nginx-core_1.10.3-0ubuntu0.16.04.4_i386.deb


Advertisement

Description

nginx-core - nginx web/proxy server (core version)

Property Value
Distribution Ubuntu 16.04 LTS (Xenial Xerus)
Repository Ubuntu Updates Main i386
Package filename nginx-core_1.10.3-0ubuntu0.16.04.4_i386.deb
Package name nginx-core
Package version 1.10.3
Package release 0ubuntu0.16.04.4
Package architecture i386
Package type deb
Category httpd
Homepage http://nginx.net
License -
Maintainer Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Download size 460.21 KB
Installed size 1.25 MB
Nginx ("engine X") is a high-performance web and reverse proxy server
created by Igor Sysoev. It can be used both as a standalone web server
and as a proxy to reduce the load on back-end HTTP or mail servers.
This package provides a version of nginx with the complete set of
standard modules included (but omitting some of those included in
nginx-extras).
STANDARD HTTP MODULES: Core, Access, Auth Basic, Auto Index, Browser, Empty
GIF, FastCGI, Geo, Limit Connections, Limit Requests, Map, Memcached, Proxy,
Referer, Rewrite, SCGI, Split Clients, UWSGI.
OPTIONAL HTTP MODULES: Addition, Auth Request, Charset, WebDAV, GeoIP, Gunzip,
Gzip, Gzip Precompression, Headers, HTTP/2, Image Filter, Index, Log, Real IP,
SSI, SSL, Stream, Stub Status, Substitution, Thread Pool, Upstream, User ID,
XSLT.
MAIL MODULES: Mail Core, Auth HTTP, Proxy, SSL, IMAP, POP3, SMTP.
NOTE: This is identical to the -full build, but without any third party
modules built in.

Alternatives

Package Version Architecture Repository
nginx-core_1.10.3-0ubuntu0.16.04.4_amd64.deb 1.10.3 amd64 Ubuntu Updates Main
nginx-core_1.9.15-0ubuntu1_i386.deb 1.9.15 i386 Ubuntu Main
nginx-core_1.9.15-0ubuntu1_amd64.deb 1.9.15 amd64 Ubuntu Main
nginx-core - - -

Requires

Name Value
libc6 >= 2.10
libgd3 >= 2.1.0~alpha~
libgeoip1 -
libpcre3 -
libssl1.0.0 >= 1.0.2~beta3
libxml2 >= 2.7.4
libxslt1.1 >= 1.1.25
nginx-common = 1.10.3-0ubuntu0.16.04.4
zlib1g >= 1:1.1.4

Provides

Name Value
httpd -
httpd-cgi -
nginx -

Conflicts

Name Value
nginx-extras -
nginx-full -
nginx-light -

Download

Type URL
Mirror archive.ubuntu.com
Binary Package nginx-core_1.10.3-0ubuntu0.16.04.4_i386.deb
Source Package nginx

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install nginx-core deb package:
    # sudo apt-get install nginx-core

Files

Path
/usr/sbin/nginx
/usr/share/doc/nginx-core/changelog.Debian.gz
/usr/share/doc/nginx-core/copyright
/usr/share/lintian/overrides/nginx-core

