186526/openresty
1
0
Fork 0
mirror of https://github.com/openresty/openresty.git synced 2024-10-13 00:29:41 +00:00
Code Issues Projects Releases Wiki Activity

bugfix: applied the patch for security advisory to NGINX cores < 1.14.1 and < 1.15.6 (CVE-2019-9511 CVE-2019-9513 CVE-2019-9516).

Browse Source
This commit is contained in:
Thibault Charbonnier
2019-08-13 12:30:31 -07:00
parent 2b40d7b8ee
commit aa16a49e93
2 changed files with 184 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
util/mirror-tarballs
View File

@ -404,6 +404,54 @@ if [ "$main_ver" = "1.13.6" ]; then
echo
fi
answer=`$root/util/ver-ge "$main_ver" 1.9.5`
if [ "$answer" = "Y" ]; then
answer=`$root/util/ver-ge "$main_ver" 1.14.1`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the patch for nginx security advisory (CVE-2018-16843 CVE-2018-16844)"
patch -p0 < $root/patches/patch.2018.h2.txt || exit 1
echo
elif [ `$root/util/ver-ge "$main_ver" 1.15.0` = "Y" ]; then
answer=`$root/util/ver-ge "$main_ver" 1.15.6`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the patch for nginx security advisory (CVE-2018-16843 CVE-2018-16844)"
patch -p0 < $root/patches/patch.2018.h2.txt || exit 1
echo
fi
fi
fi
answer=`$root/util/ver-ge "$main_ver" 1.14.1`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the patch for nginx security advisory (CVE-2018-16845)"
patch -p0 < $root/patches/patch.2018.mp4.txt || exit 1
echo
else
answer=`$root/util/ver-ge "$main_ver" 1.15.6`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the patch for nginx security advisory (CVE-2018-16845)"
patch -p0 < $root/patches/patch.2018.mp4.txt || exit 1
echo
fi
fi
answer=`$root/util/ver-ge "$main_ver" 1.9.5`
if [ "$answer" = "Y" ]; then
answer=`$root/util/ver-ge "$main_ver" 1.16.1`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the patch for nginx security advisory (CVE-2019-9511 CVE-2019-9513 CVE-2019-9516)"
patch -p0 < $root/patches/patch.2019.h2.txt || exit 1
echo
elif [ `$root/util/ver-ge "$main_ver" 1.17.0` = "Y" ]; then
answer=`$root/util/ver-ge "$main_ver" 1.17.3`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the patch for nginx security advisory (CVE-2019-9511 CVE-2019-9513 CVE-2019-9516)"
patch -p0 < $root/patches/patch.2019.h2.txt || exit 1
echo
fi
fi
fi
rm -f *.patch || exit 1
echo "$info_txt applying the always_enable_cc_feature_tests patch to nginx"