Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

nginx-1.27.1-2.1 RPM for s390x

From OpenSuSE Ports Tumbleweed for s390x

Name: nginx Distribution: openSUSE:Factory:zSystems
Version: 1.27.1 Vendor: openSUSE
Release: 2.1 Build date: Fri Sep 27 19:32:21 2024
Group: Productivity/Networking/Web/Proxy Build host: reproducible
Size: 2600281 Source RPM: nginx-1.27.1-2.1.src.rpm
Packager: https://bugs.opensuse.org
Url: https://nginx.org
Summary: A HTTP server and IMAP/POP3 proxy server
nginx [engine x] is a HTTP server and IMAP/POP3 proxy server written by Igor Sysoev.
It has been running on many heavily loaded Russian sites for more than two years.

Provides

Requires

License

BSD-2-Clause

Changelog

* Fri Sep 27 2024 Thorsten Kukuk <kukuk@suse.com>
  - Add /srv/www to filelist [bsc#1231027]
* Fri Aug 16 2024 Илья Индиго <ilya@ilya.top>
  - Renamed nginx-1.6.1-default_config.patch to nginx-conf.patch.
  - Renamed nginx-1.2.4-perl_vendor_install.patch to nginx-perl.patch.
  - Used atosetup -p1 macro and replaced editor from perl to sed.
  - Added %check section with gpg signature source verification.
  - Updated to 1.27.1
    * https://nginx.org/en/CHANGES
    * Fixed crash in ngx_http_mp4_module via specially crafted mp4 file (CVE-2024-7347).
    * Now the stream module handler is not mandatory.
    * Fixed new HTTP/2 connections might ignore graceful shutdown of old worker processes.
* Fri May 31 2024 Илья Индиго <ilya@ilya.top>
  - Updated to 1.27.0
    * Changed nginx.keyring to Sergey Kandaurov’s PGP public key.
    * https://nginx.org/en/CHANGES
    * Added variables support in the "proxy_limit_rate", "fastcgi_limit_rate",
      "scgi_limit_rate", and "uwsgi_limit_rate" directives.
    * Fixed reduced memory consumption for long-lived requests if "gzip",
      "gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
    * Fixed building with gcc 14 with --with-atomic option.
* Sat May 11 2024 Илья Индиго <ilya@ilya.top>
  - Updated list of recommended modules (deleted unavailable in TW).
* Wed Apr 17 2024 Илья Индиго <ilya@ilya.top>
  - Updated to 1.25.5
    * Changed nginx.keyring to Roman Arutyunyan’s PGP public key.
    * https://nginx.org/en/CHANGES
    * Added virtual servers in the stream module.
    * Fixed the ngx_stream_pass_module.
    * Fixed the "deferred", "accept_filter", and "setfib" parameters
      of the "listen" directive in the stream module.
    * Added cache line size detection for some architectures.
* Tue Apr 16 2024 Georg Pfuetzenreuter <mail+rpm@georg-pfuetzenreuter.net>
  - Set RuntimeDirectory to offer a location for Unix sockets at /run/nginx
* Sun Mar 03 2024 Adam Mizerski <adam@mizerski.pl>
  - logrotate: don't fail if service not running
* Thu Feb 22 2024 Dominique Leuenberger <dimstar@opensuse.org>
  - Use %patch -P N instead of deprecated %patchN.
* Sun Feb 18 2024 Илья Индиго <ilya@ilya.top>
  - Updated to 1.25.4
    * Changed nginx.keyring to Sergey Kandaurov’s PGP public key.
    * https://nginx.org/en/CHANGES
    * Fixed segmentation fault might occur in a worker process while
      processing a specially crafted QUIC session (CVE-2024-24989, CVE-2024-24990).
    * Fixed connections with pending AIO operations might be closed
      prematurely during graceful shutdown of old worker processes.
    * Fixed socket leak alerts no longer logged when fast shutdown was
      requested after graceful shutdown of old worker processes.
    * Fixed socket descriptor error, a socket leak, or a segmentation fault
      in a worker process might occur if AIO was used in a subrequest.
    * Fixed segmentation fault might occur in a worker process if SSL
      proxying was used along with the "image_filter" directive and errors
      with code 415 were redirected with the "error_page" directive.
* Thu Oct 26 2023 Илья Индиго <ilya@ilya.top>
  - Updated to 1.25.3
    * https://nginx.org/en/CHANGES
    * Changed: improved detection of misbehaving clients when using HTTP/2.
    * Added: startup speedup when using a large number of locations.
    * Fixed: a segmentation fault might occur in a worker process when
      using HTTP/2 without SSL; the bug had appeared in 1.25.1.
    * Fixed: the "Status" backend response header line with an empty
      reason phrase was handled incorrectly.
    * Fixed: memory leak during reconfiguration when using the PCRE2 library.
* Sun Aug 20 2023 Илья Индиго <ilya@ilya.top>
  - Updated to 1.25.2
    * https://nginx.org/en/CHANGES
    * Changed: uses appname "nginx" when loading OpenSSL configuration.
    * Changed: does not try to load OpenSSL configuration if the
    - -with-openssl option was used to built OpenSSL and the OPENSSL_CONF
      environment variable is not set.
* Wed Jun 14 2023 Илья Индиго <ilya@ilya.top>
  - Updated to 1.25.1
    * https://nginx.org/en/CHANGES
    * Added "http2" directive, which enables HTTP/2 on a per-server basis.
    * Deprecated "http2" parameter of the "listen" directive.
