Debian Package Tracker
Register | Log in
Subscribe

nginx

small, powerful, scalable web/proxy server

Choose email to subscribe with

general
  • source: nginx (main)
  • version: 1.22.1-5
  • maintainer: Debian Nginx Maintainers (archive) (DMD)
  • uploaders: Jan Mojžíš [DMD] [DM]
  • arch: all any
  • std-ver: 4.6.1
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 1.10.3-1+deb9u4
  • o-o-sec: 1.10.3-1+deb9u7
  • o-o-bpo: 1.14.1-1~bpo9+1
  • oldstable: 1.14.2-2+deb10u4
  • old-sec: 1.14.2-2+deb10u5
  • stable: 1.18.0-6.1+deb11u2
  • stable-sec: 1.18.0-6.1+deb11u3
  • testing: 1.22.1-5
  • unstable: 1.22.1-5
  • exp: 1.22.1-6~exp1
versioned links
  • 1.10.3-1+deb9u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.10.3-1+deb9u7: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.14.1-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.14.2-2+deb10u4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.14.2-2+deb10u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.18.0-6.1+deb11u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.18.0-6.1+deb11u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.22.1-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 1.22.1-6~exp1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libnginx-mod-http-geoip (1 bugs: 0, 1, 0, 0)
  • libnginx-mod-http-image-filter
  • libnginx-mod-http-perl
  • libnginx-mod-http-xslt-filter
  • libnginx-mod-mail
  • libnginx-mod-stream
  • libnginx-mod-stream-geoip (1 bugs: 0, 1, 0, 0)
  • nginx (11 bugs: 0, 7, 4, 0)
  • nginx-common (7 bugs: 0, 6, 1, 0)
  • nginx-core
  • nginx-dev (2 bugs: 0, 1, 1, 0)
  • nginx-doc
  • nginx-extras (6 bugs: 0, 3, 3, 0)
  • nginx-full
  • nginx-light (1 bugs: 0, 1, 0, 0)
action needed
1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:
  • CVE-2013-0337: The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
Created: 2022-07-04 Last update: 2023-02-04 03:30
1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:
  • CVE-2013-0337: The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
Created: 2022-07-04 Last update: 2023-02-04 03:30
lintian reports 1 error and 3 warnings high
Lintian reports 1 error and 3 warnings about this package. You should make the package lintian clean getting rid of them.
Created: 2022-12-21 Last update: 2023-02-03 06:04
6 bugs tagged patch in the BTS normal
The BTS contains patches fixing 6 bugs (13 if counting merged bugs), consider including or untagging them.
Created: 2022-07-27 Last update: 2023-02-06 22:32
version in VCS is newer than in repository, is it time to upload? normal
vcswatch reports that this package seems to have a new changelog entry (version 1.22.1-6, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:
commit b6e0209bf2610c27e80da131869140c2ddbf4374
Merge: 820fb1e 7ceb830
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Mon Jan 23 07:15:59 2023 +0000

    Merge branch 'noquilt' into 'master'
    
    B-D: remove quilt, no longer needed
    
    See merge request nginx-team/nginx!58

commit 820fb1eaabf258509568bffd34d1111df8ca8fee
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Mon Jan 23 08:13:48 2023 +0100

    revert warnings d/nginx-{light,core,extras,full}.postinst

commit f7740951fbc9cbbeed40b5d242c35be906bddbe9
Author: Jérémy Lal <kapouer@melix.org>
Date:   Sun Jan 22 13:16:21 2023 +0100

    Remove very old README.Debian

commit 7ceb830e66c96ea65205c4fe2b54ab02651d67cf
Author: Jérémy Lal <kapouer@melix.org>
Date:   Sun Jan 22 13:09:10 2023 +0100

    B-D: remove quilt, no longer needed

commit b0a64680b596e5280e2c9fb1b349a716a9b12ff4
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Sat Jan 21 16:30:49 2023 +0100

    d/control: remove dependency on obsolete package lsb-base

commit 980bcea7f631d9eb27ccfbafb7dfc9cbfc3eafcc
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Fri Jan 13 17:30:14 2023 +0100

    d/po/it.po: add

commit d720b646a52523ddcb276c3802dcd359dbe1552f
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Thu Jan 12 18:50:32 2023 +0100

    d/copyright fix GPL2

commit 1088db1699d898097dbadd7ed64aee53a4e78471
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Thu Jan 12 18:19:26 2023 +0100

    d/control: fix dependencies for safe binNMU

commit 93739358832968a240786a00f295849c6f662954
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Thu Jan 12 18:17:16 2023 +0100

    d/control fix nginx-common dependency

commit 6bab81e56d5dfbcd9633a11135de7a1d68e8beb7
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Thu Jan 12 18:05:11 2023 +0100

    d/changelog fix whitespace

commit 94f4fc97bb4d388d6e5d900f19bc01708330e998
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Thu Jan 12 17:53:39 2023 +0100

    d/copyright: add missing copyright for debian/help/examples/nginx_modsite

commit 8fefc3d77b6144dd642ddba19baf377ead222681
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Thu Jan 12 17:46:39 2023 +0100

    d/copyright: add missing GPL-2+ copyright for debian/debhelper/dh_nginx

commit a71d85a87f09fefdc6df2a0e04c123793e88a281
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Thu Jan 12 17:42:09 2023 +0100

    d/copyright: add missing copyright for debian/apport/*

commit 9cb0e1d9ee0adfd5ec69e352ace644764d3822d7
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Thu Jan 12 17:36:18 2023 +0100

    d/copyright: update debian/* copyright

commit 16ee97c874796762585e841117be55759fa16a1c
Merge: c412740 7e238bf
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Thu Jan 12 16:23:25 2023 +0000

