Bug 206698

Summary:	www/nginx www/nginx-devel: Update to security releases 1.8.1 & 1.9.10 respectively
Product:	Ports & Packages	Reporter:	Steven Hartland <smh>
Component:	Individual Port(s)	Assignee:	Sergey A. Osokin <osa>
Status:	Closed FIXED
Severity:	Affects Many People	CC:	devnexen, feld, junovitch, ports-secteam
Priority:	Normal	Keywords:	needs-patch, security
Version:	Latest	Flags:	bugzilla: maintainer-feedback? (osa) koobs: merge-quarterly?
Hardware:	Any
OS:	Any

Description Steven Hartland freebsd_committer

2016-01-28 00:52:35 UTC

nginx released 1.8.1 and 1.9.10 security releases, with fixes for vulnerabilities in resolver (CVE-2016-0742, CVE-2016-0746, CVE-2016-0747).

We need to update our versions in ports.

Comment 1 David Carlier 2016-01-29 22:38:10 UTC

I sent already patches for both to osa@ couple of days ago, we ll see ...

Comment 2 commit-hook freebsd_committer

2016-01-30 05:31:53 UTC

A commit references this bug:

Author: feld
Date: Sat Jan 30 05:31:47 UTC 2016
New revision: 407509
URL: https://svnweb.freebsd.org/changeset/ports/407509

Log:
  www/nginx: Update to 1.8.1

  PR:		206698
  Security:	CVE-2016-0742
  Security:	CVE-2016-0746
  Security:	CVE-2016-0747

Changes:
  head/www/nginx/Makefile
  head/www/nginx/distinfo

Comment 3 commit-hook freebsd_committer

2016-01-30 05:34:55 UTC

A commit references this bug:

Author: feld
Date: Sat Jan 30 05:34:42 UTC 2016
New revision: 407510
URL: https://svnweb.freebsd.org/changeset/ports/407510

Log:
  www/nginx-devel: Update to 1.9.10

  PR:		206698
  Security:	CVE-2016-0742
  Security:	CVE-2016-0746
  Security:	CVE-2016-0747

Changes:
  head/www/nginx-devel/Makefile
  head/www/nginx-devel/distinfo

Comment 4 commit-hook freebsd_committer

2016-01-30 05:35:57 UTC

A commit references this bug:

Author: feld
Date: Sat Jan 30 05:35:36 UTC 2016
New revision: 407511
URL: https://svnweb.freebsd.org/changeset/ports/407511

Log:
  MFH: r407509

  www/nginx: Update to 1.8.1

  PR:		206698
  Security:	CVE-2016-0742
  Security:	CVE-2016-0746
  Security:	CVE-2016-0747
  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2016Q1/
  branches/2016Q1/www/nginx/Makefile
  branches/2016Q1/www/nginx/distinfo

Comment 5 commit-hook freebsd_committer

2016-01-30 05:36:59 UTC

A commit references this bug:

Author: feld
Date: Sat Jan 30 05:36:08 UTC 2016
New revision: 407512
URL: https://svnweb.freebsd.org/changeset/ports/407512

Log:
  MFH: r407510

  www/nginx-devel: Update to 1.9.10

  PR:		206698
  Security:	CVE-2016-0742
  Security:	CVE-2016-0746
  Security:	CVE-2016-0747
  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2016Q1/
  branches/2016Q1/www/nginx-devel/Makefile
  branches/2016Q1/www/nginx-devel/distinfo