    * Removed HTTP/2 server push support.
    * Deprecated "ssl" directive is not supported anymore.
* Tue May 23 2023 Илья Индиго <ilya@ilya.top>
  - Updated to 1.25.0
    * https://nginx.org/en/CHANGES
    * Added experimental HTTP/3 support.
* Wed Mar 29 2023 Илья Индиго <ilya@ilya.top>
  - Updated to 1.23.4
    * https://nginx.org/en/CHANGES
    * Enabled TLSv1.3 protocol by default.
    * Supported byte ranges support in the ngx_http_gzip_static_module.
    * Fixed port ranges in the "listen" directive did not work.
    * Fixed incorrect location might be chosen to process a request if a
      prefix location longer than 255 characters.
    * Fixed a socket leak might occur when using HTTP/2 and the
      "error_page" directive to redirect errors with code 400.
* Sat Dec 17 2022 Michael Ströder <michael@stroeder.com>
  - Updated to 1.23.3
    * Bugfix: an error might occur when reading PROXY protocol version 2
      header with large number of TLVs.
    * Bugfix: a segmentation fault might occur in a worker process if SSI
      was used to process subrequests created by other modules.
    * Workaround: when a hostname used in the "listen" directive resolves
      to multiple addresses, nginx now ignores duplicates within these
      addresses.
    * Bugfix: nginx might hog CPU during unbuffered proxying if SSL
      connections to backends were used.
* Wed Oct 19 2022 Michael Ströder <michael@stroeder.com>
  - Updated to 1.23.2
    * Security: processing of a specially crafted mp4 file by the
      ngx_http_mp4_module might cause a worker process crash, worker
      process memory disclosure, or might have potential other impact
      (CVE-2022-41741, CVE-2022-41742).
    * Feature: the "$proxy_protocol_tlv_..." variables.
    * Feature: TLS session tickets encryption keys are now automatically
      rotated when using shared memory in the "ssl_session_cache"
      directive.
    * Change: the logging level of the "bad record type" SSL errors has
      been lowered from "crit" to "info".
    * Change: now when using shared memory in the "ssl_session_cache"
      directive the "could not allocate new session" errors are logged at
      the "warn" level instead of "alert" and not more often than once per second.
    * Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x.
    * Bugfix: in logging of the PROXY protocol errors.
    * Workaround: shared memory from the "ssl_session_cache" directive was
      spent on sessions using TLS session tickets when using TLSv1.3 with OpenSSL.
    * Workaround: timeout specified with the "ssl_session_timeout"
      directive did not work when using TLSv1.3 with OpenSSL or BoringSSL.
* Tue Jul 19 2022 Michael Ströder <michael@stroeder.com>
  - Updated to 1.23.1
    * Feature: memory usage optimization in configurations with SSL proxying.
    * Feature: looking up of IPv4 addresses while resolving now can be
      disabled with the "ipv4=off" parameter of the "resolver" directive.
    * Change: the logging level of the "bad key share", "bad extension",
      "bad cipher", and "bad ecpoint" SSL errors has been lowered from "crit" to "info".
    * Bugfix: while returning byte ranges nginx did not remove the
      "Content-Range" header line if it was present in the original backend response.
    * Bugfix: a proxied response might be truncated during reconfiguration
      on Linux; the bug had appeared in 1.17.5.
* Tue Jun 21 2022 Илья Индиго <ilya@ilya.top>
  - Changed nginx.keyring to Konstantin Pavlov’s PGP public key.
  - Removed nginx.init.
  - Updated to 1.23.0
    * https://nginx.org/en/CHANGES
    * Now header lines are represented as linked lists.
    * Now nginx combines arbitrary header lines with identical
      names when sending to FastCGI, SCGI, and uwsgi backends, in the
      $r->header_in() method of the ngx_http_perl_module, and during lookup
      of the "$http_...", "$sent_http_...", "$sent_trailer_...",
      "$upstream_http_...", and "$upstream_trailer_..." variables.
    * Fixed: if there were multiple "Vary" header lines in the backend
      response, nginx only used the last of them when caching.
    * Fixed: if there were multiple "WWW-Authenticate" header lines in the
      backend response and errors with code 401 were intercepted or the
      "auth_request" directive was used, nginx only sent the first of the
      header lines to the client.
    * The logging level of the "application data after close
      notify" SSL errors has been lowered from "crit" to "info".
    * Fixed: connections might hang if nginx was built on Linux 2.6.17 or
      newer, but was used on systems without EPOLLRDHUP support, notably
      with epoll emulation layers; the bug had appeared in 1.17.5.
    * Fixed: nginx did not cache the response if the "Expires" response
      header line disabled caching, but following "Cache-Control" header
      line enabled caching.
* Tue Feb 01 2022 Илья Индиго <ilya@ilya.top>
  - Updated to 1.21.6
