nginxtra 1.4.6.9 → 1.4.7.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bdbeda6e5a02b626fc9df0916df9c726d3e2b9e3
-  data.tar.gz: 0922b841d5cfc95041231b5c830d24b0b64f8af0
+  metadata.gz: dede1bae30a3fd005accbd97949b0976bba4ce15
+  data.tar.gz: 350606d60ba2e59448b0e8352af765ba55208875
 SHA512:
-  metadata.gz: ffa65627a8944545dbd6c32e523807f5822d25c9035b68f1d2cee5f7fa1835dc906eb3d38383a6fa58443842a89b6ca69fbd7707a77f0afb5426f91cd859ca2e
-  data.tar.gz: cf43b5f3026eeb525048f6ecd54f1c50ff7003e250eb457b087cb1498c8b596324dd7ab21c35c8a9098d78c45b84ccbdc057b015d4223e054f2f4ae82236518f
+  metadata.gz: d735aafa03c117c1c18dd17dae8d5e7737b8c7ca884b1ee389389617f47dafeb43db6cb7b688a838167d9fcce931f7a79a396f300adacd96d63bd1dc1701d2bf
+  data.tar.gz: e5b167bda73982d95c86c4cecab947f2ea791ff2ed34d2bfde12a99d203ec28bf88ee90867d576f7efa3f61a76fd04e132563e0b4d2eed30e7945baf4e02b000

data/bin/nginxtra

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 require "rubygems"
-gem "nginxtra", "= 1.4.6.9"
+gem "nginxtra", "= 1.4.7.9"
 gem "thor", "~> 0.16"
 require "nginxtra"
 Nginxtra::CLI.start

data/bin/nginxtra_rails

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 require "rubygems"
-gem "nginxtra", "= 1.4.6.9"
+gem "nginxtra", "= 1.4.7.9"
 gem "thor", "~> 0.16"
 require "nginxtra"
 Nginxtra::Rails::CLI.start

data/lib/nginxtra/version.rb

@@ -6,7 +6,7 @@ module Nginxtra
       end
 
       def to_s
-        "1.4.6.9"
+        "1.4.7.9"
       end
     end
   end

data/vendor/nginx/CHANGES

@@ -1,4 +1,17 @@
 
+Changes with nginx 1.4.7                                         18 Mar 2014
+
+    *) Security: a heap memory buffer overflow might occur in a worker
+       process while handling a specially crafted request by
+       ngx_http_spdy_module, potentially resulting in arbitrary code
+       execution (CVE-2014-0133).
+       Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr.
+       Manuel Sadosky, Buenos Aires, Argentina.
+
+    *) Bugfix: in the "fastcgi_next_upstream" directive.
+       Thanks to Lucas Molas.
+
+
 Changes with nginx 1.4.6                                         04 Mar 2014
 
     *) Bugfix: the "client_max_body_size" directive might not work when

data/vendor/nginx/CHANGES.ru

@@ -1,4 +1,17 @@
 
+Изменения в nginx 1.4.7                                           18.03.2014
+
+    *) Безопасность: при обработке специально созданного запроса модулем
+       ngx_http_spdy_module могло происходить переполнение буфера в рабочем
+       процессе, что потенциально могло приводить к выполнению произвольного
+       кода (CVE-2014-0133).
+       Спасибо Lucas Molas из Programa STIC, Fundación Dr. Manuel Sadosky,
+       Buenos Aires, Argentina.
+
+    *) Исправление: в директиве fastcgi_next_upstream.
+       Спасибо Lucas Molas.
+
+
 Изменения в nginx 1.4.6                                           04.03.2014
 
     *) Исправление: директива client_max_body_size могла не работать при

data/vendor/nginx/src/core/nginx.h

@@ -9,8 +9,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version      1004006
-#define NGINX_VERSION      "1.4.6"
+#define nginx_version      1004007
+#define NGINX_VERSION      "1.4.7"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #define NGINX_VAR          "NGINX"

data/vendor/nginx/src/http/modules/ngx_http_fastcgi_module.c

@@ -1195,6 +1195,10 @@ ngx_http_fastcgi_reinit_request(ngx_http_request_t *r)
     f->fastcgi_stdout = 0;
     f->large_stderr = 0;
 
+    if (f->split_parts) {
+        f->split_parts->nelts = 0;
+    }
+
     r->state = 0;
 
     return NGX_OK;
@@ -1475,6 +1479,13 @@ ngx_http_fastcgi_process_header(ngx_http_request_t *r)
 
                     rc = ngx_http_parse_header_line(r, &buf, 1);
 
+                    if (rc != NGX_OK) {
+                        ngx_log_error(NGX_LOG_ALERT, r->connection->log, 0,
+                                      "invalid header after joining "
+                                      "FastCGI records");
+                        return NGX_ERROR;
+                    }
+
                     h->key.len = r->header_name_end - r->header_name_start;
                     h->key.data = r->header_name_start;
                     h->key.data[h->key.len] = '\0';

data/vendor/nginx/src/http/ngx_http_spdy.c

@@ -1465,7 +1465,7 @@ static u_char *
 ngx_http_spdy_state_save(ngx_http_spdy_connection_t *sc,
     u_char *pos, u_char *end, ngx_http_spdy_handler_pt handler)
 {
-#if (NGX_DEBUG)
+#if 1
     if (end - pos > NGX_SPDY_STATE_BUFFER_SIZE) {
         ngx_log_error(NGX_LOG_ALERT, sc->connection->log, 0,
                       "spdy state buffer overflow: "

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: nginxtra
 version: !ruby/object:Gem::Version
-  version: 1.4.6.9
+  version: 1.4.7.9
 platform: ruby
 authors:
 - Mike Virata-Stone
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-03-05 00:00:00.000000000 Z
+date: 2014-03-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor