applied the official patch for the nginx security vulnerability CVE-2013-2070.

12 years ago · 07fbdad118
parent 090060c907
commit 07fbdad118
4 changed files with 31 additions and 1 deletions
--- a/patches/nginx-1.2.7-cve-2013-2070.patch
+++ b/patches/nginx-1.2.7-cve-2013-2070.patch
@ -0,0 +1,13 @@
+--- src/http/modules/ngx_http_proxy_module.c
+++ src/http/modules/ngx_http_proxy_module.c
+@@ -1865,6 +1865,10 @@ data:
+ 
+     }
+ 
+    if (ctx->size < 0 || ctx->length < 0) {
+        goto invalid;
+    }
+
+     return rc;
+ 
+ done:
--- a/patches/nginx-1.2.8-cve-2013-2070.patch
+++ b/patches/nginx-1.2.8-cve-2013-2070.patch
@ -0,0 +1,13 @@
+--- src/http/modules/ngx_http_proxy_module.c
+++ src/http/modules/ngx_http_proxy_module.c
+@@ -1865,6 +1865,10 @@ data:
+ 
+     }
+ 
+    if (ctx->size < 0 || ctx->length < 0) {
+        goto invalid;
+    }
+
+     return rc;
+ 
+ done:
--- a/util/mirror-tarballs
+++ b/util/mirror-tarballs
@ -146,6 +146,10 @@ if [ "$answer" = "N" ]; then
    echo
 fi

+echo "$info_txt applying patches/nginx-$main_ver-cve-2013-2070.patch for nginx"
+patch -p0 < $root/patches/nginx-$main_ver-cve-2013-2070.patch || exit 1
+echo
+
 rm -f *.patch || exit 1

 cd .. || exit 1
--- a/util/ver
+++ b/util/ver
@ -2,7 +2,7 @@

 #main_ver=1.3.11
 main_ver=1.2.8
-minor_ver=1
+minor_ver=3
 version=$main_ver.$minor_ver
 echo $version