Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

nginx-1.21.3-1.3 RPM for armv7hl

From OpenSuSE Ports Tumbleweed for armv7hl

Name: nginx Distribution: openSUSE Tumbleweed
Version: 1.21.3 Vendor: openSUSE
Release: 1.3 Build date: Sun Sep 26 20:27:39 2021
Group: Productivity/Networking/Web/Proxy Build host: obs-arm-11
Size: 2197592 Source RPM: nginx-1.21.3-1.3.src.rpm
Packager: http://bugs.opensuse.org
Url: https://nginx.org
Summary: A HTTP server and IMAP/POP3 proxy server
nginx [engine x] is a HTTP server and IMAP/POP3 proxy server written by Igor Sysoev.
It has been running on many heavily loaded Russian sites for more than two years.

Provides

Requires

License

BSD-2-Clause

Changelog

* Fri Sep 10 2021 Илья Индиго <ilya@ilya.pp.ua>
  - Updated to 1.21.3
    * https://nginx.org/en/CHANGES
    * Optimization of client request body reading when using HTTP/2.
    * Fixed request body filters internal API when using HTTP/2 and
      buffering of the data being processed.
* Wed Sep 01 2021 Илья Индиго <ilya@ilya.pp.ua>
  - Updated to 1.21.2
    * https://nginx.org/en/CHANGES
    * Now nginx rejects HTTP/1.0 requests with the "Transfer-Encoding" header line.
    * Export ciphers are no longer supported.
    * Added OpenSSL 3.0 compatibility.
    * Added the "Auth-SSL-Protocol" and "Auth-SSL-Cipher" header lines
      are now passed to the mail proxy authentication server.
    * Added request body filters API now permits buffering of the data being processed.
    * Fixed backend SSL connections in the stream module might hang after an SSL handshake.
    * Fixed the security level, which is available in OpenSSL 1.1.0 or newer,
      did not affect loading of the server certificates when set
      with "@SECLEVEL=N" in the "ssl_ciphers" directive.
    * Fixed SSL connections with gRPC backends might hang if select, poll,
      or /dev/poll methods were used.
    * Fixed when using HTTP/2 client request body was always written to
      disk if the "Content-Length" header line was not present in the request.
* Wed Jul 07 2021 Илья Индиго <ilya@ilya.pp.ua>
  - Updated to 1.21.1
    * https://nginx.org/en/CHANGES
    * Now nginx always returns an error for the CONNECT method.
    * Now nginx always returns an error if both "Content-Length"
      and "Transfer-Encoding" header lines are present in the request.
    * Now nginx always returns an error if spaces or control
      characters are used in the request line.
    * Now nginx always returns an error if spaces or control
      characters are used in a header name.
    * Now nginx always returns an error if spaces or control
      characters are used in the "Host" request header line.
    * Optimization of configuration testing when using many
      listening sockets.
    * Fixed: nginx did not escape """, "<", ">", "\", "^", "`", "{", "|",
      and "}" characters when proxying with changed URI.
    * Fixed: SSL variables might be empty when used in logs; the bug had
      appeared in 1.19.5.
    * Fixed: keepalive connections with gRPC backends might not be closed
      after receiving a GOAWAY frame.
    * Fixed: reduced memory consumption for long-lived requests when
      proxying with more than 64 buffers.
* Wed Jun 16 2021 Felix Schnizlein <fschnizlein@suse.com>
  - Fix race condition between nginx and logrotate causing mass reopening of
    files (bsc#1183876).
* Thu May 27 2021 Dirk Müller <dmueller@suse.com>
  - Updated to 1.21.0
    * https://nginx.org/en/CHANGES
    * Added variables support in the "proxy_ssl_certificate",
      "proxy_ssl_certificate_key" "grpc_ssl_certificate",
      "grpc_ssl_certificate_key", "uwsgi_ssl_certificate", and
      "uwsgi_ssl_certificate_key" directives.
    * Added the "max_errors" directive in the mail proxy module.
    * Added the mail proxy module supports POP3 and IMAP pipelining.
    * Added the "fastopen" parameter of the "listen" directive in the
      stream module.
    * Fixed special characters were not escaped during automatic redirect
      with appended trailing slash.
    * Fixed connections with clients in the mail proxy module might be
      closed unexpectedly when using SMTP pipelining.
