MFH: r484324

Security update from 1.15.5 to 1.15.6. Temporary disable third-party upstream_fair module, it should be updated to build with the modern version of the nginx. While I'm here fix some whitespaces. Security: 84ca56be-e1de-11e8-bcfd-00e04c1ea73d Approved by: ports-secteam (miwi) <ChangeLog> *) Security: when using HTTP/2 a client might cause excessive memory consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844). *) Security: processing of a specially crafted mp4 file with the ngx_http_mp4_module might result in worker process memory disclosure (CVE-2018-16845). *) Feature: the "proxy_socket_keepalive", "fastcgi_socket_keepalive", "grpc_socket_keepalive", "memcached_socket_keepalive", "scgi_socket_keepalive", and "uwsgi_socket_keepalive" directives. *) Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL 1.1.1, the TLS 1.3 protocol was always enabled. *) Bugfix: working with gRPC backends might result in excessive memory consumption. </ChangeLog>
svn path=/branches/2018Q4/; revision=484468
2018-11-08 17:59:36 +00:00 · 2018-11-08 17:59:36 +00:00 · 91cb84db25 · 2021-03-31 03:12:20 +00:00
commit 91cb84db25
parent fbab1577bb
3 changed files with 7 additions and 6 deletions
--- a/www/nginx-devel/Makefile
+++ b/www/nginx-devel/Makefile
@ -2,7 +2,7 @@
 # $FreeBSD$

 PORTNAME=	nginx
-PORTVERSION=	1.15.4
+PORTVERSION=	1.15.6
 CATEGORIES=	www
 MASTER_SITES=	http://nginx.org/download/ \
 		LOCAL/osa
--- a/www/nginx-devel/Makefile.extmod
+++ b/www/nginx-devel/Makefile.extmod
@ -164,10 +164,11 @@ HTTP_UPSTREAM_CHECK_EXTRA_PATCHES=	${PATCHDIR}/extra-patch-src-http-modules-ngx_

 HTTP_UPSTREAM_FAIR_GH_TUPLE=		cryptofuture:nginx-upstream-fair:b5be36f:upstreamfair
 HTTP_UPSTREAM_FAIR_VARS=		DSO_EXTMODS+=upstreamfair
+HTTP_UPSTREAM_FAIR_IGNORE=		UPSTREAM_FAIR: a patch requires

 HTTP_UPSTREAM_STICKY_IMPLIES=		HTTP_SSL
-HTTP_UPSTREAM_STICKY_GH_TUPLE=          thomsonreuters:nginx-sticky-module-ng:0d58565:upstreamsticky
-HTTP_UPSTREAM_STICKY_CONFIGURE_ON=      --add-module=${WRKSRC_upstreamsticky}
+HTTP_UPSTREAM_STICKY_GH_TUPLE=		thomsonreuters:nginx-sticky-module-ng:0d58565:upstreamsticky
+HTTP_UPSTREAM_STICKY_CONFIGURE_ON=	--add-module=${WRKSRC_upstreamsticky}

 HTTP_VIDEO_THUMBEXTRACTOR_LIB_DEPENDS=	libavformat.so:multimedia/ffmpeg \
 					libavcodec.so:multimedia/ffmpeg \
--- a/www/nginx-devel/distinfo
+++ b/www/nginx-devel/distinfo
@ -1,6 +1,6 @@
-TIMESTAMP = 1537907181
-SHA256 (nginx-1.15.4.tar.gz) = 3324776c800d974ceae8797ab9102ca26a8c3656f5c6fb3f31f2cb1e719458e7
-SIZE (nginx-1.15.4.tar.gz) = 1024694
+TIMESTAMP = 1541524865
+SHA256 (nginx-1.15.6.tar.gz) = a3d8c67c2035808c7c0d475fffe263db8c353b11521aa7ade468b780ed826cc6
+SIZE (nginx-1.15.6.tar.gz) = 1025761
 SHA256 (ngx_cache_purge-2.3.tar.gz) = 279e0d8a46d3b1521fd43b3f78bc1c08b263899142a7cc5058c1c0361a92c89c
 SIZE (ngx_cache_purge-2.3.tar.gz) = 12248
 SHA256 (nginx_mogilefs_module-1.0.4.tar.gz) = 7ac230d30907f013dff8d435a118619ea6168aa3714dba62c6962d350c6295ae