~alpine/aports

[alpine-aports] [PATCH 1/3] main/nginx: security upgrade to 1.8.1 (close CVE-2016-0742, CVE-2016-0746, CVE-2016-0747)

Valery Kartel <valery.kartel@gmail.com>
Details
Message ID
<1453883359-4582-1-git-send-email-valery.kartel@gmail.com>
Sender timestamp
1453883359
DKIM signature
missing
Download raw message
8 years ago
Patch: +9 -21 
- remove unneded logrotate script
- add !nginx-lua to depends
- some APKBUILD cleanups
---
 main/nginx/APKBUILD        | 18 +++++++++---------
 main/nginx/nginx.logrotate | 12 ------------
 2 files changed, 9 insertions(+), 21 deletions(-)
 delete mode 100644 main/nginx/nginx.logrotate

diff --git a/main/nginx/APKBUILD b/main/nginx/APKBUILD
index bbb305f..278fab1 100644
--- a/main/nginx/APKBUILD
+++ b/main/nginx/APKBUILD
@@ -1,11 +1,12 @@
# Maintainer: Cameron Banta <cbanta@gmail.com>
# Contributor: Jeff Bilyk <jbilyk@gmail.com>
# Contributor: Bartłomiej Piotrowski <nospam@bpiotrowski.pl>
# Contributor: Valery Kartel <valery.kartel@gmail.com>

pkgname=nginx
pkgver=1.8.0
pkgver=1.8.1
_nginxrtmpver=1.1.7
pkgrel=3
pkgrel=0
pkgdesc="lightweight HTTP and reverse proxy server"
url="http://www.nginx.org"
arch="all"
@@ -14,7 +15,7 @@ pkgusers="nginx"
pkggroups="nginx"
install=""
# the nginx-initscritps provides openrc script, logrotate and user creation
depends="nginx-initscripts"
depends="!nginx-lua nginx-initscripts"
makedepends="pcre-dev openssl-dev zlib-dev linux-headers"
subpackages="$pkgname-doc $pkgname-vim:vim"
source="http://nginx.org/download/$pkgname-$pkgver.tar.gz
@@ -23,7 +24,6 @@ source="http://nginx.org/download/$pkgname-$pkgver.tar.gz
	"

_builddir="$srcdir"/$pkgname-$pkgver

prepare() {
	cd "$_builddir"
	for i in $source; do
@@ -55,8 +55,8 @@ build() {
		--http-fastcgi-temp-path=$_tmpdir/fastcgi \
		--http-uwsgi-temp-path=$_tmpdir/uwsgi \
		--http-scgi-temp-path=$_tmpdir/scgi \
		--user=nginx \
		--group=nginx \
		--user=$pkgusers \
		--group=$pkggroups \
		--with-ipv6 \
		--with-file-aio \
		--with-pcre-jit \
@@ -101,12 +101,12 @@ vim() {
	done
}

md5sums="3ca4a37931e9fa301964b8ce889da8cb  nginx-1.8.0.tar.gz
md5sums="2e91695074dbdfbf1bcec0ada9fda462  nginx-1.8.1.tar.gz
8006de2560db3e55bb15d110220076ac  nginx-rtmp-module-1.1.7.tar.gz
801a87f7f9d27f8ad85b41a78b4c4461  ipv6.patch"
sha256sums="23cca1239990c818d8f6da118320c4979aadf5386deda691b1b7c2c96b9df3d5  nginx-1.8.0.tar.gz
sha256sums="8f4b3c630966c044ec72715754334d1fdf741caa1d5795fb4646c27d09f797b7  nginx-1.8.1.tar.gz
7922b0e3d5f3d9c4b275e4908cfb8f5fb1bfb3ac2df77f4c262cda56df21aab3  nginx-rtmp-module-1.1.7.tar.gz
a24ef5843ae0afa538b00c37eb7da7870f9d7f146f52a9668678f7296cf71d9b  ipv6.patch"
sha512sums="3e5d7e1b01839b2638251c47046149450b9b65985e611ef55e5953846e9eb0128c3708c695540ad4dfd0ce5e3060dfecb51213403048fab1a99dd5cea94f0038  nginx-1.8.0.tar.gz
sha512sums="546eba1749af0034cb8b924d2432be2f0e82a75c545aa929391ef7234103c3f29376235a2ef1363b120e1825cda15aeb085a05f9ce3596c88466e112e82aa882  nginx-1.8.1.tar.gz
9883462a04683f1e7af175da04b86d259ff6d677864667588fb073143f7130969eb2a5a5a48ddceda7a555b908580f179bdcacb7f0111413d51db5bfe43b396e  nginx-rtmp-module-1.1.7.tar.gz
68d64a84568ec2df0366925ab282a05ebe21a85044b6c7844a47573cfd8cc8ed119cc772358bc3fff36e2d4fdf583a730592825f5f98632993ca86d1f8438d5f  ipv6.patch"
diff --git a/main/nginx/nginx.logrotate b/main/nginx/nginx.logrotate
deleted file mode 100644
index 00e5a94..0000000
--- a/main/nginx/nginx.logrotate
@@ -1,12 +0,0 @@
# Copyright 1999-2010 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/www-servers/nginx/files/nginx.logrotate,v 1.1 2010/01/03 20:29:40 djc Exp $

/var/log/nginx/*.log {
	missingok
	sharedscripts
	postrotate
		test -r /var/run/nginx.pid && kill -USR1 `cat /var/run/nginx.pid`
	endscript
}

-- 
2.7.0



---
Unsubscribe:  alpine-aports+unsubscribe@lists.alpinelinux.org
Help:         alpine-aports+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)