backported the patch to the nginx core for the latest SPDY security vulnerability (CVE-2014-0133).

2024-10-13 00:29:41 +00:00 · 2014-03-19 17:37:47 -07:00
parent d21cc33749
commit 37ba2b1015
3 changed files with 16 additions and 1 deletions
--- a/util/mirror-tarballs
+++ b/util/mirror-tarballs
@ -32,6 +32,10 @@ cd nginx-$ver || exit 1

 # patch the patch

+echo "$info_txt applying the patch for nginx security advisory (CVE-2014-0133)"
+patch -p0 < $root/patches/patch.2014.spdy2.txt || exit 1
+echo
+
 echo "$info_txt applying the upstream-pipelining patch for nginx"
 patch -p1 < $root/patches/nginx-$main_ver-upstream_pipelining.patch || exit 1
 echo
--- a/util/ver
+++ b/util/ver
@ -1,7 +1,7 @@
 #!/bin/bash

 main_ver=1.5.11
-minor_ver=1rc2
+minor_ver=1rc3
 version=$main_ver.$minor_ver
 echo $version