186526
/
openresty
mirror of https://github.com/openresty/openresty.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

applied the official patch for the nginx security vulnerability CVE-2013-2070.

This commit is contained in:
agentzh (Yichun Zhang) 2013-05-13 12:22:02 -07:00
parent 090060c907
commit 07fbdad118
4 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
patches/nginx-1.2.7-cve-2013-2070.patch Normal file
View File

@ -0,0 +1,13 @@
--- src/http/modules/ngx_http_proxy_module.c
+++ src/http/modules/ngx_http_proxy_module.c
@@ -1865,6 +1865,10 @@ data:
}
+ if (ctx->size < 0 || ctx->length < 0) {
+ goto invalid;
+ }
+
return rc;
done:

13
patches/nginx-1.2.8-cve-2013-2070.patch Normal file
View File

@ -0,0 +1,13 @@
--- src/http/modules/ngx_http_proxy_module.c
+++ src/http/modules/ngx_http_proxy_module.c
@@ -1865,6 +1865,10 @@ data:
}
+ if (ctx->size < 0 || ctx->length < 0) {
+ goto invalid;
+ }
+
return rc;
done:

4
util/mirror-tarballs
View File

@ -146,6 +146,10 @@ if [ "$answer" = "N" ]; then
echo
fi
echo "$info_txt applying patches/nginx-$main_ver-cve-2013-2070.patch for nginx"
patch -p0 < $root/patches/nginx-$main_ver-cve-2013-2070.patch || exit 1
echo
rm -f *.patch || exit 1
cd .. || exit 1

2
util/ver
View File

@ -2,7 +2,7 @@
#main_ver=1.3.11
main_ver=1.2.8
minor_ver=1
minor_ver=3
version=$main_ver.$minor_ver
echo $version