186526
/
openresty
mirror of https://github.com/openresty/openresty.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

bugfix: applied the patch for security advisory to NGINX cores >= 0.6.18 and <= 1.20.0 (CVE-2021-23017). (#739)

This commit is contained in:
Johnny Wang 2021-05-28 10:25:01 +08:00 committed by GitHub
parent 42410a71cd
commit 4b5ec7edd7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 33 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
patches/patch.2021.resolver.txt Normal file
View File

@ -0,0 +1,23 @@
diff --git src/core/ngx_resolver.c src/core/ngx_resolver.c
--- src/core/ngx_resolver.c
+++ src/core/ngx_resolver.c
@@ -4008,15 +4008,15 @@ done:
n = *src++;
} else {
+ if (dst != name->data) {
+ *dst++ = '.';
+ }
+
ngx_strlow(dst, src, n);
dst += n;
src += n;
n = *src++;
-
- if (n != 0) {
- *dst++ = '.';
- }
}
if (n == 0) {

10
util/mirror-tarballs
View File

@ -469,6 +469,16 @@ else
echo echo
fi fi
answer=`$root/util/ver-ge "$main_ver" 0.6.18`
if [ "$answer" = "Y" ]; then
answer=`$root/util/ver-ge "$main_ver" 1.20.1`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the patch for nginx security advisory (CVE-2021-23017)"
patch -p0 < $root/patches/patch.2021.resolver.txt || exit 1
echo
fi
fi
echo "$info_txt applying the upstream_timeout_fields patch for nginx" echo "$info_txt applying the upstream_timeout_fields patch for nginx"
patch -p1 < $root/patches/nginx-$main_ver-upstream_timeout_fields.patch || exit 1 patch -p1 < $root/patches/nginx-$main_ver-upstream_timeout_fields.patch || exit 1
echo echo