RubyGems - nginxtra - Versions diffs - 1.4.3.9 → 1.4.4.9 - Mend

nginxtra 1.4.3.9 → 1.4.4.9

Files changed (9) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 81cc27b496477f82ca37b4d7750379effd5e0574
-  data.tar.gz: c41eaef205f94780ec52649c4b7acee8ce2954b4
+  metadata.gz: e1593ffeccbe522ab4d9a3f44489adaa158cbe9d
+  data.tar.gz: eb15917c3201fb99073d79e2073ad522b2b74679
 SHA512:
-  metadata.gz: 60bce9431469687065e84c9feedeedd760cddf6e69182be80da015c5bc0a37c21b090cf99e82143470d3c21f4d589f7ab80e1035a6fb7a25ccdc3d437b76b6b0
-  data.tar.gz: e1a00910874d0d142d2677ff397c1065c4d5887ca002f54846fcb49f98c4778d33a43b6d1439fa93171e7a7f96298f6b8d15ea0acc219702e7d9f5c93a0da735
+  metadata.gz: 67043314e52762e016640ae83c238017d51ba48cfc6cf53e517ea6c413cce9de17edfa0bcbe4ff366913dafc9f751c47bb02c1effbb35ab04c1b3907ec351d77
+  data.tar.gz: 5100c75a0437abdfa52628b49c944c3d450bf3d7db572817843fccea9b3ea85ac696655c92a0a1b4c52b279b4033ea78f9726c8bdc24a17ee2f0b309d9d27a2c

data/bin/nginxtra CHANGED

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 require "rubygems"
-gem "nginxtra", "= 1.4.3.9"
+gem "nginxtra", "= 1.4.4.9"
 gem "thor", "~> 0.16"
 require "nginxtra"
 Nginxtra::CLI.start

data/bin/nginxtra_rails CHANGED

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 require "rubygems"
-gem "nginxtra", "= 1.4.3.9"
+gem "nginxtra", "= 1.4.4.9"
 gem "thor", "~> 0.16"
 require "nginxtra"
 Nginxtra::Rails::CLI.start

data/lib/nginxtra/version.rb CHANGED

@@ -6,7 +6,7 @@ module Nginxtra
       end
       def to_s
-        "1.4.3.9"
+        "1.4.4.9"
       end
     end
   end

data/vendor/nginx/CHANGES CHANGED

@@ -1,4 +1,12 @@
+Changes with nginx 1.4.4                                         19 Nov 2013
+    *) Security: a character following an unescaped space in a request line
+       was handled incorrectly (CVE-2013-4547); the bug had appeared in
+       0.8.41.
+       Thanks to Ivan Fratric of the Google Security Team.
 Changes with nginx 1.4.3                                         08 Oct 2013
     *) Bugfix: a segmentation fault might occur in a worker process if the

data/vendor/nginx/CHANGES.ru CHANGED

@@ -1,4 +1,12 @@
+Изменения в nginx 1.4.4                                           19.11.2013
+    *) Безопасность: символ, следующий за незакодированным пробелом в строке
+       запроса, обрабатывался неправильно (CVE-2013-4547); ошибка появилась
+       в 0.8.41.
+       Спасибо Ivan Fratric из Google Security Team.
 Изменения в nginx 1.4.3                                           08.10.2013
     *) Исправление: в рабочем процессе мог произойти segmentation fault,

@@ -9,8 +9,8 @@
 #define _NGINX_H_INCLUDED_
-#define nginx_version      1004003
-#define NGINX_VERSION      "1.4.3"
+#define nginx_version      1004004
+#define NGINX_VERSION      "1.4.4"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 #define NGINX_VAR          "NGINX"

@@ -614,6 +614,7 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
             default:
                 r->space_in_uri = 1;
                 state = sw_check_uri;
+                p--;
                 break;
             }
             break;
@@ -667,6 +668,7 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
             default:
                 r->space_in_uri = 1;
                 state = sw_uri;
+                p--;
                 break;
             }
             break;

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: nginxtra
 version: !ruby/object:Gem::Version
-  version: 1.4.3.9
+  version: 1.4.4.9
 platform: ruby
 authors:
 - Mike Virata-Stone
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-10-08 00:00:00.000000000 Z
+date: 2013-11-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor