nginx-full_1.10.3-0ubuntu0.16.04.4_amd64.deb


Advertisement

Description

nginx-full - nginx web/proxy server (standard version)

Property Value
Distribution Ubuntu 16.04 LTS (Xenial Xerus)
Repository Ubuntu Updates Universe amd64
Package filename nginx-full_1.10.3-0ubuntu0.16.04.4_amd64.deb
Package name nginx-full
Package version 1.10.3
Package release 0ubuntu0.16.04.4
Package architecture amd64
Package type deb
Category universe/httpd
Homepage http://nginx.net
License -
Maintainer Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Download size 442.89 KB
Installed size 1.29 MB
Nginx ("engine X") is a high-performance web and reverse proxy server
created by Igor Sysoev. It can be used both as a standalone web server
and as a proxy to reduce the load on back-end HTTP or mail servers.
This package provides a version of nginx with the complete set of
standard modules included (but omitting some of those included in
nginx-extra).
STANDARD HTTP MODULES: Core, Access, Auth Basic, Auto Index, Browser, Empty
GIF, FastCGI, Geo, Limit Connections, Limit Requests, Map, Memcached, Proxy,
Referer, Rewrite, SCGI, Split Clients, UWSGI.
OPTIONAL HTTP MODULES: Addition, Auth Request, Charset, WebDAV, GeoIP, Gunzip,
Gzip, Gzip Precompression, Headers, HTTP/2, Image Filter, Index, Log, Real IP,
SSI, SSL, Stream, Stub Status, Substitution, Thread Pool, Upstream, User ID,
XSLT.
MAIL MODULES: Mail Core, Auth HTTP, Proxy, SSL, IMAP, POP3, SMTP.
THIRD PARTY MODULES: Auth PAM, DAV Ext, Echo, HTTP Substitutions, Upstream
Fair Queue.

Alternatives

Package Version Architecture Repository
nginx-full_1.10.3-0ubuntu0.16.04.4_i386.deb 1.10.3 i386 Ubuntu Updates Universe
nginx-full_1.9.15-0ubuntu1_i386.deb 1.9.15 i386 Ubuntu Universe
nginx-full_1.9.15-0ubuntu1_amd64.deb 1.9.15 amd64 Ubuntu Universe
nginx-full - - -

Requires

Name Value
libc6 >= 2.14
libexpat1 >= 2.0.1
libgd3 >= 2.1.0~alpha~
libgeoip1 -
libpam0g >= 0.99.7.1
libpcre3 -
libssl1.0.0 >= 1.0.2~beta3
libxml2 >= 2.7.4
libxslt1.1 >= 1.1.25
nginx-common = 1.10.3-0ubuntu0.16.04.4
zlib1g >= 1:1.1.4

Provides

Name Value
httpd -
httpd-cgi -
nginx -

Conflicts

Name Value
nginx-core -
nginx-extras -
nginx-light -

Download

Type URL
Mirror archive.ubuntu.com
Binary Package nginx-full_1.10.3-0ubuntu0.16.04.4_amd64.deb
Source Package nginx

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install nginx-full deb package:
    # sudo apt-get install nginx-full

Files

Path
/usr/sbin/nginx
/usr/share/doc/nginx-full/changelog.Debian.gz
/usr/share/doc/nginx-full/copyright
/usr/share/lintian/overrides/nginx-full
/usr/share/man/man8/nginx.8.gz

