Bug 256172 - www/nginx: update to 1.20.1
Summary: www/nginx: update to 1.20.1
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Brad Davis
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-05-26 15:56 UTC by Christos Chatzaras
Modified: 2021-10-16 16:56 UTC (History)
3 users (show)

See Also:
bugzilla: maintainer-feedback? (joneum)


Attachments
nginx-1.20.1 update patch (14.14 KB, text/plain)
2021-05-26 15:56 UTC, Christos Chatzaras
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Christos Chatzaras 2021-05-26 15:56:01 UTC
Created attachment 225280 [details]
nginx-1.20.1 update patch

2021-05-25: nginx-1.20.1 stable and nginx-1.21.0 mainline versions have been released, with a fix for the 1-byte memory overwrite vulnerability in resolver (CVE-2021-23017).
Comment 1 Christos Chatzaras 2021-06-16 09:26:21 UTC
Any news about this update?
Comment 2 commit-hook freebsd_committer freebsd_triage 2021-06-21 23:00:03 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c8540e27153f1ea2ee438b9aaf367ea0def9ef29

commit c8540e27153f1ea2ee438b9aaf367ea0def9ef29
Author:     Brad Davis <brd@FreeBSD.org>
AuthorDate: 2021-06-21 22:08:14 +0000
Commit:     Brad Davis <brd@FreeBSD.org>
CommitDate: 2021-06-21 22:08:14 +0000

    www/nginx: Update to 1.20.1

    PR:             256172
    Reported by:    Christos Chatzaras <chris@cretaforce.gr>
    Reviewed by:    garga
    Approved by:    maintainer timeout
    MFH:            2021Q2
    Security:       0882f019-bd60-11eb-9bdd-8c164567ca3c
    Sponsored by:   Rubicon Communications, LLC ("Netgate")

 www/nginx/Makefile | 4 ++--
 www/nginx/distinfo | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)
Comment 3 Jochen Neumeister freebsd_committer freebsd_triage 2021-07-05 07:11:29 UTC
PR further to @brd - if he already wrongly committed, he should also take over the MFH
Comment 4 Jochen Neumeister freebsd_committer freebsd_triage 2021-08-21 06:10:44 UTC
ping
Comment 5 Tobias Kortkamp freebsd_committer freebsd_triage 2021-08-21 07:23:22 UTC
Isn't the MFH already done by virtue of rolling over to 2021Q3? The
commit was in June, i.e, in 2021Q2.