group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1663937] Re: [SRU] Please update nginx in Xenial and Yakkety to 1.10.3

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1663937@xxxxxxxxxxxxxxxxxx>
Date: Thu, 29 Jun 2017 17:21:44 -0000
Reply-to: Bug 1663937 <1663937@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package nginx - 1.10.3-0ubuntu0.16.04.1

---------------
nginx (1.10.3-0ubuntu0.16.04.1) xenial; urgency=medium

  * Stable Release Update (LP: #1663937)
  * New upstream release (1.10.3) - full changelog available at upstream
    website - http://nginx.org/en/CHANGES-1.10
  * All Ubuntu specific changes from 1.10.0-0ubuntu1 through
    1.10.0-0ubuntu0.16.04.4 remain included.
  * Additional changes:
    * debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.
    * debian/patches/cve-2016-4450.patch: Drop CVE patch as it is already
      included in the upstream source code in this upload.

 -- Thomas Ward <teward@xxxxxxxxxx>  Sat, 11 Feb 2017 16:18:21 -0500

** Changed in: nginx (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1663937

Title:
  [SRU] Please update nginx in Xenial and Yakkety to 1.10.3

Status in nginx package in Ubuntu:
  Fix Released
Status in nginx source package in Xenial:
  Fix Released
Status in nginx source package in Yakkety:
  Fix Committed

Bug description:
  [Impact]

  Two releases are affected: Xenial and Yakkety.

  There are a bunch of bugfixes in 1.10.3, including HTTP/2 fixes, that
  should be included in Ubuntu.  This is detailed here in the upstream
  changelog from nginx:

  Changes with nginx 1.10.3 (31 Jan 2017)

      *) Bugfix: in the "add_after_body" directive when used with the
         "sub_filter" directive.

      *) Bugfix: unix domain listen sockets might not be inherited during
         binary upgrade on Linux.

      *) Bugfix: graceful shutdown of old worker processes might require
         infinite time when using HTTP/2.

      *) Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
         directives client request body might be corrupted; the bug had
         appeared in 1.10.2.

      *) Bugfix: a segmentation fault might occur in a worker process when
         using HTTP/2; the bug had appeared in 1.10.2.

      *) Bugfix: an incorrect response might be returned when using the
         "sendfile" directive on FreeBSD and macOS; the bug had appeared in
         1.7.8.

      *) Bugfix: a truncated response might be stored in cache when using the
         "aio_write" directive.

      *) Bugfix: a socket leak might occur when using the "aio_write"
         directive.

  [Test Case]

  No test cases available as there are no bugs filed for any of these in
  Ubuntu.  However, due to HTTP/2, any 'bugs' in these which may corrupt
  data or not kill worker processes correctly, or segfault, should be
  addressed.

  [Regression Potential]

  All these bugfixes were tested upstream by the nginx team, and do not
  pose a regression risk to the existing software versions or features
  of Ubuntu in affected releases.

  [Other Info]

  I will be uploading nginx 1.10.3 directly to Zesty today, and then
  have a merge ready by the end of the week for Zesty from Debian, which
  pulls in dynamic module support, etc.  This SRU is written here ahead
  of having the Zesty update done, because this happens to be on my list
  of things to get done before the Zesty update.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1663937/+subscriptions