Changelog

2019-08-14 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
nginx (1.10.3-0ubuntu0.16.04.4) xenial-security; urgency=medium
* SECURITY UPDATE: HTTP/2 Data Dribble issue
- debian/patches/CVE-2019-9511.patch: limited number of DATA frames in
src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h,
src/http/v2/ngx_http_v2_filter_module.c.
- CVE-2019-9511
* SECURITY UPDATE: HTTP/2 Resource Loop / Priority Shuffling issue
- debian/patches/CVE-2019-9513.patch: limited number of PRIORITY frames
in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
- CVE-2019-9513
* SECURITY UPDATE: HTTP/2 0-Length Headers Leak issue
- debian/patches/CVE-2019-9516.patch: reject zero length headers with
PROTOCOL_ERROR in src/http/v2/ngx_http_v2.c.
- CVE-2019-9516
2018-11-06 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
nginx (1.10.3-0ubuntu0.16.04.3) xenial-security; urgency=medium
* SECURITY UPDATE: excessive memory consumption in HTTP/2 implementation
- debian/patches/CVE-2018-16843.patch: add flood detection in
src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
- CVE-2018-16843
* SECURITY UPDATE: excessive CPU usage in HTTP/2 implementation
- debian/patches/CVE-2018-16844-pre.patch: backport new
http2_max_requests directive.
- debian/patches/CVE-2018-16844.patch: limit the number of idle state
switches in src/http/v2/ngx_http_v2.c, src/http/v2/ngx_http_v2.h.
- CVE-2018-16844
* SECURITY UPDATE: infinite loop in ngx_http_mp4_module
- debian/patches/CVE-2018-16845.patch: fixed reading 64-bit atoms in
src/http/modules/ngx_http_mp4_module.c.
- CVE-2018-16845
2017-07-12 - Steve Beattie <sbeattie@ubuntu.com>
nginx (1.10.3-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: integer overflow in range filter leading to
information exposure
- debian/patches/CVE-2017-7529.patch: add check to ensure size does
not overflow
- CVE-2017-7529
2017-02-11 - Thomas Ward <teward@ubuntu.com>
nginx (1.10.3-0ubuntu0.16.04.1) xenial; urgency=medium
* Stable Release Update (LP: #1663937)
* New upstream release (1.10.3) - full changelog available at upstream
website - http://nginx.org/en/CHANGES-1.10
* All Ubuntu specific changes from 1.10.0-0ubuntu1 through
1.10.0-0ubuntu0.16.04.4 remain included.
* Additional changes:
* debian/patches/ubuntu-branding.patch: Refreshed Ubuntu Branding patch.
* debian/patches/cve-2016-4450.patch: Drop CVE patch as it is already
included in the upstream source code in this upload.
2016-10-27 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
nginx (1.10.0-0ubuntu0.16.04.4) xenial-security; urgency=medium
* SECURITY REGRESSION: config upgrade failure (LP: #1637058)
- debian/nginx-common.config: fix return code so script doesn't exit.
2016-10-18 - Marc Deslauriers <marc.deslauriers@ubuntu.com>
nginx (1.10.0-0ubuntu0.16.04.3) xenial-security; urgency=medium
[ Christos Trochalakis ]
* debian/nginx-common.postinst:
+ Secure log file handling (owner & permissions) against privilege
escalation attacks. /var/log/nginx is now owned by root:adm.
Thanks Dawid Golunski (http://legalhackers.com) for the report.
Changing /var/log/nginx permissions effectively reopens #701112,
since log files can be world-readable. This is a trade-off until
a better log opening solution is implemented upstream (trac:376).
* debian/control:
Don't allow building against liblua5.1-0-dev on architectures
that libluajit is available.
2016-05-31 - Thomas Ward <teward@ubuntu.com>
nginx (1.10.0-0ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: Null pointer dereference while writing client request
body (LP: #1587577)
- debian/patches/cve-2016-4450.patch: Upstream patch to address issue.
- CVE-2016-4450

See Also

Package Description
nginx-light_1.10.3-0ubuntu0.16.04.4_amd64.deb nginx web/proxy server (basic version)
nodejs-dev_4.2.6~dfsg-1ubuntu4.2_amd64.deb evented I/O for V8 javascript (development files)
nodejs-legacy_4.2.6~dfsg-1ubuntu4.2_all.deb evented I/O for V8 javascript (legacy symlink)
nodejs-mozilla_8.14.0-0ubuntu0.16.04.1_amd64.deb evented I/O for V8 javascript
nodejs_4.2.6~dfsg-1ubuntu4.2_amd64.deb evented I/O for V8 javascript
nova-ajax-console-proxy_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - AJAX console proxy - transitional package
nova-api-metadata_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - metadata API frontend
nova-api-os-compute_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - OpenStack Compute API frontend
nova-api-os-volume_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - OpenStack Volume API frontend
nova-cells_13.1.4-0ubuntu4.5_all.deb Openstack Compute - cells
nova-compute-qemu_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - compute node (QEmu)
nova-compute-vmware_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - compute node (VMware)
nova-compute-xen_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - compute node (Xen)
nova-conductor_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - conductor service
nova-console_13.1.4-0ubuntu4.5_all.deb OpenStack Compute - Console
Advertisement
Advertisement