* Wed May 26 2021 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.20.1
    * https://nginx.org/en/CHANGES
    * 1-byte memory overwrite might occur during DNS server response processing
      if the "resolver" directive was used, allowing an attacker who is able to
      forge UDP packets from the DNS server to cause worker process crash or,
      potentially, arbitrary code execution (CVE-2021-23017, boo#1186126).
* Wed Apr 21 2021 Andreas Stieger <andreas.stieger@gmx.de>
  - only recommend installation of vim-plugin-nginx if any vim is
    also installed or selected (boo#1183710)
* Tue Apr 20 2021 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.20.0
    * 1.20.x stable branch.
* Wed Apr 14 2021 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.19.10
    * https://nginx.org/en/CHANGES
    * Changed default value for "keepalive_requests" to 1000.
    * Added "keepalive_time" directive and $connection_time variable.
    * Fixed "gzip filter failed to use preallocated memory" alerts
      appeared in logs when using zlib-ng.
* Sat Apr 03 2021 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.19.9
    * https://nginx.org/en/CHANGES
    * Fixed nginx could not be built with the mail proxy module, but
      without the ngx_mail_ssl_module; the bug had appeared in 1.19.8.
    * Fixed "upstream sent response body larger than indicated content
      length" errors might occur when working with gRPC backends;
      the bug had appeared in 1.19.1.
    * Fixed nginx might not close a connection till keepalive timeout
      expiration if the connection was closed by the client while
      discarding the request body.
    * Fixed nginx might not detect that a connection was already closed
      by the client when waiting for auth_delay or limit_req delay,
      or when working with backends.
    * Fixed in the eventport method.
* Fri Mar 12 2021 Dirk Müller <dmueller@suse.com>
  - update to 1.19.8:
    * Feature: flags in the "proxy_cookie_flags" directive can now contain
      variables.
    * Feature: the "proxy_protocol" parameter of the "listen" directive,
      the "proxy_protocol" and "set_real_ip_from" directives in mail proxy.
    * Bugfix: HTTP/2 connections were immediately closed when using
      "keepalive_timeout 0"; the bug had appeared in 1.19.7.
    * Bugfix: some errors were logged as unknown if nginx was built with
      glibc 2.32.
    * Bugfix: in the eventport method.
* Sat Feb 27 2021 Илья Индиго <ilya@ilya.pp.ua>
  - Refreshed spec-file via spec-cleaner and manual optimizations.
    * Droped obsolete conditional constructs.
    * Removed pkg_name macro.
* Wed Feb 17 2021 Marcus Rueckert <mrueckert@suse.de>
  - Drop nginx_upstream_check module, there is no support for dynamic
    loading upstream and the module seems kind of unmaintained.
  - Removed patch check_1.9.2+.patch.
* Tue Feb 16 2021 Marcus Rueckert <mrueckert@suse.de>
  - Update to 1.19.7
    * https://nginx.org/en/CHANGES
    * Change: connections handling in HTTP/2 has been changed to
      better match HTTP/1.x; the "http2_recv_timeout",
      "http2_idle_timeout", and "http2_max_requests" directives have
      been removed, the "keepalive_timeout" and "keepalive_requests"
      directives should be used instead.
    * Change: the "http2_max_field_size" and "http2_max_header_size"
      directives have been removed, the "large_client_header_buffers"
      directive should be used instead.
    * Feature: now, if free worker connections are exhausted, nginx
      starts closing not only keepalive connections, but also
      connections in lingering close.
    * Bugfix: "zero size buf in output" alerts might appear in logs
      if an upstream server returned an incorrect response during
      unbuffered proxying; the bug had appeared in 1.19.1.
    * Bugfix: HEAD requests were handled incorrectly if the "return"
      directive was used with the "image_filter" or "xslt_stylesheet"
      directives.
    * Bugfix: in the "add_trailer" directive.
  - Since we only target sle 12 and above we can skip all
    conditionals which apply to suse_version before 1315
    With changes in nginx itself we will drop support for sysvinit.
    http2, libatomic support and pcre_jit will always be on now.
    and we build all binaries with PIE now.
  - Moved the last 2 path macros from nginx.spec to the macros file.
    (pid and lock path)
* Wed Dec 23 2020 Paolo Stivanin <info@paolostivanin.com>
  - Update to 1.19.6
    * https://nginx.org/en/CHANGES
    * Fix "no live upstreams" errors if a "server" inside "upstream"
      block was marked as "down".
    * Fix a segmentation fault might occur in a worker process if HTTPS
      was used; the bug had appeared in 1.19.5.
    * Fix nginx returned the 400 response on requests like
      "GET http://example.com?args HTTP/1.0".