    * https://nginx.org/en/CHANGES
    * Fixed when using EPOLLEXCLUSIVE on Linux client connections were
      unevenly distributed among worker processes.
    * Fixed nginx returned the "Connection: keep-alive" header line in
      responses during graceful shutdown of old worker processes.
    * Fixed in the "ssl_session_ticket_key" when using TLSv1.3.
* Wed Dec 29 2021 Andreas Stieger <andreas.stieger@gmx.de>
  - Updated to 1.21.5
    * https://nginx.org/en/CHANGES
    * Build with the PCRE2.
    * Supported the $ssl_curve variable.
    * Fixed connections might hang when using HTTP/2 without SSL
      with the "sendfile" and "aio" directives.
* Fri Nov 05 2021 Илья Индиго <ilya@ilya.top>
  - Updated to 1.21.4
    * https://nginx.org/en/CHANGES
    * Support for NPN instead of ALPN to establish HTTP/2
      connections has been removed.
    * Now nginx rejects SSL connections if ALPN is used by the
      client, but no supported protocols can be negotiated.
    * The default value of the "sendfile_max_chunk" directive was
      changed to 2 megabytes.
    * The "proxy_half_close" directive in the stream module.
    * The "ssl_alpn" directive in the stream module.
    * The $ssl_alpn_protocol variable.
    * Support for SSL_sendfile() when using OpenSSL 3.0.
    * The "mp4_start_key_frame" directive in the ngx_http_mp4_module.
    * In the $content_length variable when using chunked transfer encoding.
    * After receiving a response with incorrect length from a proxied
      backend nginx might nevertheless cache the connection.
    * Invalid headers from backends were logged at the "info" level
      instead of "error"; the bug had appeared in 1.21.1.
    * Requests might hang when using HTTP/2 and the "aio_write" directive.
* Fri Nov 05 2021 Ondřej Súkup <mimi.vx@gmail.com>
  - drop vim-plugin-nginx, now is provided directly by vim
* Fri Oct 15 2021 Callum Farmer <gmbr3@opensuse.org>
  - Add CONFIG parameter to %sysusers_generate_pre
* Mon Oct 11 2021 Johannes Segitz <jsegitz@suse.com>
  - Added hardening to systemd service(s) (bsc#1181400). Modified:
    * nginx.service
* Fri Sep 10 2021 Илья Индиго <ilya@ilya.top>
  - Updated to 1.21.3
    * https://nginx.org/en/CHANGES
    * Optimization of client request body reading when using HTTP/2.
    * Fixed request body filters internal API when using HTTP/2 and
      buffering of the data being processed.
* Wed Sep 01 2021 Илья Индиго <ilya@ilya.top>
  - Updated to 1.21.2
    * https://nginx.org/en/CHANGES
    * Now nginx rejects HTTP/1.0 requests with the "Transfer-Encoding" header line.
    * Export ciphers are no longer supported.
    * Added OpenSSL 3.0 compatibility.
    * Added the "Auth-SSL-Protocol" and "Auth-SSL-Cipher" header lines
      are now passed to the mail proxy authentication server.
    * Added request body filters API now permits buffering of the data being processed.
    * Fixed backend SSL connections in the stream module might hang after an SSL handshake.
    * Fixed the security level, which is available in OpenSSL 1.1.0 or newer,
      did not affect loading of the server certificates when set
      with "@SECLEVEL=N" in the "ssl_ciphers" directive.
    * Fixed SSL connections with gRPC backends might hang if select, poll,
      or /dev/poll methods were used.
    * Fixed when using HTTP/2 client request body was always written to
      disk if the "Content-Length" header line was not present in the request.
* Wed Jul 07 2021 Илья Индиго <ilya@ilya.top>
  - Updated to 1.21.1
    * https://nginx.org/en/CHANGES
    * Now nginx always returns an error for the CONNECT method.
    * Now nginx always returns an error if both "Content-Length"
      and "Transfer-Encoding" header lines are present in the request.
    * Now nginx always returns an error if spaces or control
      characters are used in the request line.
    * Now nginx always returns an error if spaces or control
      characters are used in a header name.
    * Now nginx always returns an error if spaces or control
      characters are used in the "Host" request header line.
    * Optimization of configuration testing when using many
      listening sockets.
    * Fixed: nginx did not escape """, "<", ">", "\", "^", "`", "{", "|",
      and "}" characters when proxying with changed URI.
    * Fixed: SSL variables might be empty when used in logs; the bug had
      appeared in 1.19.5.
    * Fixed: keepalive connections with gRPC backends might not be closed
      after receiving a GOAWAY frame.
    * Fixed: reduced memory consumption for long-lived requests when
      proxying with more than 64 buffers.
* Wed Jun 16 2021 Felix Schnizlein <fschnizlein@suse.com>
  - Fix race condition between nginx and logrotate causing mass reopening of
    files (bsc#1183876).
* Thu May 27 2021 Dirk Müller <dmueller@suse.com>
  - Updated to 1.21.0
    * https://nginx.org/en/CHANGES
    * Added variables support in the "proxy_ssl_certificate",
