-
nginx (1.14.2-2+deb10u4) buster-security; urgency=medium
* CVE-2021-23017 (Closes: #989095)
-- Moritz Mühlenhoff <email address hidden> Fri, 28 May 2021 10:43:00 +0200
-
nginx (1.14.2-2+deb10u3) buster-security; urgency=high
* Non-maintainer upload by the Security Team.
* bugfix: prevented request smuggling in the ngx.location.capture API
(CVE-2020-11724) (Closes: #964950)
-- Salvatore Bonaccorso <email address hidden> Mon, 24 Aug 2020 12:18:43 +0200
-
nginx (1.14.2-2+deb10u2) buster; urgency=medium
* Handle CVE-2019-20372, error page request smuggling
(Closes: #948579)
-- Christos Trochalakis <email address hidden> Sat, 11 Jan 2020 09:28:05 +0200
-
nginx (1.14.2-2+deb10u1) buster-security; urgency=high
* Backport upstream fixes for 3 CVEs (Closes: #935037)
Those fixes affect Nginx HTTP/2 implementation, which might cause
excessive memory consumption and CPU usage.
(CVE-2019-9511, CVE-2019-9513, CVE-2019-9516).
-- Christos Trochalakis <email address hidden> Tue, 13 Aug 2019 21:10:28 +0300
-
nginx (1.14.2-2) unstable; urgency=medium
[ Kartik Mistry ]
* po/tr.po:
+ Added Turkish translation. Thanks Atila KOÇ <email address hidden>
(Closes: #915728)
[ Christos Trochalakis ]
* http-dav-ext: Upgrade to 3.0.0 (Closes: #851651)
-- Christos Trochalakis <email address hidden> Thu, 27 Dec 2018 12:49:34 +0200
-
nginx (1.14.2-1) unstable; urgency=medium
[ Olaf van der Spek ]
* Reference PHP 7.3 (Closes: 913250)
[ Christos Trochalakis ]
* Adjust fastcgi_split_path_info snippet to handle the `/example.php/` case
(Closes: #911398)
-- Christos Trochalakis <email address hidden> Thu, 13 Dec 2018 10:05:37 +0200
-
nginx (1.14.1-1) unstable; urgency=medium
[ Kartik Mistry ]
* Removed unused lintian override.
* Fixed trailing whitespaces in changelog.
[ Christos Trochalakis ]
* New upstream version. (Closes: #913090)
+ CVE-2018-16843 Excessive memory usage in HTTP/2
+ CVE-2018-16844 Excessive CPU usage in HTTP/2
+ CVE-2018-16845 Memory disclosure in the ngx_http_mp4_module
-- Christos Trochalakis <email address hidden> Wed, 07 Nov 2018 07:16:00 +0200
-
nginx (1.14.0-1) unstable; urgency=medium
[ Kartik Mistry ]
* debian/control:
+ Removed duplicate Build-Depends.
+ Use https in Homepage.
[ Christos Trochalakis ]
* http-lua: Upgrade to 0.10.13
* http-lua: Drop our OpenSSL patch, OpenSSL 1.1 is now supported upstream
* http-fancyindex: Upgrade to 0.4.3
* Order nginx after nss-lookup.target to synchronize host/network name lookups
(Closes: #900790)
* Merge ru translations.
Thanks to Lev Lamberov (Closes: #883104)
-- Christos Trochalakis <email address hidden> Fri, 31 Aug 2018 15:28:04 +0300
-
nginx (1.13.12-1) unstable; urgency=medium
* New upstream version
-- Christos Trochalakis <email address hidden> Wed, 11 Apr 2018 08:19:23 +0300
-
nginx (1.13.10-1) unstable; urgency=medium
* New upstream version
-- Christos Trochalakis <email address hidden> Wed, 21 Mar 2018 16:16:22 +0200
-
nginx (1.13.9-1) unstable; urgency=medium
[ Michael Lustfield ]
* Remove non-uploading users
[ Christos Trochalakis ]
* New upstream version 1.13.9
* Move packaging repository to salsa.debian.org
* Bump Standards-Version to 4.1.3, no changes needed
-- Christos Trochalakis <email address hidden> Wed, 21 Feb 2018 11:24:53 +0200
-
nginx (1.13.8-1) unstable; urgency=medium
* New upstream release.
-- Christos Trochalakis <email address hidden> Wed, 27 Dec 2017 09:24:36 +0200
-
nginx (1.13.7-1) unstable; urgency=medium
[ Christos Trochalakis ]
* New upstream version 1.13.7
* Bump Standards-Version, no changes needed
* debian/watch: switch to HTTPS for the upstream check
[ Mpampis Kostas ]
* Automate modules watch & upgrade process (Closes: #869499)
[ Christos Trochalakis ]
* Bits & pieces for ngxmod
* http-headers-more-filter: Upgrade to 0.33
* http-echo: Upgrade to 0.61
* http-lua: Upgrade to 0.10.11
* http-dav-ext: Upgrade to 0.1.0 (Closes: #878611)
* http-fancyindex: Upgrade to 0.4.2
* rtmp: Upgrade to 1.2.1 (Closes: #880718)
-- Christos Trochalakis <email address hidden> Thu, 14 Dec 2017 11:04:36 +0200
-
nginx (1.13.6-2) unstable; urgency=medium
* rtmp: Ship docs & examples (Closes: #878368)
-- Christos Trochalakis <email address hidden> Fri, 13 Oct 2017 12:59:28 +0300
-
nginx (1.13.5-1) unstable; urgency=medium
* New upstream version 1.13.5
* doc: Improve example WordPress configuration
Thanks to Larry Holish (Closes: #863343)
* Remove upstart conffile (Closes: #874319)
-- Christos Trochalakis <email address hidden> Wed, 06 Sep 2017 10:10:24 +0300
-
nginx (1.13.4-1) unstable; urgency=medium
* New upstream version 1.13.4
* nginx-lua:
+ Add a simple lua autopkgtest
+ Discover LuaJIT 2.1 (FTBFS) (Closes: #873319)
+ Update to v0.10.10
+ Update OpenSSL 1.1 patch
+ Drop patch to build against Nginx 1.11.11, now included upstream
* tests: Fix race between reload and curl's http request
* Explicitly disable autoreconf (debhelper 10)
* Drop Upstart configuration
* Bump Standards to 4.1.0
+ Switch all packages to Priority optional, extra is considered deprecated
-- Christos Trochalakis <email address hidden> Tue, 29 Aug 2017 10:49:03 +0300
-
nginx (1.13.3-1) unstable; urgency=high
* New upstream version 1.13.3.
Fixes CVE-2017-7529 (Closes: #868109)
* Drop gzip_disable "msie6" directive. (Closes: #867024)
-- Christos Trochalakis <email address hidden> Wed, 12 Jul 2017 11:20:27 +0300
