...
 
Commits (2)
nginx (1.16.1-4+bionic1) bionic; urgency=medium
* Non-maintainer upload.
* Switch to new versioning scheme.
* SECURITY UPDATE: request smuggling via error_page
- debian/patches/CVE-2019-20372.patch: discard request body when
redirecting to a URL via error_page in
src/http/ngx_http_special_response.c.
- CVE-2019-20372
-- Filip Chabik <hadret@gmail.com> Tue, 14 Jan 2020 11:08:51 +0000
nginx (1.16.1-3bionic1) bionic; urgency=medium
* Non-maintainer upload.
* feat: http-upsync: Upgrade to 2.1.2.
-- Filip Chabik <hadret@gmail.com> Fri, 03 Jan 2020 10:59:23 +0000
nginx (1.16.1-2bionic1) bionic; urgency=medium
* Non-maintainer upload.
......
......@@ -67,7 +67,7 @@ Version: 1.2.1
Module: http-upsync
Homepage: https://github.com/weibocom/nginx-upsync-module
Version: 2.1.1
Version: 2.1.2
Module: http-vhost-traffic-status
Homepage: https://github.com/vozlt/nginx-module-vts
......
......@@ -1153,7 +1153,10 @@ ngx_http_upsync_del_peers(ngx_cycle_t *cycle,
pre_peer = peer;
}
}
tmp_del_peer->next = NULL;
if (tmp_del_peer) {
tmp_del_peer->next = NULL;
}
peers->single = (n == 1);
peers->number = n;
......
From c1be55f97211d38b69ac0c2027e6812ab8b1b94e Mon Sep 17 00:00:00 2001
From: Ruslan Ermilov <ru@nginx.com>
Date: Mon, 23 Dec 2019 15:45:46 +0300
Subject: [PATCH] Discard request body when redirecting to a URL via
error_page.
Reported by Bert JW Regeer and Francisco Oca Gonzalez.
---
src/http/ngx_http_special_response.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/http/ngx_http_special_response.c b/src/http/ngx_http_special_response.c
index 4ffb2cc8ad..76e6705889 100644
--- a/src/http/ngx_http_special_response.c
+++ b/src/http/ngx_http_special_response.c
@@ -623,6 +623,12 @@ ngx_http_send_error_page(ngx_http_request_t *r, ngx_http_err_page_t *err_page)
return ngx_http_named_location(r, &uri);
}
+ r->expect_tested = 1;
+
+ if (ngx_http_discard_request_body(r) != NGX_OK) {
+ r->keepalive = 0;
+ }
+
location = ngx_list_push(&r->headers_out.headers);
if (location == NULL) {
0001-upstream-check.patch
0002-Make-sure-signature-stays-the-same-in-all-nginx-buil.patch
0003-define_gnu_source-on-other-glibc-based-platforms.patch
CVE-2019-20372.patch