Nginx 1.0.15 packages are now available for Debian 6.0 “Squeeze” on both amd64 and i386 architectures. They fix a buffer overflow in the ngx_http_mp4_module : Security: specially crafted mp4 file might allow to overwrite memory locations in a worker process if the ngx_http_mp4_module was used, potentially resulting in arbitrary code execution (CVE-2012-2089). Thanks to Matthew Daley…. Read more »
Posts Categorized: Nginx
Nginx with 2 new flavors : Naxsi & Passenger
Dotdeb’s packages of Nginx 1.0.14 for Debian 6.0 “Squeeze” (amd64/i386) have been synchronized with Debian’s ones to benefit from the great work of Cyril Lavier. As a consequence, two new flavors of Nginx are now available, in addition to the regular nginx-light, nginx-full and nginx-extras packages : nginx-naxsi inherits from nginx-light with a great new… Read more »
Security : Nginx 1.0.14
Nginx 1.0.14 packages are now available for Debian 6.0 “Squeeze” on both amd64 and i386 architectures. They fix a potential memory disclosure : Security: content of previously freed memory might be sent to a client if backend returned specially crafted response. Thanks to Matthew Daley. Upgrading is strongly recommended.
Nginx 1.0.13
Nginx 1.0.13 packages are now available for Debian 6.0 “Squeeze” on both amd64 and i386 architectures. Here are the changes on the Dotdeb side : nginx-upload-module has been added to nginx-extras nginx-auth-pam has been added to nginx-extras and nginx-full. Closes #5. http_secure_link_module has been added to nginx-full. Closes #3. file-aio is now supported by all nginx… Read more »
Nginx 1.0.12
Nginx 1.0.12 packages are now available for Debian 6.0 “Squeeze” on both amd64 and i386 architectures. Here are the changes on the Dotdeb side : Add the Cache purge module in nginx-full and nginx-extras Use “default_server” instead of “default” in sites-available/default Please take a look at Nginx’ Changelog before upgrading.
Nginx 1.0.11 : Passenger 3.0.11 and Push stream support
Nginx 1.0.11 packages are now available : for both Debian 6.0 “Squeeze” and 5.0 “Lenny” for both amd64 and i386 architectures Here are the changes on the Dotdeb side : nginx-extras now includes the Push stream module, instead of the bogus HTTP Push. Please review your configuration. nginx-extras now uses Passenger 3.0.11 Please take a look at… Read more »
Nginx 1.0.10
Nginx 1.0.10 has been released a few hours ago and is now available on Dotdeb for : both Debian 6.0 “Squeeze” and Debian 5.0 “Lenny” both amd64 and i386 architectures Here are the changes since the 1.0.9 release : *) Bugfix: a segmentation fault might occur in a worker process if resolver got a big… Read more »
Nginx 1.0.9
Nginx 1.0.9 has just been released, bringing 12 bug fixes. The packages are now available on Dotdeb : for both Debian 6.0 “Squeeze” and 5.0 “Lenny”, for both amd64 and i386 architectures. Take a look at the full list of changes before upgrading.
Packages of Nginx 1.0.8 are available
A new stable version of Nginx, numbered 1.0.8, has been released two weeks ago. It brings bug fixes and a new mp4 module. Take a look at the full list of changes before upgrading. Here are the changes on the Dotdeb side : the Http Headers More module has been included in nginx-extras, the Http… Read more »
Nginx 1.0.6 updated : Passenger 3.0.9 and syslog support
Nginx 1.0.6 has been updated : the nginx-full and nginx-extras packages now support syslog nginx-extras now uses Passenger 3.0.9 Here are the changes in Passenger 3.0.9 : [Nginx] Fixed a NULL pointer crash that occurs on HTTP/1.0 requests when the Host header isn’t given. Fixed deprecation warnings on RubyGems >= 1.6. Improved Union Station support… Read more »