nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-05 20:43:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
cc7426501d
nixpkgs/pkgs/servers/http/nginx/stable.nix
Thomas Gerbet 25e4a15f2a nginx: 1.26.0 -> 1.26.1 
Fixes CVE-2024-32760, CVE-2024-31079, CVE-2024-35200 and CVE-2024-34161.
Note that the `nginxQuic` derivation rely on `nginxMainline`.

Changes:
```
Changes with nginx 1.26.1                                        29 May 2024

    *) Security: when using HTTP/3, processing of a specially crafted QUIC
       session might cause a worker process crash, worker process memory
       disclosure on systems with MTU larger than 4096 bytes, or might have
       potential other impact (CVE-2024-32760, CVE-2024-31079,
       CVE-2024-35200, CVE-2024-34161).
       Thanks to Nils Bars of CISPA.

    *) Bugfix: reduced memory consumption for long-lived requests if "gzip",
       "gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.

    *) Bugfix: nginx could not be built by gcc 14 if the --with-atomic
       option was used.
       Thanks to Edgar Bonet.

    *) Bugfix: in HTTP/3.

```
2024-05-31 11:30:28 +02:00

7 lines
151 B
Nix
Raw Blame History

{ callPackage, ... } @ args:
callPackage ./generic.nix args {
version = "1.26.1";
hash = "sha256-+Rh0aP8usVkmC/1Thnwl/44zRyYjes8ie56HDlPT42s=";
}
Reference in New Issue View Git Blame Copy Permalink