CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

nginx: upgrade 1.20.1 -> 1.23.3

Browse Source 
CVE-2021-3618.patch
removed since it's included in 1.23.3

Changelog:
==========
*) Bugfix: an error might occur when reading PROXY protocol version 2
   header with large number of TLVs.

*) Bugfix: a segmentation fault might occur in a worker process if SSI
   was used to process subrequests created by other modules.
   Thanks to Ciel Zhao.

*) Workaround: when a hostname used in the "listen" directive resolves
   to multiple addresses, nginx now ignores duplicates within these
   addresses.

*) Bugfix: nginx might hog CPU during unbuffered proxying if SSL
   connections to backends were used.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Wang Mingyu 2023-03-10 14:15:37 +08:00 committed by Khem Raj
parent 85587d42a2
commit 1e48109bc5
3 changed files with 6 additions and 116 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

107
meta-webserver/recipes-httpd/nginx/files/CVE-2021-3618.patch
View File

@ -1,107 +0,0 @@
From 6dafcdebde58577f4fcb190be46a0eb910cf1b96 Mon Sep 17 00:00:00 2001
From: Maxim Dounin <mdounin@mdounin.ru>
Date: Wed, 19 May 2021 03:13:31 +0300
Subject: [PATCH 1/1] Mail: max_errors directive.
Similarly to smtpd_hard_error_limit in Postfix and smtp_max_unknown_commands
in Exim, specifies the number of errors after which the connection is closed.
--- end of original header ---
CVE: CVE-2021-3618
Upstream-Status: Backport
https://github.com/nginx/nginx.git
commit 173f16f736c10eae46cd15dd861b04b82d91a37a
Signed-off-by: Joe Slater <joe.slater@windriver.com>
---
src/mail/ngx_mail.h | 3 +++
src/mail/ngx_mail_core_module.c | 10 ++++++++++
src/mail/ngx_mail_handler.c | 15 ++++++++++++++-
3 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/src/mail/ngx_mail.h b/src/mail/ngx_mail.h
index b865a3b9..76cae37a 100644
--- a/src/mail/ngx_mail.h
+++ b/src/mail/ngx_mail.h
@@ -115,6 +115,8 @@ typedef struct {
ngx_msec_t timeout;
ngx_msec_t resolver_timeout;
+ ngx_uint_t max_errors;
+
ngx_str_t server_name;
u_char *file_name;
@@ -231,6 +233,7 @@ typedef struct {
ngx_uint_t command;
ngx_array_t args;
+ ngx_uint_t errors;
ngx_uint_t login_attempt;
/* used to parse POP3/IMAP/SMTP command */
diff --git a/src/mail/ngx_mail_core_module.c b/src/mail/ngx_mail_core_module.c
index 40831242..115671ca 100644
--- a/src/mail/ngx_mail_core_module.c
+++ b/src/mail/ngx_mail_core_module.c
@@ -85,6 +85,13 @@ static ngx_command_t ngx_mail_core_commands[] = {
offsetof(ngx_mail_core_srv_conf_t, resolver_timeout),
NULL },
+ { ngx_string("max_errors"),
+ NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_num_slot,
+ NGX_MAIL_SRV_CONF_OFFSET,
+ offsetof(ngx_mail_core_srv_conf_t, max_errors),
+ NULL },
+
ngx_null_command
};
@@ -163,6 +170,8 @@ ngx_mail_core_create_srv_conf(ngx_conf_t *cf)
cscf->timeout = NGX_CONF_UNSET_MSEC;
cscf->resolver_timeout = NGX_CONF_UNSET_MSEC;
+ cscf->max_errors = NGX_CONF_UNSET_UINT;
+
cscf->resolver = NGX_CONF_UNSET_PTR;
cscf->file_name = cf->conf_file->file.name.data;
@@ -182,6 +191,7 @@ ngx_mail_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_conf_merge_msec_value(conf->resolver_timeout, prev->resolver_timeout,
30000);
+ ngx_conf_merge_uint_value(conf->max_errors, prev->max_errors, 5);
ngx_conf_merge_str_value(conf->server_name, prev->server_name, "");
diff --git a/src/mail/ngx_mail_handler.c b/src/mail/ngx_mail_handler.c
index 0aaa0e78..71b81512 100644
--- a/src/mail/ngx_mail_handler.c
+++ b/src/mail/ngx_mail_handler.c
@@ -871,7 +871,20 @@ ngx_mail_read_command(ngx_mail_session_t *s, ngx_connection_t *c)
return NGX_MAIL_PARSE_INVALID_COMMAND;
}
- if (rc == NGX_IMAP_NEXT || rc == NGX_MAIL_PARSE_INVALID_COMMAND) {
+ if (rc == NGX_MAIL_PARSE_INVALID_COMMAND) {
+
+ s->errors++;
+
+ if (s->errors >= cscf->max_errors) {
+ ngx_log_error(NGX_LOG_INFO, c->log, 0,
+ "client sent too many invalid commands");
+ s->quit = 1;
+ }
+
+ return rc;
+ }
+
+ if (rc == NGX_IMAP_NEXT) {
return rc;
}
--
2.25.1

9
meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb
View File

@ -1,9 +0,0 @@
require nginx.inc
SRC_URI += "file://CVE-2021-3618.patch"
LIC_FILES_CHKSUM = "file://LICENSE;md5=206629dc7c7b3e87acb31162363ae505"
SRC_URI[md5sum] = "8ca6edd5076bdfad30a69c9c9b41cc68"
SRC_URI[sha256sum] = "e462e11533d5c30baa05df7652160ff5979591d291736cfa5edb9fd2edb48c49"

6
meta-webserver/recipes-httpd/nginx/nginx_1.23.3.bb Normal file
View File

@ -0,0 +1,6 @@
require nginx.inc
LIC_FILES_CHKSUM = "file://LICENSE;md5=175abb631c799f54573dc481454c8632"
SRC_URI[sha256sum] = "75cb5787dbb9fae18b14810f91cc4343f64ce4c24e27302136fb52498042ba54"