bugfix: applied the patch for nginx security advisory (CVE-2016-4450).

also bumped version to 1.9.7.5.
2016-05-31 13:19:23 -07:00 · 2016-05-31 13:19:23 -07:00 · bf47ba9529
parent 3041624fbc
commit bf47ba9529
3 changed files with 23 additions and 1 deletions
--- a/patches/patch.2016.write2.txt
+++ b/patches/patch.2016.write2.txt
@ -0,0 +1,15 @@
+--- src/os/unix/ngx_files.c
+++ src/os/unix/ngx_files.c
+@@ -183,6 +183,12 @@ ngx_write_chain_to_file(ngx_file_t *file
+         /* create the iovec and coalesce the neighbouring bufs */
+ 
+         while (cl && vec.nelts < IOV_MAX) {
+
+            if (ngx_buf_special(cl->buf)) {
+                cl = cl->next;
+                continue;
+            }
+
+             if (prev == cl->buf->pos) {
+                 iov->iov_len += cl->buf->last - cl->buf->pos;
+ 
--- a/util/mirror-tarballs
+++ b/util/mirror-tarballs
@ -39,6 +39,13 @@ if [ "$answer" = "N" ]; then
    echo
 fi

+answer=`$root/util/ver-ge "$main_ver" 1.9.12`
+if [ "$answer" = "N" ]; then
+    echo "$info_txt applying the patch for nginx security advisory (CVE-2016-4450)"
+    patch -p0 < $root/patches/patch.2016.write2.txt || exit 1
+    echo
+fi
+
 echo "$info_txt applying the upstream-pipelining patch for nginx"
 patch -p1 < $root/patches/nginx-$main_ver-upstream_pipelining.patch || exit 1
 echo
--- a/util/ver
+++ b/util/ver
@ -1,7 +1,7 @@
 #!/bin/bash

 main_ver=1.9.7
-minor_ver=4
+minor_ver=5
 version=$main_ver.$minor_ver
 echo $version