Debian Package Tracker

From: Christos Trochalakis <yatiohi@ideopolis.gr>
To: <debian-changes@lists.debian.org>
Subject: Accepted nginx 1.6.2-5+deb8u3 (source all amd64) into proposed-updates->stable-new, proposed-updates
Date: Fri, 28 Oct 2016 20:11:36 +0000
Signed by: Florian Weimer <fw@deneb.enyo.de>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Tue, 04 Oct 2016 15:20:33 +0300
Source: nginx
Binary: nginx nginx-doc nginx-common nginx-full nginx-full-dbg nginx-light nginx-light-dbg nginx-extras nginx-extras-dbg
Architecture: source all amd64
Version: 1.6.2-5+deb8u3
Distribution: jessie-security
Urgency: high
Maintainer: Kartik Mistry <kartik@debian.org>
Changed-By: Christos Trochalakis <yatiohi@ideopolis.gr>
Description:
 nginx      - small, powerful, scalable web/proxy server
 nginx-common - small, powerful, scalable web/proxy server - common files
 nginx-doc  - small, powerful, scalable web/proxy server - documentation
 nginx-extras - nginx web/proxy server (extended version)
 nginx-extras-dbg - nginx web/proxy server (extended version) - debugging symbols
 nginx-full - nginx web/proxy server (standard version)
 nginx-full-dbg - nginx web/proxy server (standard version) - debugging symbols
 nginx-light - nginx web/proxy server (basic version)
 nginx-light-dbg - nginx web/proxy server (basic version) - debugging symbols
Closes: 826167
Changes:
 nginx (1.6.2-5+deb8u3) jessie-security; urgency=high
 .
   [ Christos Trochalakis ]
   * debian/nginx-common.postinst:
     + CVE-2016-1247: Secure log file handling (owner & permissions)
       against privilege escalation attacks. /var/log/nginx is now owned
       by root:adm. Thanks ro Dawid Golunski for the report.
       Changing /var/log/nginx permissions effectively reopens #701112,
       since log files can be world-readable. This is a trade-off until
       a better log opening solution is implemented upstream (trac:376).
   * debian/control:
     Don't allow building against liblua5.1-0-dev on architectures
     that libluajit is available. (Closes: #826167)
Checksums-Sha1:
 0aa2c6e8bdda2f8025170bf9aad9c0cff3d2d897 2620 nginx_1.6.2-5+deb8u3.dsc
 6e6e3eb68e31764f9dfd0fd59c17cd2207bb01d7 610628 nginx_1.6.2-5+deb8u3.debian.tar.xz
 dbaab175d9c444e634a1005f0c34bc7c0dba8bcf 72496 nginx_1.6.2-5+deb8u3_all.deb
 dbf6ea742018b8e6c352edb6ae66d351eff276c2 83840 nginx-doc_1.6.2-5+deb8u3_all.deb
 d49cbc06875d2b789b564d24e9a71feff178b02d 87800 nginx-common_1.6.2-5+deb8u3_all.deb
 3678b791775305bdfcfd9d510003ec8ffa6248c6 430122 nginx-full_1.6.2-5+deb8u3_amd64.deb
 e335b864c0be2a39a49d2c02f58325ddd8fae071 3149702 nginx-full-dbg_1.6.2-5+deb8u3_amd64.deb
 f90fc63d4799ff5ad8e80de808e90ef975475dc0 332906 nginx-light_1.6.2-5+deb8u3_amd64.deb
 8b39026b53b5207a4c3954826a013bc3e5e4c53a 2176364 nginx-light-dbg_1.6.2-5+deb8u3_amd64.deb
