Mail archive
alpine-aports

[alpine-aports] [PATCH 1/3] main/nginx: security upgrade to 1.8.1 (close CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)

From: Valery Kartel <valery.kartel_at_gmail.com>
Date: Wed, 27 Jan 2016 10:29:19 +0200

- remove unneded logrotate script
- add !nginx-lua to depends
- some APKBUILD cleanups
---
 main/nginx/APKBUILD        | 18 +++++++++---------
 main/nginx/nginx.logrotate | 12 ------------
 2 files changed, 9 insertions(+), 21 deletions(-)
 delete mode 100644 main/nginx/nginx.logrotate
diff --git a/main/nginx/APKBUILD b/main/nginx/APKBUILD
index bbb305f..278fab1 100644
--- a/main/nginx/APKBUILD
+++ b/main/nginx/APKBUILD
_at_@ -1,11 +1,12 @@
 # Maintainer: Cameron Banta <cbanta_at_gmail.com>
 # Contributor: Jeff Bilyk <jbilyk_at_gmail.com>
 # Contributor: Bartłomiej Piotrowski <nospam_at_bpiotrowski.pl>
+# Contributor: Valery Kartel <valery.kartel_at_gmail.com>
 
 pkgname=nginx
-pkgver=1.8.0
+pkgver=1.8.1
 _nginxrtmpver=1.1.7
-pkgrel=3
+pkgrel=0
 pkgdesc="lightweight HTTP and reverse proxy server"
 url="http://www.nginx.org"
 arch="all"
_at_@ -14,7 +15,7 @@ pkgusers="nginx"
 pkggroups="nginx"
 install=""
 # the nginx-initscritps provides openrc script, logrotate and user creation
-depends="nginx-initscripts"
+depends="!nginx-lua nginx-initscripts"
 makedepends="pcre-dev openssl-dev zlib-dev linux-headers"
 subpackages="$pkgname-doc $pkgname-vim:vim"
 source="http://nginx.org/download/$pkgname-$pkgver.tar.gz
_at_@ -23,7 +24,6 @@ source="http://nginx.org/download/$pkgname-$pkgver.tar.gz
 	"
 
 _builddir="$srcdir"/$pkgname-$pkgver
-
 prepare() {
 	cd "$_builddir"
 	for i in $source; do
_at_@ -55,8 +55,8 @@ build() {
 		--http-fastcgi-temp-path=$_tmpdir/fastcgi \
 		--http-uwsgi-temp-path=$_tmpdir/uwsgi \
 		--http-scgi-temp-path=$_tmpdir/scgi \
-		--user=nginx \
-		--group=nginx \
+		--user=$pkgusers \
+		--group=$pkggroups \
 		--with-ipv6 \
 		--with-file-aio \
 		--with-pcre-jit \
_at_@ -101,12 +101,12 @@ vim() {
 	done
 }
 
-md5sums="3ca4a37931e9fa301964b8ce889da8cb  nginx-1.8.0.tar.gz
+md5sums="2e91695074dbdfbf1bcec0ada9fda462  nginx-1.8.1.tar.gz
 8006de2560db3e55bb15d110220076ac  nginx-rtmp-module-1.1.7.tar.gz
 801a87f7f9d27f8ad85b41a78b4c4461  ipv6.patch"
-sha256sums="23cca1239990c818d8f6da118320c4979aadf5386deda691b1b7c2c96b9df3d5  nginx-1.8.0.tar.gz
+sha256sums="8f4b3c630966c044ec72715754334d1fdf741caa1d5795fb4646c27d09f797b7  nginx-1.8.1.tar.gz
 7922b0e3d5f3d9c4b275e4908cfb8f5fb1bfb3ac2df77f4c262cda56df21aab3  nginx-rtmp-module-1.1.7.tar.gz
 a24ef5843ae0afa538b00c37eb7da7870f9d7f146f52a9668678f7296cf71d9b  ipv6.patch"
-sha512sums="3e5d7e1b01839b2638251c47046149450b9b65985e611ef55e5953846e9eb0128c3708c695540ad4dfd0ce5e3060dfecb51213403048fab1a99dd5cea94f0038  nginx-1.8.0.tar.gz
+sha512sums="546eba1749af0034cb8b924d2432be2f0e82a75c545aa929391ef7234103c3f29376235a2ef1363b120e1825cda15aeb085a05f9ce3596c88466e112e82aa882  nginx-1.8.1.tar.gz
 9883462a04683f1e7af175da04b86d259ff6d677864667588fb073143f7130969eb2a5a5a48ddceda7a555b908580f179bdcacb7f0111413d51db5bfe43b396e  nginx-rtmp-module-1.1.7.tar.gz
 68d64a84568ec2df0366925ab282a05ebe21a85044b6c7844a47573cfd8cc8ed119cc772358bc3fff36e2d4fdf583a730592825f5f98632993ca86d1f8438d5f  ipv6.patch"
diff --git a/main/nginx/nginx.logrotate b/main/nginx/nginx.logrotate
deleted file mode 100644
index 00e5a94..0000000
--- a/main/nginx/nginx.logrotate
+++ /dev/null
_at_@ -1,12 +0,0 @@
-# Copyright 1999-2010 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/files/nginx.logrotate,v 1.1 2010/01/03 20:29:40 djc Exp $
-
-/var/log/nginx/*.log {
-	missingok
-	sharedscripts
-	postrotate
-		test -r /var/run/nginx.pid && kill -USR1 `cat /var/run/nginx.pid`
-	endscript
-}
-
-- 
2.7.0
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Wed Jan 27 2016 - 10:29:19 GMT