    * Fix in the ngx_http_flv_module and ngx_http_mp4_module.
* Tue Nov 24 2020 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.19.5
    * https://nginx.org/en/CHANGES
    * Add the -e switch.
    * The same source files can now be specified in different modules
      while building addon modules.
    * Fix SSL shutdown did not work when lingering close was used.
    * Fix "upstream sent frame for closed stream" errors might occur
      when working with gRPC backends.
    * Fix in request body filters internal API.
* Mon Nov 09 2020 Илья Индиго <ilya@ilya.pp.ua>
  - Refresh spec-file via spec-cleaner and manual optimizations.
* Tue Oct 27 2020 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.19.4
    * https://nginx.org/en/CHANGES
    * Add the "ssl_conf_command", "proxy_ssl_conf_command",
      "grpc_ssl_conf_command", and "uwsgi_ssl_conf_command" directives.
    * Add the "ssl_reject_handshake" directive.
    * Add the "proxy_smtp_auth" directive in mail proxy.
* Fri Oct 02 2020 Marcus Rueckert <mrueckert@suse.de>
  - Use the ngx_* macros from the nginx-macros package to simplify
    the spec file.
* Fri Oct 02 2020 Marcus Rueckert <mrueckert@suse.de>
  - Moved all the modules that support dynamic modules into their own
    modules:
    * nginx-module-geoip2
    * nginx-module-fancyindex
    * nginx-module-headers-more
  - The rtmp module is replaced with nginx-module-http-flv
* Wed Sep 30 2020 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.19.3
    * https://nginx.org/en/CHANGES
    * Add the ngx_stream_set_module.
    * Add the "proxy_cookie_flags" directive.
    * Add the "userid_flags" directive.
    * Fix the "stale-if-error" cache control extension was erroneously
      applied if backend returned a response with status code 500, 502,
      503, 504, 403, 404, or 429.
    * Fix "[crit] cache file ... has too long header" messages might
      appear in logs if caching was used and the backend returned responses
      with the "Vary" header line.
    * Fix "[crit] SSL_write() failed" messages might appear in logs
      when using OpenSSL 1.1.1.
    * Fix "SSL_shutdown() failed (SSL: ... bad write retry)" messages
      might appear in logs; the bug had appeared in 1.19.2.
    * Fix a segmentation fault might occur in a worker process when
      using HTTP/2 if errors with code 400 were redirected to a proxied
      location using the "error_page" directive.
    * Fix socket leak when using HTTP/2 and subrequests in the njs module.
* Wed Aug 12 2020 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.19.2
    * https://nginx.org/en/CHANGES
    * Now nginx starts closing keepalive connections before all free
      worker connections are exhausted, and logs a warning about this
      to the error log.
    * Optimization of client request body reading when using chunked
      transfer encoding.
    * Memory leak if the "ssl_ocsp" directive was used.
    * "zero size buf in output" alerts might appear in logs if a
      FastCGI server returned an incorrect response; the bug had
      appeared in 1.19.1.
    * A segmentation fault might occur in a worker process if
      different large_client_header_buffers sizes were used in
      different virtual servers.
    * SSL shutdown might not work.
    * "SSL_shutdown() failed (SSL: ... bad write retry)" messages
      might appear in logs.
    * In the ngx_http_slice_module.
    * In the ngx_http_xslt_filter_module.
* Tue Aug 04 2020 Dirk Mueller <dmueller@suse.com>
  - update nginx-1.6.1-default_config.patch:
    * remove geoip_module which is no longer compiled (bsc#1156202)
* Wed Jul 08 2020 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.19.1
    * https://nginx.org/en/CHANGES
    * The "lingering_close", "lingering_time", and "lingering_timeout"
      directives now work when using HTTP/2.
    * Now extra data sent by a backend are always discarded.
    * Now after receiving a too short response from a FastCGI server
      nginx tries to send the available part of the response
      to the client, and then closes the client connection.
    * Now after receiving a response with incorrect length from a
      gRPC backend nginx stops response processing with an error.
    * The "min_free" parameter of the "proxy_cache_path",
      "fastcgi_cache_path", "scgi_cache_path",
      and "uwsgi_cache_path" directives.
    * nginx did not delete unix domain listen sockets during
      graceful shutdown on the SIGQUIT signal.
    * Zero length UDP datagrams were not proxied.
    * Proxying to uwsgi backends using SSL might not work.
    * In error handling when using the "ssl_ocsp" directive.