Changelog

2019-08-14 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
nginx (1.10.3-0ubuntu0.16.04.4) xenial-security; urgency=medium
* SECURITY UPDATE: HTTP/2 Data Dribble issue
- debian/patches/CVE-2019-9511.patch: limited number of DATA frames in
src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h,
src/http/v2/ngx_http_v2_filter_module.c.
- CVE-2019-9511
* SECURITY UPDATE: HTTP/2 Resource Loop / Priority Shuffling issue
- debian/patches/CVE-2019-9513.patch: limited number of PRIORITY frames
in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
- CVE-2019-9513
* SECURITY UPDATE: HTTP/2 0-Length Headers Leak issue
- debian/patches/CVE-2019-9516.patch: reject zero length headers with
PROTOCOL_ERROR in src/http/v2/ngx_http_v2.c.
- CVE-2019-9516
2018-11-06 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
nginx (1.10.3-0ubuntu0.16.04.3) xenial-security; urgency=medium
* SECURITY UPDATE: excessive memory consumption in HTTP/2 implementation
- debian/patches/CVE-2018-16843.patch: add flood detection in
src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
- CVE-2018-16843
* SECURITY UPDATE: excessive CPU usage in HTTP/2 implementation
- debian/patches/CVE-2018-16844-pre.patch: backport new
http2_max_requests directive.
- debian/patches/CVE-2018-16844.patch: limit the number of idle state
switches in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
- CVE-2018-16844
* SECURITY UPDATE: infinite loop in ngx_http_mp4_module
- debian/patches/CVE-2018-16845.patch: fixed reading 64-bit atoms in
src/http/modules/ngx_http_mp4_module.c.
- CVE-2018-16845
2017-07-12 - Steve Beattie <sbeattie@ubuntu.com>
nginx (1.10.3-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: integer overflow in range filter leading to
information exposure
- debian/patches/CVE-2017-7529.patch: add check to ensure size does
not overflow
- CVE-2017-7529
2017-02-11 - Thomas Ward <teward@ubuntu.com>
nginx (1.10.3-0ubuntu0.16.04.1) xenial; urgency=medium
* Stable Release Update (LP: #1663937)
* New upstream release (1.10.3) - full changelog available at upstream
website - http://nginx.org/en/CHANGES-1.10
* All Ubuntu specific changes from 1.10.0-0ubuntu1 through
1.10.0-0ubuntu0.16.04.4 remain included.
* Additional changes:
* debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.
* debian/patches/cve-2016-4450.patch: Drop CVE patch as it is already
included in the upstream source code in this upload.
2016-10-27 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
nginx (1.10.0-0ubuntu0.16.04.4) xenial-security; urgency=medium
* SECURITY REGRESSION: config upgrade failure (LP: #1637058)
- debian/nginx-common.config: fix return code so script doesn't exit.
2016-10-18 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
nginx (1.10.0-0ubuntu0.16.04.3) xenial-security; urgency=medium
[ Christos Trochalakis ]
* debian/nginx-common.postinst:
+ Secure log file handling (owner & permissions) against privilege
escalation attacks. /var/log/nginx is now owned by root:adm.
Thanks Dawid Golunski (http://legalhackers.com) for the report.
Changing /var/log/nginx permissions effectively reopens #701112,
since log files can be world-readable. This is a trade-off until
a better log opening solution is implemented upstream (trac:376).
* debian/control:
Don't allow building against liblua5.1-0-dev on architectures
that libluajit is available.
2016-05-31 - Thomas Ward <teward@ubuntu.com>
nginx (1.10.0-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: Null pointer dereference while writing client request
body (LP: #1587577)
- debian/patches/cve-2016-4450.patch: Upstream patch to address issue.
- CVE-2016-4450

See Also

Package Description
nginx-doc_1.10.3-0ubuntu0.16.04.4_all.deb small, powerful, scalable web/proxy server - documentation
nginx_1.10.3-0ubuntu0.16.04.4_all.deb small, powerful, scalable web/proxy server
nova-api_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - API frontend
nova-cert_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - certificate management
nova-common_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - common files
nova-compute-kvm_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - compute node (KVM)
nova-compute-libvirt_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - compute node libvirt support
nova-compute-lxc_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - compute node (LXC)
nova-compute-lxd_13.3.0-0ubuntu2_all.deb Openstack Compute - LXD container hypervisor support
nova-compute_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - compute node base
nova-doc_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - documentation
nova-network_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - Network manager
nova-scheduler_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - virtual machine scheduler
nova-volume_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - storage
ntfs-3g-dev_2015.3.14AR.1-1ubuntu0.3_i386.deb read/write NTFS driver for FUSE (development)
Advertisement
Advertisement