      "proxy_ssl_certificate_key" "grpc_ssl_certificate",
      "grpc_ssl_certificate_key", "uwsgi_ssl_certificate", and
      "uwsgi_ssl_certificate_key" directives.
    * Added the "max_errors" directive in the mail proxy module.
    * Added the mail proxy module supports POP3 and IMAP pipelining.
    * Added the "fastopen" parameter of the "listen" directive in the
      stream module.
    * Fixed special characters were not escaped during automatic redirect
      with appended trailing slash.
    * Fixed connections with clients in the mail proxy module might be
      closed unexpectedly when using SMTP pipelining.
* Wed May 26 2021 Илья Индиго <ilya@ilya.top>
  - Update to 1.20.1
    * https://nginx.org/en/CHANGES
    * 1-byte memory overwrite might occur during DNS server response processing
      if the "resolver" directive was used, allowing an attacker who is able to
      forge UDP packets from the DNS server to cause worker process crash or,
      potentially, arbitrary code execution (CVE-2021-23017, boo#1186126).
* Wed Apr 21 2021 Andreas Stieger <andreas.stieger@gmx.de>
  - only recommend installation of vim-plugin-nginx if any vim is
    also installed or selected (boo#1183710)
* Tue Apr 20 2021 Илья Индиго <ilya@ilya.top>
  - Update to 1.20.0
    * 1.20.x stable branch.
* Wed Apr 14 2021 Илья Индиго <ilya@ilya.top>
  - Update to 1.19.10
    * https://nginx.org/en/CHANGES
    * Changed default value for "keepalive_requests" to 1000.
    * Added "keepalive_time" directive and $connection_time variable.
    * Fixed "gzip filter failed to use preallocated memory" alerts
      appeared in logs when using zlib-ng.
* Sat Apr 03 2021 Илья Индиго <ilya@ilya.top>
  - Update to 1.19.9
    * https://nginx.org/en/CHANGES
    * Fixed nginx could not be built with the mail proxy module, but
      without the ngx_mail_ssl_module; the bug had appeared in 1.19.8.
    * Fixed "upstream sent response body larger than indicated content
      length" errors might occur when working with gRPC backends;
      the bug had appeared in 1.19.1.
    * Fixed nginx might not close a connection till keepalive timeout
      expiration if the connection was closed by the client while
      discarding the request body.
    * Fixed nginx might not detect that a connection was already closed
      by the client when waiting for auth_delay or limit_req delay,
      or when working with backends.
    * Fixed in the eventport method.
* Fri Mar 12 2021 Dirk Müller <dmueller@suse.com>
  - update to 1.19.8:
    * Feature: flags in the "proxy_cookie_flags" directive can now contain
      variables.
    * Feature: the "proxy_protocol" parameter of the "listen" directive,
      the "proxy_protocol" and "set_real_ip_from" directives in mail proxy.
    * Bugfix: HTTP/2 connections were immediately closed when using
      "keepalive_timeout 0"; the bug had appeared in 1.19.7.
    * Bugfix: some errors were logged as unknown if nginx was built with
      glibc 2.32.
    * Bugfix: in the eventport method.
* Sat Feb 27 2021 Илья Индиго <ilya@ilya.top>
  - Refreshed spec-file via spec-cleaner and manual optimizations.
    * Droped obsolete conditional constructs.
    * Removed pkg_name macro.
* Wed Feb 17 2021 Marcus Rueckert <mrueckert@suse.de>
  - Drop nginx_upstream_check module, there is no support for dynamic
    loading upstream and the module seems kind of unmaintained.
  - Removed patch check_1.9.2+.patch.
* Tue Feb 16 2021 Marcus Rueckert <mrueckert@suse.de>
  - Update to 1.19.7
    * https://nginx.org/en/CHANGES
    * Change: connections handling in HTTP/2 has been changed to
      better match HTTP/1.x; the "http2_recv_timeout",
      "http2_idle_timeout", and "http2_max_requests" directives have
      been removed, the "keepalive_timeout" and "keepalive_requests"
      directives should be used instead.
    * Change: the "http2_max_field_size" and "http2_max_header_size"
      directives have been removed, the "large_client_header_buffers"
      directive should be used instead.
    * Feature: now, if free worker connections are exhausted, nginx
      starts closing not only keepalive connections, but also
      connections in lingering close.
    * Bugfix: "zero size buf in output" alerts might appear in logs
      if an upstream server returned an incorrect response during
      unbuffered proxying; the bug had appeared in 1.19.1.
    * Bugfix: HEAD requests were handled incorrectly if the "return"
      directive was used with the "image_filter" or "xslt_stylesheet"
      directives.
    * Bugfix: in the "add_trailer" directive.
  - Since we only target sle 12 and above we can skip all
    conditionals which apply to suse_version before 1315
    With changes in nginx itself we will drop support for sysvinit.
    http2, libatomic support and pcre_jit will always be on now.
    and we build all binaries with PIE now.
  - Moved the last 2 path macros from nginx.spec to the macros file.
    (pid and lock path)