    * On XFS and NFS file systems disk cache size might be
      calculated incorrectly.
    * "negative size buf in writer" alerts might appear in logs if
      a memcached server returned a malformed response.
* Thu May 28 2020 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.19.0
    * https://nginx.org/en/CHANGES
    * Client certificate validation with OCSP.
    * "upstream sent frame for closed stream" errors might occur
      when working with gRPC backends.
    * OCSP stapling might not work if the "resolver" directive
      was not specified.
    * Connections with incorrect HTTP/2 preface were not logged.
* Thu May 07 2020 Cristian Rodríguez <crrodriguez@opensuse.org>
  - Do not arbitrarily limit the default listen backlog
    (NGX_LISTEN_BACKLOG) to 511, instead use -1 to choose the
    system's default (sysctl net.core.somaxconn)
* Wed Apr 22 2020 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.18.0
    * 1.18.x stable branch.
* Fri Apr 17 2020 Thorsten Kukuk <kukuk@suse.com>
  - Use sysusers.d to create the nginx user and group
  - Remove self-conflict
* Wed Apr 15 2020 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.17.10
    * https://nginx.org/en/CHANGES
    * The "auth_delay" directive.
* Tue Mar 10 2020 Vítězslav Čížek <vcizek@suse.com>
  - Replace obsolete GeoIP module with MaxMinDB-based GeoIP2
    (bsc#1156202)
* Wed Mar 04 2020 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.17.9
    * https://nginx.org/en/CHANGES
    * Now nginx does not allow several "Host" request header lines.
    * nginx ignored additional "Transfer-Encoding" request header lines.
    * Socket leak when using HTTP/2.
    * A segmentation fault might occur in a worker process if OCSP
      stapling was used.
    * In the ngx_http_mp4_module.
    * nginx used status code 494 instead of 400 if errors with code
      494 were redirected with the "error_page" directive.
    * Socket leak when using subrequests in the njs module and the
      "aio" directive.
* Sun Feb 02 2020 Marcus Rueckert <mrueckert@suse.de>
  - Update to 1.17.8
    * Feature: variables support in the "grpc_pass" directive.
    * Bugfix: a timeout might occur while handling pipelined requests
      in an SSL connection; the bug had appeared in 1.17.5.
    * Bugfix: in the "debug_points" directive when using HTTP/2.
      Thanks to Daniil Bondarev.
* Tue Jan 21 2020 Thorsten Kukuk <kukuk@suse.com>
  - Use systemd_ordering instead of systemd_requires, nginx is useable
    without sysemd, too.
* Sat Dec 28 2019 Илья Индиго <ilya@ilya.pp.ua>
  - Refresh spec-file via spec-cleaner.
  - Add in service-file Wants=network-online.target (boo#1155690)
  - Update to 1.17.7
    * https://nginx.org/en/CHANGES
    * A segmentation fault might occur on start or during
      reconfiguration if the "rewrite" directive with an empty
      replacement string was used in the configuration.
    * A segmentation fault might occur in a worker process if the
      "break" directive was used with the "alias" directive or with
      the "proxy_pass" directive with a URI.
    * The "Location" response header line might contain garbage if
      the request URI was rewritten to the one containing a null character.
    * Requests with bodies were handled incorrectly when returning redirections
      with the "error_page" directive; the bug had appeared in 0.7.12.
    * Socket leak when using HTTP/2.
    * A timeout might occur while handling pipelined requests in an
      SSL connection; the bug had appeared in 1.17.5.
    * Bugfix in the ngx_http_dav_module.
    * CVE-2019-20372: Fixed an HTTP request smuggling with certain error_page
      configurations which could have allowed unauthorized web page reads (bsc#1160682).
* Sat Nov 23 2019 Marcus Rueckert <mrueckert@suse.de>
  - Update to 1.17.6
    - Feature: the $proxy_protocol_server_addr and
      $proxy_protocol_server_port variables.
    - Feature: the "limit_conn_dry_run" directive.
    - Feature: the $limit_req_status and $limit_conn_status
      variables.
* Mon Oct 28 2019 Cristian Rodríguez <crrodriguez@opensuse.org>
  - remove -std=gnu99 -fstack-protector from cflags as they are
    no longer needed.
* Wed Oct 23 2019 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.17.5
    * https://nginx.org/en/CHANGES
    * Now nginx uses ioctl(FIONREAD), if available, to avoid
      reading from a fast connection for a long time.
    * Incomplete escaped characters at the end of the request URI were ignored.
