Nginx [nginx-announce] nginx-1.15.6

Changes with nginx 1.15.6 06 Nov 2018

*) Security: when using HTTP/2 a client might cause excessive memory
consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).

*) Security: processing of a specially crafted mp4 file with the
ngx_http_mp4_module might result in worker process memory disclosure
(CVE-2018-16845).

*) Feature: the "proxy_socket_keepalive", "fastcgi_socket_keepalive",
"grpc_socket_keepalive", "memcached_socket_keepalive",
"scgi_socket_keepalive", and "uwsgi_socket_keepalive" directives.

*) Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL
1.1.1, the TLS 1.3 protocol was always enabled.

---

*) Bugfix: working with gRPC backends might result in excessive memory
consumption.


--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce

Continue reading...

 

More details Nginx - [nginx-announce] nginx security advisory (CVE-2018-16843, CVE-2018-16844, CVE-2018-16845)

 

To update see instructions at Centmin Mod Nginx 1.15.6 Security Updates

example of 123.09beta01 cmupdate command to update Centmin Mod code BEFORE running centmin.sh menu option 4 to update Nginx to 1.15.6

Code (Text):

cmupdate
No local changes to save
Updating 44c465f..0b5bf30
Fast-forward
 centmin.sh                                                            |   33 +-
 example/custom_config.inc                                             |   14 +-
 inc/brotli.inc                                                        |    2 +-
 inc/compress.inc                                                      |  148 ++++++--
 inc/downloadlinks.inc                                                 |    4 +
 inc/downloads.inc                                                     |   34 ++
 inc/luajit.inc                                                        |    7 +-
 inc/mainmenu_cli.inc                                                  |    5 +-
 inc/mod_security.inc                                                  |    3 +-
 inc/nginx_configure.inc                                               |   31 +-
 inc/openssl_install.inc                                               |   26 ++
 inc/siegeinstall.inc                                                  |    1 +
 inc/tcp.inc                                                           |    6 +
 inc/wpsetup-fastcgi-cache.inc                                         | 3293 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 inc/wpsetup.inc                                                       |    7 +-
 patches/openssl/OpenSSL-1.1.1-ECDSA-signature-gen-CVE-2018-0735.patch |   24 ++
 stackscripts/stackscript.sh                                           |   11 +-
 17 files changed, 3585 insertions(+), 64 deletions(-)
 create mode 100644 inc/wpsetup-fastcgi-cache.inc
 create mode 100644 patches/openssl/OpenSSL-1.1.1-ECDSA-signature-gen-CVE-2018-0735.patch

Updating Nginx

After Centmin Mod is updated, run centmin.sh menu option 4 to update to Nginx 1.15.6

Code (Text):

--------------------------------------------------------
     Centmin Mod Menu 123.09beta01 centminmod.com  
--------------------------------------------------------
1).  Centmin Install
2).  Add Nginx vhost domain
3).  NSD setup domain name DNS
4).  Nginx Upgrade / Downgrade
5).  PHP Upgrade / Downgrade
6).  XCache Re-install
7).  APC Cache Re-install
8).  XCache Install
9).  APC Cache Install
10). Memcached Server Re-install
11). MariaDB MySQL Upgrade & Management
12). Zend OpCache Install/Re-install
13). Install/Reinstall Redis PHP Extension
14). SELinux disable
15). Install/Reinstall ImagicK PHP Extension
16). Change SSHD Port Number
17). Multi-thread compression: pigz,pbzip2,lbzip2...
18). Suhosin PHP Extension install
19). Install FFMPEG and FFMPEG PHP Extension
20). NSD Install/Re-Install
21). Update - Nginx + PHP-FPM + Siege
22). Add Wordpress Nginx vhost + Cache Plugin
23). Update Centmin Mod Code Base
24). Exit
--------------------------------------------------------
Enter option [ 1 - 24 ] 4
--------------------------------------------------------

Code (Text):

Do you want to run YUM install checks ?  [y/n]

This will increase your upgrade duration time wise.
Check the change log centminmod.com/changelog.html
to see if any Nginx or PHP related new additions
which require checking YUM prequisites are met.
If no new additions made, you can skip the
YUM install check to speed up upgrade time.

 [y/n]: n
**********************************************************************
* Nginx Update script - Included in Centmin Extras
* Version: 123.09beta01.b068 - Date: 31/10/2018 - Copyright 2011-2018 CentminMod.com
**********************************************************************

This software comes with no warranty of any kind. You are free to use
it for both personal and commercial use as licensed under the GPL.

Code (Text):

Nginx Upgrade - Would you like to continue? [y/n] y

Install which version of Nginx? (version i.e. type 1.15.5): 1.15.6