    Merge branch 'onlycoreflavour' into 'master'
    
    add nginx-bin package and replace core/light/extras by a dependency package
    
    See merge request nginx-team/nginx!53

commit 7e238bfad98f1bdd1cfd05f169a0f52bb2e82809
Author: Jan Mojžíš <jan.mojzis@gmail.com>
Date:   Thu Jan 12 16:23:24 2023 +0000

    add nginx-bin package and replace core/light/extras by a dependency package
    and fix dependencies for safe binNMU
Created: 2023-01-12 Last update: 2023-02-06 19:56
Does not build reproducibly during testing normal
A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!
Created: 2022-12-22 Last update: 2023-02-06 18:00
No known security issue in bullseye wishlist

There are 2 open security issues in bullseye.

2 ignored issues:
  • CVE-2013-0337: The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
  • CVE-2020-36309: ngx_http_lua_module (aka lua-nginx-module) before 0.10.16 in OpenResty allows unsafe characters in an argument when using the API to mutate a URI, or a request or response header.
Created: 2022-07-04 Last update: 2023-02-04 03:30
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.6.1).
Created: 2022-12-17 Last update: 2022-12-20 18:53
news
[rss feed]
  • [2023-02-04] Accepted nginx 1.22.1-6~exp1 (source) into experimental (Jan Mojžíš)
  • [2022-12-23] nginx 1.22.1-5 MIGRATED to testing (Debian testing watch)
  • [2022-12-20] Accepted nginx 1.22.1-5 (source) into unstable (Jan Mojžíš)
  • [2022-12-20] nginx 1.22.1-4 MIGRATED to testing (Debian testing watch)
  • [2022-12-08] Accepted nginx 1.22.1-4 (source) into unstable (Jan Mojžíš)
  • [2022-12-05] Accepted nginx 1.22.1-3 (source) into unstable (Jan Mojžíš)
  • [2022-12-03] Accepted nginx 1.22.1-3~exp1 (source) into experimental (Jan Mojžíš)
  • [2022-12-03] nginx 1.22.1-2 MIGRATED to testing (Debian testing watch)
  • [2022-11-30] Accepted nginx 1.22.1-2 (source) into unstable (Jan Mojžíš)
  • [2022-11-28] Accepted nginx 1.22.1-2~exp2 (source) into experimental (Jan Mojžíš)
  • [2022-11-26] Accepted nginx 1.22.1-2~exp1 (source) into experimental (Jan Mojžíš)
  • [2022-11-22] Accepted nginx 1.14.2-2+deb10u5 (source) into oldstable (Markus Koschany)
  • [2022-11-19] Accepted nginx 1.18.0-6.1+deb11u3 (source) into proposed-updates (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
  • [2022-11-15] Accepted nginx 1.18.0-6.1+deb11u3 (source) into stable-security (Debian FTP Masters) (signed by: Moritz Mühlenhoff)
  • [2022-11-14] nginx 1.22.1-1 MIGRATED to testing (Debian testing watch)
  • [2022-11-10] Accepted nginx 1.22.1-1 (source) into unstable (Jan Mojžíš)
  • [2022-10-28] Accepted nginx 1.22.1-1~exp2 (source) into experimental (Jan Mojžíš)
  • [2022-10-27] Accepted nginx 1.22.1-1~exp1 (source) into experimental (Jan Mojžíš)
  • [2022-10-17] nginx 1.22.0-3.1 MIGRATED to testing (Debian testing watch)
  • [2022-10-15] Accepted nginx 1.22.0-3.1 (source) into unstable (Michael Biebl)
  • [2022-08-29] nginx 1.22.0-3 MIGRATED to testing (Debian testing watch)
  • [2022-08-17] Accepted nginx 1.22.0-3 (source) into unstable (Jan Mojžíš)
  • [2022-08-07] Accepted nginx 1.22.0-2 (source amd64 all) into unstable (Jan Mojžíš) (signed by: Jérémy Lal)
  • [2022-07-23] Accepted nginx 1.22.0-2~exp4 (source) into experimental (Jan Mojžíš)
  • [2022-07-20] Accepted nginx 1.22.0-2~exp3 (source) into experimental (Jan Mojžíš)
  • [2022-07-19] Accepted nginx 1.22.0-2~exp2 (source) into experimental (Jan Mojžíš)
  • [2022-07-18] Accepted nginx 1.22.0-2~exp1 (source amd64 all) into experimental, experimental (Debian FTP Masters) (signed by: bage@debian.org)
  • [2022-07-13] nginx 1.22.0-1 MIGRATED to testing (Debian testing watch)
  • [2022-07-10] Accepted nginx 1.22.0-1 (source) into unstable (Thomas Ward)
  • [2022-05-30] Accepted nginx 1.22.0-1~exp2 (source) into experimental (Jan Mojžíš)
  • 1
  • 2
bugs [bug history graph]
  • all: 38 45
  • RC: 0
  • I&N: 22
  • M&W: 14 21
  • F&P: 2
  • patch: 6 13
links
  • homepage
  • lintian (1, 3)
  • buildd: logs, exp, reproducibility, cross
  • popcon
  • browse source code
  • edit tags
  • other distros
  • security tracker
  • screenshots
  • l10n (100, -)
  • debci
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 1.22.0-1ubuntu2
  • 17 bugs (1 patch)
  • patches for 1.22.0-1ubuntu2

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing