.26.1 +VER = 1.26.2 THISAPP = nginx-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -33,7 +33,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = nginx -PAK_VER = 16 +PAK_VER = 17 DEPS = @@ -47,7 +47,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 5df95f6771a93009f5bd1a4038857c29af580d18af841e8cffe073339578b3ae0492d3a4cc797cac03a1039096ac5206ed1fa01da11c98591bce2cc4b2d18679 +$(DL_FILE)_BLAKE2 = f054deb47bf21bf963fedc8f980d29c92325bbfcb39c5a2cc67cce15add32036f0b771c7abac018ded6354a0df0850ed5843d26e0cf5d9577b70ca3fa89a206c install : $(TARGET)