nginxtra 1.4.0.9 → 1.4.1.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. data/bin/nginxtra +1 -1
  2. data/bin/nginxtra_rails +1 -1
  3. data/lib/nginxtra/version.rb +1 -1
  4. data/vendor/nginx/CHANGES +9 -0
  5. data/vendor/nginx/CHANGES.ru +9 -0
  6. data/vendor/nginx/src/core/nginx.h +2 -2
  7. data/vendor/nginx/src/http/ngx_http_parse.c +4 -0
  8. metadata +2 -2
data/bin/nginxtra CHANGED
@@ -1,6 +1,6 @@
1
1
  #!/usr/bin/env ruby
2
2
  require "rubygems"
3
- gem "nginxtra", "= 1.4.0.9"
3
+ gem "nginxtra", "= 1.4.1.9"
4
4
  gem "thor", "~> 0.16"
5
5
  require "nginxtra"
6
6
  Nginxtra::CLI.start
data/bin/nginxtra_rails CHANGED
@@ -1,6 +1,6 @@
1
1
  #!/usr/bin/env ruby
2
2
  require "rubygems"
3
- gem "nginxtra", "= 1.4.0.9"
3
+ gem "nginxtra", "= 1.4.1.9"
4
4
  gem "thor", "~> 0.16"
5
5
  require "nginxtra"
6
6
  Nginxtra::Rails::CLI.start
data/lib/nginxtra/version.rb CHANGED
@@ -6,7 +6,7 @@ module Nginxtra
6
6
  end
7
7
 
8
8
  def to_s
9
- "1.4.0.9"
9
+ "1.4.1.9"
10
10
  end
11
11
  end
12
12
  end
data/vendor/nginx/CHANGES CHANGED
@@ -1,4 +1,13 @@
1
1
 
2
+ Changes with nginx 1.4.1 07 May 2013
3
+
4
+ *) Security: a stack-based buffer overflow might occur in a worker
5
+ process while handling a specially crafted request, potentially
6
+ resulting in arbitrary code execution (CVE-2013-2028); the bug had
7
+ appeared in 1.3.9.
8
+ Thanks to Greg MacManus, iSIGHT Partners Labs.
9
+
10
+
2
11
  Changes with nginx 1.4.0 24 Apr 2013
3
12
 
4
13
  *) Bugfix: nginx could not be built with the ngx_http_perl_module if the
data/vendor/nginx/CHANGES.ru CHANGED
@@ -1,4 +1,13 @@
1
1
 
2
+ Изменения в nginx 1.4.1 07.05.2013
3
+
4
+ *) Безопасность: при обработке специально созданного запроса мог
5
+ перезаписываться стек рабочего процесса, что могло приводить к
6
+ выполнению произвольного кода (CVE-2013-2028); ошибка появилась в
7
+ 1.3.9.
8
+ Спасибо Greg MacManus, iSIGHT Partners Labs.
9
+
10
+
2
11
  Изменения в nginx 1.4.0 24.04.2013
3
12
 
4
13
  *) Исправление: nginx не собирался с модулем ngx_http_perl_module, если
data/vendor/nginx/src/core/nginx.h CHANGED
@@ -9,8 +9,8 @@
9
9
  #define _NGINX_H_INCLUDED_
10
10
 
11
11
 
12
- #define nginx_version 1004000
13
- #define NGINX_VERSION "1.4.0"
12
+ #define nginx_version 1004001
13
+ #define NGINX_VERSION "1.4.1"
14
14
  #define NGINX_VER "nginx/" NGINX_VERSION
15
15
 
16
16
  #define NGINX_VAR "NGINX"
data/vendor/nginx/src/http/ngx_http_parse.c CHANGED
@@ -2209,6 +2209,10 @@ data:
2209
2209
 
2210
2210
  }
2211
2211
 
2212
+ if (ctx->size < 0 || ctx->length < 0) {
2213
+ goto invalid;
2214
+ }
2215
+
2212
2216
  return rc;
2213
2217
 
2214
2218
  done:
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nginxtra
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.4.0.9
4
+ version: 1.4.1.9
5
5
  prerelease:
6
6
  platform: ruby
7
7
  authors:
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
- date: 2013-04-24 00:00:00.000000000 Z
12
+ date: 2013-05-08 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: thor