    * "/." and "/.." at the end of the request URI were not normalized.
    * In the "merge_slashes" directive.
    * In the "ignore_invalid_headers" directive.
    * nginx could not be built with MinGW-w64 gcc 8.1 or newer.
* Mon Oct 21 2019 Илья Индиго <ilya@ilya.pp.ua>
  - Update to 1.17.4
    * https://nginx.org/en/CHANGES
    * Better detection of incorrect client behavior in HTTP/2.
    * In handling of not fully read client request body when
      returning errors in HTTP/2.
    * The "worker_shutdown_timeout" directive might not work when
      using HTTP/2.
    * A segmentation fault might occur in a worker process when
      using HTTP/2 and the "proxy_request_buffering" directive.
    * The ECONNABORTED error log level was "crit" instead of
      "error" on Windows when using SSL.
    * nginx ignored extra data when using chunked transfer
      encoding.
    * nginx always returned the 500 error if the "return" directive
      was used and an error occurred during reading client request body.
    * In memory allocation error handling.
* Wed Aug 14 2019 Marcus Rueckert <mrueckert@suse.de>
  - update to 1.17.3
    - Security: when using HTTP/2 a client might cause excessive
      memory consumption and CPU usage (CVE-2019-9511, CVE-2019-9513,
      CVE-2019-9516).
    - Bugfix: "zero size buf" alerts might appear in logs when using
      gzipping; the bug had appeared in 1.17.2.
    - Bugfix: a segmentation fault might occur in a worker process if
      the "resolver" directive was used in SMTP proxy.
* Tue Jul 23 2019 Michael Ströder <michael@stroeder.com>
  - update to 1.17.2
    - Change: minimum supported zlib version is 1.2.0.4.
    - Change: the $r->internal_redirect() embedded perl method now expects
      escaped URIs.
    - Feature: it is now possible to switch to a named location using the
      $r->internal_redirect() embedded perl method.
    - Bugfix: in error handling in embedded perl.
    - Bugfix: a segmentation fault might occur on start or during
      reconfiguration if hash bucket size larger than 64 kilobytes was used
      in the configuration.
    - Bugfix: nginx might hog CPU during unbuffered proxying and when
      proxying WebSocket connections if the select, poll, or /dev/poll
      methods were used.
    - Bugfix: in the ngx_http_xslt_filter_module.
    - Bugfix: in the ngx_http_ssi_filter_module.
* Tue Jul 09 2019 Marcus Rueckert <mrueckert@suse.de>
  - update to 1.17.1
    - Feature: the "limit_req_dry_run" directive.
    - Feature: when using the "hash" directive inside the "upstream"
      block an empty hash key now triggers round-robin balancing.
      Thanks to Niklas Keller.
    - Bugfix: a segmentation fault might occur in a worker process if
      caching was used along with the "image_filter" directive, and
      errors with code 415 were redirected with the "error_page"
      directive; the bug had appeared in 1.11.10.
    - Bugfix: a segmentation fault might occur in a worker process if
      embedded perl was used; the bug had appeared in 1.7.3.
* Thu May 23 2019 seanlew@opensuse.org
  - update to version 1.17.0
    * Feature: variables support in the "limit_rate" directives
    * Feature: variables support in the "proxy rate" directies
    * Change: min supported OpenSSL is 0.9.8
    * Change: now the postpone filter is always built
    * Bugfix: the "include" directive didn't work inside "if"
    * Bugfix: in byte ranges processing
* Mon May 06 2019 seanlew@opensuse.org
  - update to version 1.16.0
    * 1.16 stable branch
    * Bugfix: segfault may occur in ssl_certificate worker process
* Sun Apr 07 2019 seanlew@opensuse.org
  - update to 1.15.10
    * When using hostname in the 'listen' directive, create new socket
    * Port ranges in the 'listen' directive
    * Loading of SSL certs/secret keys from variables
    * $ssl_server_name var might be empty with OpenSSL 1.1.1
* Sat Mar 02 2019 seanlew@openeuse.org
  - update to 1.15.9
    * Feature: variables support in the "ssl_certificate" directives
    * Bugfix: the "proxy_upload_rate" and "proxy_download_rate"
      directives in the stream module worked incorrectly with UDP
* Sun Dec 30 2018 sean@suspend.net
  - update to 1.15.8
    * Feature: the $upstream_bytes_sent variable
    * Feature: new directives in vim syntax highlighting scripts
    * Bugfix: in the "proxy_cache_background_update" directive
    * Bugfix: in the "geo" directive when using unix domain listen sockets
    * Workaround: the "ignoring stale global SSL error" alerts might appear erroneosuly
    * Bugfix: in the ngx_http_autoindex_module on x86
* Fri Dec 07 2018 chris@computersalat.de
  - update to 1.15.7
    * Feature: the "proxy_requests" directive in the stream module.
