bugfix: applied the patch for security advisory to NGINX cores >= 0.6.18 and <= 1.20.0 (CVE-2021-23017). (#739)

pull/743/head
Johnny Wang 1 year ago committed by GitHub
parent 42410a71cd
commit 4b5ec7edd7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 23
      patches/patch.2021.resolver.txt
  2. 10
      util/mirror-tarballs

@ -0,0 +1,23 @@
diff --git src/core/ngx_resolver.c src/core/ngx_resolver.c
--- src/core/ngx_resolver.c
+++ src/core/ngx_resolver.c
@@ -4008,15 +4008,15 @@ done:
n = *src++;
} else {
+ if (dst != name->data) {
+ *dst++ = '.';
+ }
+
ngx_strlow(dst, src, n);
dst += n;
src += n;
n = *src++;
-
- if (n != 0) {
- *dst++ = '.';
- }
}
if (n == 0) {

@ -469,6 +469,16 @@ else
echo
fi
answer=`$root/util/ver-ge "$main_ver" 0.6.18`
if [ "$answer" = "Y" ]; then
answer=`$root/util/ver-ge "$main_ver" 1.20.1`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the patch for nginx security advisory (CVE-2021-23017)"
patch -p0 < $root/patches/patch.2021.resolver.txt || exit 1
echo
fi
fi
echo "$info_txt applying the upstream_timeout_fields patch for nginx"
patch -p1 < $root/patches/nginx-$main_ver-upstream_timeout_fields.patch || exit 1
echo

Loading…
Cancel
Save