diff options
| author | schnoebe <schnoebe> | 2013-12-05 17:43:31 +0000 |
|---|---|---|
| committer | schnoebe <schnoebe> | 2013-12-05 17:43:31 +0000 |
| commit | 8cefa8be7fc17a854ae1fa618a82abacafaacedc (patch) | |
| tree | e5ec0806fc63547f291ac1226c99aba2055f740e /www/nginx-devel/patches/patch-aa | |
| parent | 766cd74cb40a0044408b6e8eaa16268c31ea28e7 (diff) | |
| download | pkgsrc-8cefa8be7fc17a854ae1fa618a82abacafaacedc.tar.gz | |
pull-up to pkgsrc-2013Q3, ticket #4264
Updated to nginx 1.4.4
Changes with nginx 1.4.4 19 Nov 2013
*) Security: a character following an unescaped space in a request line
was handled incorrectly (CVE-2013-4547); the bug had appeared in
0.8.41.
Thanks to Ivan Fratric of the Google Security Team.
Changes with nginx 1.4.3 08 Oct 2013
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used with the "client_body_in_file_only"
directive.
*) Bugfix: a segmentation fault might occur on start or during
reconfiguration if the "try_files" directive was used with an empty
parameter.
*) Bugfix: the $request_time variable did not work in nginx/Windows.
*) Bugfix: in the ngx_http_auth_basic_module when using "$apr1$"
password encryption method.
Thanks to Markus Linnala.
*) Bugfix: in the ngx_http_autoindex_module.
*) Bugfix: in the mail proxy server.
Diffstat (limited to 'www/nginx-devel/patches/patch-aa')
0 files changed, 0 insertions, 0 deletions