    * Feature: the "delay" parameter of the "limit_req" directive.
      Thanks to Vladislav Shabanov and Peter Shchuchkin.
    * Bugfix: memory leak on errors during reconfiguration.
    * Bugfix: in the $upstream_response_time, $upstream_connect_time, and
      $upstream_header_time variables.
    * Bugfix: a segmentation fault might occur in a worker process if the
      ngx_http_mp4_module was used on 32-bit platforms.
  - fix changes file for submit to Backports
    * see https://build.opensuse.org/request/show/653792
* Thu Nov 08 2018 alarrosa@suse.com
  - update to 1.15.6
    * fix for boo#1115022, boo#1115025
      Security: when using HTTP/2 a client might cause excessive memory
      consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).
    * fix for boo#1115015
      Security: processing of a specially crafted mp4 file with the
      ngx_http_mp4_module might result in worker process memory disclosure
      (CVE-2018-16845).
    - Feature: the "proxy_socket_keepalive", "fastcgi_socket_keepalive",
      "grpc_socket_keepalive", "memcached_socket_keepalive",
      "scgi_socket_keepalive", and "uwsgi_socket_keepalive" directives.
    - Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL
      1.1.1, the TLS 1.3 protocol was always enabled.
    - Bugfix: working with gRPC backends might result in excessive memory
      consumption.
  - Fix vim-plugin-nginx rpm group.
* Sat Nov 03 2018 sean@suspend.net
  - update to 1.15.5
    - Bugfix: a segmentation fault might occur in a worker process when using OpenSSL 1.1.0h or lower
    - Bugfix: minor potential bugs
  - update to 1.15.4
    - Feature: now the "ssl_early_data" directive can be used with OpenSSL.
    - Bugfix: in the ngx_http_uwsgi_module.
    - Bugfix: connections with some gRPC backends might not be cached when
      using the "keepalive" directive.
    - Bugfix: a socket leak might occur when using the "error_page"
      directive to redirect early request processing errors, notably errors
      with code 400.
    - Bugfix: the "return" directive did not change the response code when
      returning errors if the request was redirected by the "error_page"
      directive.
    - Bugfix: standard error pages and responses of the
      ngx_http_autoindex_module module used the "bgcolor" attribute, and
      might be displayed incorrectly when using custom color settings in
      browsers.
    - Change: the logging level of the "no suitable key share" and "no
      suitable signature algorithm" SSL errors has been lowered from "crit"
      to "info".
* Thu Sep 06 2018 Marcus Rueckert <mrueckert@suse.de>
  - update to 1.15.3
    - Feature: now TLSv1.3 can be used with BoringSSL.
    - Feature: the "ssl_early_data" directive, currently available
      with BoringSSL.
    - Feature: the "keepalive_timeout" and "keepalive_requests"
      directives in the "upstream" block.
    - Bugfix: the ngx_http_dav_module did not truncate destination
      file when copying a file over an existing one with the COPY
      method.
    - Bugfix: the ngx_http_dav_module used zero access rights on the
      destination file and did not preserve file modification time
      when moving a file between different file systems with the MOVE
      method.
    - Bugfix: the ngx_http_dav_module used default access rights when
      copying a file with the COPY method.
    - Workaround: some clients might not work when using HTTP/2; the
      bug had appeared in 1.13.5.
    - Bugfix: nginx could not be built with LibreSSL 2.8.0.
* Mon Jul 30 2018 mrueckert@suse.de
  - update to 1.15.2
    - Feature: the $ssl_preread_protocol variable in the
      ngx_stream_ssl_preread_module.
    - Feature: now when using the "reset_timedout_connection"
      directive nginx will reset connections being closed with the
      444 code.
    - Change: a logging level of the "http request", "https proxy
      request", "unsupported protocol", and "version too low" SSL
      errors has been lowered from "crit" to "info".
    - Bugfix: DNS requests were not resent if initial sending of a
      request failed.
    - Bugfix: the "reuseport" parameter of the "listen" directive was
      ignored if the number of worker processes was specified after
      the "listen" directive.
