Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: <updates <at> fedoraproject.org>
Subject: [SECURITY] Fedora 17 Update: nginx-1.0.15-9.fc17
Newsgroups: gmane.linux.redhat.fedora.package.announce
Date: Monday 4th March 2013 22:43:19 UTC (over 3 years ago)
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2013-2955
2013-02-24 07:40:25
--------------------------------------------------------------------------------

Name        : nginx
Product     : Fedora 17
Version     : 1.0.15
Release     : 9.fc17
URL         : http://nginx.org/
Summary     : A high performance web server and reverse proxy server
Description :
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and
IMAP protocols, with a strong focus on high concurrency, performance and
low
memory usage.

--------------------------------------------------------------------------------
Update Information:

Make sure nginx directories are not world readable
--------------------------------------------------------------------------------
ChangeLog:

* Fri Feb 22 2013 Jamie Nguyen <[email protected]> - 1:1.0.15-9
- make sure nginx directories are not world readable (#913734, #913735)
* Wed Dec 19 2012 Jamie Nguyen <[email protected]> - 1:1.0.15-8
- use correct file ownership when rotating log files
* Tue Dec 18 2012 Jamie Nguyen <[email protected]> - 1:1.0.15-7
- send correct kill signal and use correct file permissions when rotating
  log files (#888225)
- send correct kill signal in nginx-upgrade
* Sun Oct 28 2012 Jamie Nguyen <[email protected]> - 1:1.0.15-6
- incorrect bug number in changelog
* Sun Oct 28 2012 Jamie Nguyen <[email protected]> - 1:1.0.15-5
- add nginx man page (#870738)
- add nginx-upgrade man page and remove README.fedora
- link to official documentation instead of the community wiki (#870733)
- do not run systemctl try-restart after package upgrade to allow the
  administrator to run nginx-upgrade and avoid downtime
- default.conf: add "default_server" to the "listen" directive (#842738)
* Wed May 16 2012 Jamie Nguyen <[email protected]> - 1:1.0.15-4
- add nginx-upgrade to replace functionality from the nginx initscript
  that was lost after migration to systemd
- add README.fedora to describe usage of nginx-upgrade
- nginx.logrotate: use built-in systemd kill command in postrotate script
- nginx.service: start after syslog.target and network.target
- nginx.service: remove unnecessary references to config file location
- nginx.service: use /bin/kill instead of "/usr/sbin/nginx -s" following
  advice from nginx-devel
- nginx.service: use private /tmp
* Mon May 14 2012 Jamie Nguyen <[email protected]> - 1:1.0.15-3
- fix incorrect postrotate script in nginx.logrotate
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #913734 - CVE-2013-0337 nginx: world-readable log files
        https://bugzilla.redhat.com/show_bug.cgi?id=913734
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update nginx' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on
the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/package-announce
 
CD: 3ms