applied the official patch patch.2013.space.txt for the Nginx core to fix the security issue CVE-2013-4547.

pull/39/head v1.4.3.6
Yichun Zhang (agentzh) 11 years ago
parent 97622943d2
commit 8b86c72ea2

@ -0,0 +1,18 @@
--- src/http/ngx_http_parse.c
+++ src/http/ngx_http_parse.c
@@ -617,6 +617,7 @@ ngx_http_parse_request_line(ngx_http_req
default:
r->space_in_uri = 1;
state = sw_check_uri;
+ p--;
break;
}
break;
@@ -670,6 +671,7 @@ ngx_http_parse_request_line(ngx_http_req
default:
r->space_in_uri = 1;
state = sw_uri;
+ p--;
break;
}
break;

@ -203,6 +203,13 @@ echo "$info_txt applying the cache_manager_exit patch for nginx $ver"
patch -p1 < $root/patches/nginx-$ver-cache_manager_exit.patch || exit 1
echo
answer=`$root/util/ver-ge "$main_ver" 1.4.4`
if [ "$answer" = "N" ]; then
echo "$info_txt applying the CVE-2013-4547 patch for nginx $ver"
patch -p0 < $root/patches/patch.2013.space.txt || exit 1
echo
fi
rm -f *.patch || exit 1
cd .. || exit 1

@ -2,7 +2,7 @@
#main_ver=1.5.4
main_ver=1.4.3
minor_ver=4
minor_ver=6
version=$main_ver.$minor_ver
echo $version

Loading…
Cancel
Save