Files

/etc/logrotate.d/nginx
/etc/nginx
/etc/nginx/conf.d
/etc/nginx/fastcgi.conf
/etc/nginx/fastcgi.conf.default
/etc/nginx/fastcgi_params
/etc/nginx/fastcgi_params.default
/etc/nginx/koi-utf
/etc/nginx/koi-win
/etc/nginx/mime.types
/etc/nginx/mime.types.default
/etc/nginx/nginx.conf
/etc/nginx/nginx.conf.default
/etc/nginx/scgi_params
/etc/nginx/scgi_params.default
/etc/nginx/uwsgi_params
/etc/nginx/uwsgi_params.default
/etc/nginx/vhosts.d
/etc/nginx/win-utf
/srv/www
/srv/www/htdocs
/srv/www/htdocs/50x.html
/usr/lib/perl5/vendor_perl/5.40.0/s390x-linux-thread-multi/auto/nginx
/usr/lib/perl5/vendor_perl/5.40.0/s390x-linux-thread-multi/auto/nginx/nginx.so
/usr/lib/perl5/vendor_perl/5.40.0/s390x-linux-thread-multi/nginx.pm
/usr/lib/systemd/system/nginx.service
/usr/lib/sysusers.d/nginx.conf
/usr/lib64/nginx
/usr/lib64/nginx/modules
/usr/lib64/nginx/modules/ngx_http_image_filter_module.so
/usr/lib64/nginx/modules/ngx_http_perl_module.so
/usr/lib64/nginx/modules/ngx_http_xslt_filter_module.so
/usr/lib64/nginx/modules/ngx_mail_module.so
/usr/lib64/nginx/modules/ngx_stream_module.so
/usr/sbin/nginx
/usr/share/doc/packages/nginx
/usr/share/doc/packages/nginx/CHANGES
/usr/share/doc/packages/nginx/CHANGES.ru
/usr/share/doc/packages/nginx/LICENSE
/usr/share/man/man3/nginx.3pm.gz
/usr/share/nginx
/usr/share/nginx/geo2nginx.pl
/usr/share/nginx/unicode2nginx
/usr/share/nginx/unicode2nginx/koi-utf
/usr/share/nginx/unicode2nginx/unicode-to-nginx.pl
/usr/share/nginx/unicode2nginx/win-utf
/var/lib/nginx
/var/lib/nginx/fastcgi
/var/lib/nginx/proxy
/var/lib/nginx/scgi
/var/lib/nginx/tmp
/var/lib/nginx/uwsgi
/var/log/nginx


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Oct 4 02:20:15 2024