[Buildroot] [git commit branch/2019.02.x] package/nginx: security bump to version 1.16.1

Peter Korsgaard peter at korsgaard.com
Mon Sep 2 15:51:43 UTC 2019


commit: https://git.buildroot.net/buildroot/commit/?id=3d868036dd10574dd6e8ffc06742e5e81e7f33c1
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2019.02.x

Fixes the following security issues:

       Security: when using HTTP/2 a client might cause excessive memory
       consumption and CPU usage (CVE-2019-9511, CVE-2019-9513,
       CVE-2019-9516).

For details, see the advisory:
https://mailman.nginx.org/pipermail/nginx-announce/2019/000249.html

Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
(cherry picked from commit 24309ef4ab7f5c9b85233ebd98ccc6657f70f271)
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
 package/nginx/nginx.hash | 2 +-
 package/nginx/nginx.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/nginx/nginx.hash b/package/nginx/nginx.hash
index c322a64db2..4df7906eea 100644
--- a/package/nginx/nginx.hash
+++ b/package/nginx/nginx.hash
@@ -1,4 +1,4 @@
 # Locally calculated after checking pgp signature
-sha256	4fd376bad78797e7f18094a00f0f1088259326436b537eb5af69b01be2ca1345	nginx-1.16.0.tar.gz
+sha256	f11c2a6dd1d3515736f0324857957db2de98be862461b5a542a3ac6188dbe32b	nginx-1.16.1.tar.gz
 # License files, locally calculated
 sha256	28ad30e2f64bd89ac1287b4606906bb99ed04d9f4e13fb6564a0be9c8a23f509	LICENSE
diff --git a/package/nginx/nginx.mk b/package/nginx/nginx.mk
index eed7602570..08adcaec51 100644
--- a/package/nginx/nginx.mk
+++ b/package/nginx/nginx.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-NGINX_VERSION = 1.16.0
+NGINX_VERSION = 1.16.1
 NGINX_SITE = http://nginx.org/download
 NGINX_LICENSE = BSD-2-Clause
 NGINX_LICENSE_FILES = LICENSE


More information about the buildroot mailing list