Fix CVE-2016-4450
This commit is contained in:
parent
2f9b55b87b
commit
193efa4e1d
15
nginx-1.8.1-null-pointer-deref.patch
Normal file
15
nginx-1.8.1-null-pointer-deref.patch
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
--- src/os/unix/ngx_files.c
|
||||||
|
+++ src/os/unix/ngx_files.c
|
||||||
|
@@ -183,6 +183,12 @@ ngx_write_chain_to_file(ngx_file_t *file
|
||||||
|
/* create the iovec and coalesce the neighbouring bufs */
|
||||||
|
|
||||||
|
while (cl && vec.nelts < IOV_MAX) {
|
||||||
|
+
|
||||||
|
+ if (ngx_buf_special(cl->buf)) {
|
||||||
|
+ cl = cl->next;
|
||||||
|
+ continue;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (prev == cl->buf->pos) {
|
||||||
|
iov->iov_len += cl->buf->last - cl->buf->pos;
|
||||||
|
|
@ -46,6 +46,8 @@ Source104: 50x.html
|
|||||||
# removes -Werror in upstream build scripts. -Werror conflicts with
|
# removes -Werror in upstream build scripts. -Werror conflicts with
|
||||||
# -D_FORTIFY_SOURCE=2 causing warnings to turn into errors.
|
# -D_FORTIFY_SOURCE=2 causing warnings to turn into errors.
|
||||||
Patch0: nginx-auto-cc-gcc.patch
|
Patch0: nginx-auto-cc-gcc.patch
|
||||||
|
# CVE-2016-4450
|
||||||
|
Patch1: nginx-1.8.1-null-pointer-deref.patch
|
||||||
|
|
||||||
# Patches taken from 1.8.1 release. Only the second patch in this series
|
# Patches taken from 1.8.1 release. Only the second patch in this series
|
||||||
# failed to apply and had to be modified.
|
# failed to apply and had to be modified.
|
||||||
@ -103,6 +105,7 @@ directories.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
%patch0 -p0
|
%patch0 -p0
|
||||||
|
%patch1 -p0
|
||||||
%patch10 -p1
|
%patch10 -p1
|
||||||
%patch11 -p1
|
%patch11 -p1
|
||||||
%patch12 -p1
|
%patch12 -p1
|
||||||
@ -272,6 +275,9 @@ fi
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Tue May 31 2016 Jamie Nguyen <jamielinux@fedoraproject.org> - 1:1.6.3-9
|
||||||
|
- fix CVE-2016-4450
|
||||||
|
|
||||||
* Tue Jan 26 2016 Jamie Nguyen <jamielinux@fedoraproject.org> - 1:1.6.3-8
|
* Tue Jan 26 2016 Jamie Nguyen <jamielinux@fedoraproject.org> - 1:1.6.3-8
|
||||||
- CVE-2016-0747: Insufficient limits of CNAME resolution in resolver
|
- CVE-2016-0747: Insufficient limits of CNAME resolution in resolver
|
||||||
- CVE-2016-0746: Use-after-free during CNAME response processing in resolver
|
- CVE-2016-0746: Use-after-free during CNAME response processing in resolver
|
||||||
|
Loading…
Reference in New Issue
Block a user