commited, thanks On 16/07/26 11:15 +0200, Mark Patruck wrote: > Update to www/nginx 1.30.4 released yesterday fixing > > - buffer overflow vulnerability when using map with regex > (CVE-2026-42533) > > - memory disclosure vulnerability when using ngx_http_slice_module > (CVE-2026-60005) > > - use-after-free vulnerability when using ngx_http_ssi_module > (CVE-2026-56434) > > > Index: Makefile > =================================================================== > RCS file: /cvs/ports/www/nginx/Makefile,v > retrieving revision 1.206 > diff -u -p -r1.206 Makefile > --- Makefile 19 Jun 2026 11:56:42 -0000 1.206 > +++ Makefile 16 Jul 2026 09:13:39 -0000 > @@ -19,8 +19,7 @@ COMMENT-securelink= nginx HMAC secure li > COMMENT-stream= nginx TCP/UDP proxy module > COMMENT-xslt= nginx XSLT filter module > -VERSION= 1.30.3 > -REVISION-main= 0 > +VERSION= 1.30.4 > DISTNAME= nginx-${VERSION} > CATEGORIES= www > Index: distinfo > =================================================================== > RCS file: /cvs/ports/www/nginx/distinfo,v > retrieving revision 1.100 > diff -u -p -r1.100 distinfo > --- distinfo 18 Jun 2026 04:59:10 -0000 1.100 > +++ distinfo 16 Jul 2026 09:13:39 -0000 > @@ -4,7 +4,7 @@ SHA256 (kvspb-nginx-auth-ldap-83c059b735 > SHA256 (leev-ngx_http_geoip2_module-3.4.tar.gz) = rXL8IzSNcVozCZSYRTH6ubNgbhYEgyNnN/mkppV9lFI= > SHA256 (nbs-system-naxsi-d714f1636ea49a9a9f4f06dba14aee003e970834.tar.gz) = 2+IXdBFFfxy6mO5Gc84xh2mUrQa9zl7MDuZjhO8OQg4= > SHA256 (nginx-1.30.0-chroot.patch) = verI7zwpFLZwG4rOIswpPlZUB1if66TDGL3HN2/RUAU= > -SHA256 (nginx-1.30.3.tar.gz) = 5YI9xvRWEJk975Pr9s/OaCZK9JWMd+h0t9IPNwkAG48= > +SHA256 (nginx-1.30.4.tar.gz) = QmHckOnkfBxAQSdumqo9SOvi5mT3KOFPqVrmxn1XoIs= > SHA256 (nginx-modules-ngx_http_hmac_secure_link_module-48c4625fbbf51ed5a95bfec23fa444f6c3702e50.tar.gz) = ZXpA2rODS1enIREzlD1OqWwpWcv3NOUXH4eUOgOAmqg= > SHA256 (nginx-njs-0.9.1.tar.gz) = YTZe6mnGhi/IpbXfUxUDrklJn2vNWvkySWuEhQooJKQ= > SHA256 (openresty-headers-more-nginx-module-v0.34.tar.gz) = DA0s7SzolbP0XrKyMM2QUIqyp3MpnxU94UpD5EwSCbM= > @@ -17,7 +17,7 @@ SIZE (kvspb-nginx-auth-ldap-83c059b73566 > SIZE (leev-ngx_http_geoip2_module-3.4.tar.gz) = 8877 > SIZE (nbs-system-naxsi-d714f1636ea49a9a9f4f06dba14aee003e970834.tar.gz) = 237272 > SIZE (nginx-1.30.0-chroot.patch) = 8217 > -SIZE (nginx-1.30.3.tar.gz) = 1325830 > +SIZE (nginx-1.30.4.tar.gz) = 1328314 > SIZE (nginx-modules-ngx_http_hmac_secure_link_module-48c4625fbbf51ed5a95bfec23fa444f6c3702e50.tar.gz) = 6159 > SIZE (nginx-njs-0.9.1.tar.gz) = 966480 > SIZE (openresty-headers-more-nginx-module-v0.34.tar.gz) = 28827 > > > -- > Mark Patruck ( mark at wrapped.cx ) > GPG key 0xF2865E51 / 187F F6D3 EE04 1DCE 1C74 F644 0D3C F66F F286 5E51 > https://www.wrapped.cx -- Regards, Robert Nagy
No comments:
Post a Comment