    - Bugfix: when using OpenSSL 1.1.0 or newer it was not possible
      to switch off "ssl_prefer_server_ciphers" in a virtual server
      if it was switched on in the default server.
    - Bugfix: SSL session reuse with upstream servers did not work
      with the TLS 1.3 protocol.
* Mon Jul 23 2018 mrueckert@suse.de
  - update to 1.15.1
    - Feature: the "random" directive inside the "upstream" block.
    - Feature: improved performance when using the "hash" and
      "ip_hash" directives with the "zone" directive.
    - Feature: the "reuseport" parameter of the "listen" directive
      now uses SO_REUSEPORT_LB on FreeBSD 12.
    - Bugfix: HTTP/2 server push did not work if SSL was terminated
      by a proxy server in front of nginx.
    - Bugfix: the "tcp_nopush" directive was always used on backend
      connections.
    - Bugfix: sending a disk-buffered request body to a gRPC backend
      might fail.
  - changes from 1.15.0
    - Change: the "ssl" directive is deprecated; the "ssl" parameter
      of the "listen" directive should be used instead.
    - Change: now nginx detects missing SSL certificates during
      configuration testing when using the "ssl" parameter of the
      "listen" directive.
    - Feature: now the stream module can handle multiple incoming UDP
      datagrams from a client within a single session.
    - Bugfix: it was possible to specify an incorrect response code
      in the "proxy_cache_valid" directive.
    - Bugfix: nginx could not be built by gcc 8.1.
    - Bugfix: logging to syslog stopped on local IP address changes.
    - Bugfix: nginx could not be built by clang with CUDA SDK
      installed; the bug had appeared in 1.13.8.
    - Bugfix: "getsockopt(TCP_FASTOPEN) ... failed" messages might
      appear in logs during binary upgrade when using unix domain
      listen sockets on FreeBSD.
    - Bugfix: nginx could not be built on Fedora 28 Linux.
    - Bugfix: request processing rate might exceed configured rate
      when using the "limit_req" directive.
    - Bugfix: in handling of client addresses when using unix domain
      listen sockets to work with datagrams on Linux.
    - Bugfix: in memory allocation error handling.
* Fri May 25 2018 mrostecki@suse.com
  - Add nginx-source package
* Tue May 15 2018 crrodriguez@opensuse.org
  - Do not require insserv on systemd-only releases.
* Mon May 07 2018 achernikov@suse.com
  - update to 1.14.0
    * 1.14.x stable branch.
  - includes changes from 1.13.12
    * bugfix connections with gRPC backends might be closed unexpectedly
    when returning a large response.
* Tue Apr 10 2018 astieger@suse.com
  - update to 1.13.11:
    * the "proxy_protocol" parameter of the "listen" directive now
      supports the PROXY protocol version 2
    * bugfix in the "http_404", "http_500", etc. parameters of the
      "proxy_next_upstream" directive
  - includes changes from 1.13.10:
    * the "set" parameter of the "include" SSI directive now allows
      writing arbitrary responses to a variable; the
      "subrequest_output_buffer_size" directive defines maximum
      response size
    * now nginx uses clock_gettime(CLOCK_MONOTONIC) if available, to
      avoid timeouts being incorrectly triggered on system time changes
    * add the "escape=none" parameter of the "log_format" directive
    * add the $ssl_preread_alpn_protocols variable in the
      ngx_stream_ssl_preread_module.
    * add the ngx_http_grpc_module.
    * fix memory allocation error handling in the "geo" directive.
    * when using variables in the "auth_basic_user_file" directive
      a null character may have appeared in logs
  - Use %license (bsc#1082318)
* Wed Mar 28 2018 achernikov@suse.com
  - Recommend to use TLSv1.2 by default (boo#1086855)
* Wed Feb 21 2018 mrueckert@suse.de
  - update rmtp module to 1.2.1
    - just commenting all places where we fallthrough conditionals
* Wed Feb 21 2018 mrueckert@suse.de
  - update headers more to 0.33
    - feature: add wildcard match support for
      more_clear_input_headers.
* Wed Feb 21 2018 mrueckert@suse.de
  - update fancyindex module to 0.4.2
    This release contains an important fix which can cause Nginx to
    crash when a directory contains zero-sized (empty) files. This
    bug has been present in all previous releases, and all users are
    strongly encouraged to update to version 0.4.2.
    https://github.com/aperezdc/ngx-fancyindex/releases/tag/v0.4.2
* Wed Feb 21 2018 mrueckert@suse.de
  - changes from 1.13.9
    - Feature: HTTP/2 server push support; the "http2_push" and
      "http2_push_preload" directives.