 ac234f175906f6eadc3c93105db0ef2bb5292941 595470 nginx-extras_1.6.2-5+deb8u3_amd64.deb
 ab2bf53144c8eacbb743e212d85175923bb6ab60 4973188 nginx-extras-dbg_1.6.2-5+deb8u3_amd64.deb
Checksums-Sha256:
 1dfa2016bd9734508ca6c90836d6dbde78f6e732dc95a0db1bab656abd2a9e88 2620 nginx_1.6.2-5+deb8u3.dsc
 fa6bec49ed92fa425b8c8039590d07ef1d6ebd929cfe35040032c6912773d45c 610628 nginx_1.6.2-5+deb8u3.debian.tar.xz
 585e181063586347efa8f5cdca83c644000852cb195a52f884e115a881a0c035 72496 nginx_1.6.2-5+deb8u3_all.deb
 03b785335c927368c97c26056350b58ca44fe53caf0dceacf014650c72f13a75 83840 nginx-doc_1.6.2-5+deb8u3_all.deb
 562ab26445af01c7d3597f9f8ffe88ee811f65f1bc01f362bb05b14adfa94b4c 87800 nginx-common_1.6.2-5+deb8u3_all.deb
 4e7d0c7850e6161eca70f61bd2eb4e4ae8ee3862697b5e4d1e92850da7a52b0a 430122 nginx-full_1.6.2-5+deb8u3_amd64.deb
 6f96437fefa7eea622f0a84d1ceb4907ada09cf009273817eae524d55beb834a 3149702 nginx-full-dbg_1.6.2-5+deb8u3_amd64.deb
 9933980f6a4b125b2bc9f8e8e50189128645d6f32cdf4b41f295fe5be8ba9e7c 332906 nginx-light_1.6.2-5+deb8u3_amd64.deb
 295d5bb6062718bb057dda087aef79ce40ec55023a1928b939a13d90ed751a1f 2176364 nginx-light-dbg_1.6.2-5+deb8u3_amd64.deb
 2baa37191a9be0bf337ed8876a55fcc820d167877f4ab669a5a84771b74eeb9b 595470 nginx-extras_1.6.2-5+deb8u3_amd64.deb
 154677269810c40f094469e68225dc1a65cfdab7794f3e4a7c9f8914cf1f3b0f 4973188 nginx-extras-dbg_1.6.2-5+deb8u3_amd64.deb
Files:
 8aa5274939551024c085f8f99a76bc66 2620 httpd optional nginx_1.6.2-5+deb8u3.dsc
 b7ee688085cda22cc9d868856ff779a9 610628 httpd optional nginx_1.6.2-5+deb8u3.debian.tar.xz
 057a53bf06a09baea134fa44cb720598 72496 httpd optional nginx_1.6.2-5+deb8u3_all.deb
 84b13f55a979514c60f29e191413c3a9 83840 doc optional nginx-doc_1.6.2-5+deb8u3_all.deb
 deccd4a8a1590d177e5bd21b49c92010 87800 httpd optional nginx-common_1.6.2-5+deb8u3_all.deb
 9aab35a12928202adc46c57cfcb6e7e1 430122 httpd optional nginx-full_1.6.2-5+deb8u3_amd64.deb
 a2a7e7445bf32e7ddf6ebb52e381936a 3149702 debug extra nginx-full-dbg_1.6.2-5+deb8u3_amd64.deb
 e1edb100933255670b1d6caafeb333f9 332906 httpd extra nginx-light_1.6.2-5+deb8u3_amd64.deb
 6e963b034a358d5a00ea832e2e1551a1 2176364 debug extra nginx-light-dbg_1.6.2-5+deb8u3_amd64.deb
 22a75d38105e4875595f70dbdd755537 595470 httpd extra nginx-extras_1.6.2-5+deb8u3_amd64.deb
 1fd0e8a7f049c5e9c7ba5c631e165632 4973188 debug extra nginx-extras-dbg_1.6.2-5+deb8u3_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJYDnDKAAoJEL97/wQC1SS+3mcH/2rpcq2L5siYkVMzZvluL9dI
rO9zdgY+pqujQI56HbSwQ6kzJD5g85r2xB2RBKrsTil9j8cweELt+4KZMi7lISTs
WA8vaA0svBWeBIDLPT2RR7zLPrYZvYM/gq5Xu7KRQeG2AwLrML2HcXgZHreCd458
Pd7an9LlaL1STLlhyxrKbp18faOEI5T/39B/n/dTGzkFdp5rwBSndIgzuUHChlOC
60+GouvlPymfpl5B6jz+QaoeCoKm8sWg4nqYZDfrzYESPOJH+BqSlTlOa2UYT4Km
qEJyEVckrxn72kDHmjn5UN77H9veYzmTGme4VeuLFPDF/hdqboLcyjV70+9Nk5U=
=2jP1
-----END PGP SIGNATURE-----
News for package nginx
