[yocto] [PATCH 5/7][meta-openembedded] Update nginx to 1.9.5

Khem Raj raj.khem at gmail.com
Thu Oct 8 08:05:35 PDT 2015 

> On Oct 8, 2015, at 7:52 AM, Jens Rehsack <rehsack at gmail.com> wrote:
> 
> 
>> Am 02.10.2015 um 03:25 schrieb Khem Raj <raj.khem at gmail.com>:
>> 
>> Jens
>> 
>> 
>>> On Oct 1, 2015, at 11:18 AM, Jens Rehsack <rehsack at gmail.com> wrote:
>>> 
>>> 
>>> many bux-fixes, optmizations and features added:
>>> 
>>> Changes with nginx 1.9.5                                         22 Sep 2015
>>> 
>>> [...]
>>>  *) Security: a stack-based buffer overflow might occur in a worker
>>>     process while handling a specially crafted request, potentially
>>>     resulting in arbitrary code execution (CVE-2013-2028); the bug had
>>>     appeared in 1.3.9.
>>>     Thanks to Greg MacManus, iSIGHT Partners Labs.
>>> 
>> 
>> 
>> This is good info. Although a link to diff in cgit or web view of whatever SCM nginx uses would have done too.
> 
> That's simply the Changelog. It's an update, not a fix for a critical issue.
> Do you really ask me to list each fixed bug from nginx' ticket list?

No, on the contrary, I said if the release published the link for all this changes somewhere then just include the link
instead of enumerating changes here.

> 
>>> Signed-off-by: Jens Rehsack <sno at netbsd.org>
>>> [...]
>>> --- a/meta-webserver/recipes-httpd/nginx/nginx_1.4.4.bb
>>> +++ /dev/null
>> 
>> 
>> please user git format-patch -M to let git work harder on detecting renames, its way easier to review the changes that way
>> this patch belongs to openembedded-devel list so please resend it there with prefixing the layer in meta-openembedded repo [meta-webserver] where the patch is applied.
> 
> Sure, will do when I have feedback regarding above question.
> 
> Regarding the other 6 patches - is just the right layer and "-M" missing?
> Do I have to improve them anyhow (beside what Martin Jansa and Khem criticized: missing description here and there)?
> 
>>> [...]
> 
> Cheers
> --
> Jens Rehsack - rehsack at gmail.com
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.yoctoproject.org/pipermail/yocto/attachments/20151008/cffd6dd9/attachment.pgp>

More information about the yocto mailing list