    - Bugfix: "header already sent" alerts might appear in logs when
      using cache; the bug had appeared in 1.9.13.
    - Bugfix: a segmentation fault might occur in a worker process if
      the "ssl_verify_client" directive was used and no SSL
      certificate was specified in a virtual server.
    - Bugfix: in the ngx_http_v2_module.
    - Bugfix: in the ngx_http_dav_module.
  - updates from 1.13.8
    - Feature: now nginx automatically preserves the CAP_NET_RAW
      capability in worker processes when using the "transparent"
      parameter of the "proxy_bind", "fastcgi_bind",
      "memcached_bind", "scgi_bind", and "uwsgi_bind" directives.
    - Feature: improved CPU cache line size detection. Thanks to
      Debayan Ghosh.
    - Feature: new directives in vim syntax highlighting scripts.
      Thanks to Gena Makhomed.
    - Bugfix: binary upgrade refused to work if nginx was re-parented
      to a process with PID different from 1 after its parent process
      has finished.
    - Bugfix: the ngx_http_autoindex_module incorrectly handled
      requests with bodies.
    - Bugfix: in the "proxy_limit_rate" directive when used with the
      "keepalive" directive.
    - Bugfix: some parts of a response might be buffered when using
      "proxy_buffering off" if the client connection used SSL.
      Thanks to Patryk Lesiewicz.
    - Bugfix: in the "proxy_cache_background_update" directive.
    - Bugfix: it was not possible to start a parameter with a
      variable in the "${name}" form with the name in curly brackets
      without enclosing the parameter into single or double quotes.
* Wed Feb 07 2018 achernikov@suse.com
  - Install /etc/nginx/conf.d directory for custom user configuration
    files
* Wed Feb 07 2018 achernikov@suse.com
  - Install /etc/nginx/vhosts.d directory for default installation
    to house custom virtual hosts configuration files

Files

/etc/logrotate.d/nginx
/etc/nginx
/etc/nginx/conf.d
/etc/nginx/fastcgi.conf
/etc/nginx/fastcgi.conf.default
/etc/nginx/fastcgi_params
/etc/nginx/fastcgi_params.default
/etc/nginx/koi-utf
/etc/nginx/koi-win
/etc/nginx/mime.types
/etc/nginx/mime.types.default
/etc/nginx/nginx.conf
/etc/nginx/nginx.conf.default
/etc/nginx/scgi_params
/etc/nginx/scgi_params.default
/etc/nginx/uwsgi_params
/etc/nginx/uwsgi_params.default
/etc/nginx/vhosts.d
/etc/nginx/win-utf
/srv/www/htdocs/50x.html
/usr/lib/nginx
/usr/lib/nginx/modules
/usr/lib/nginx/modules/ngx_http_image_filter_module.so
/usr/lib/nginx/modules/ngx_http_perl_module.so
/usr/lib/nginx/modules/ngx_http_xslt_filter_module.so
/usr/lib/nginx/modules/ngx_mail_module.so
/usr/lib/nginx/modules/ngx_stream_module.so
/usr/lib/perl5/vendor_perl/5.34.0/armv7l-linux-thread-multi/auto/nginx
/usr/lib/perl5/vendor_perl/5.34.0/armv7l-linux-thread-multi/auto/nginx/nginx.so
/usr/lib/perl5/vendor_perl/5.34.0/armv7l-linux-thread-multi/nginx.pm
/usr/lib/systemd/system/nginx.service
/usr/lib/sysusers.d/nginx.conf
/usr/sbin/nginx
/usr/sbin/rcnginx
/usr/share/doc/packages/nginx
/usr/share/doc/packages/nginx/CHANGES
/usr/share/doc/packages/nginx/CHANGES.ru
/usr/share/doc/packages/nginx/LICENSE
/usr/share/man/man3/nginx.3pm.gz
/usr/share/nginx
/usr/share/nginx/geo2nginx.pl
/usr/share/nginx/unicode2nginx
/usr/share/nginx/unicode2nginx/koi-utf
/usr/share/nginx/unicode2nginx/unicode-to-nginx.pl
/usr/share/nginx/unicode2nginx/win-utf
/var/lib/nginx
/var/lib/nginx/fastcgi
/var/lib/nginx/proxy
/var/lib/nginx/scgi
/var/lib/nginx/tmp
/var/lib/nginx/uwsgi
/var/log/nginx


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Oct 12 23:35:28 2021