NGINX in Ubuntu

Thomas Ward teward at ubuntu.com
Sat Dec 17 15:14:15 UTC 2016 

Jon,

Thanks for your reply.

I think it is reasonable to attempt to include the code as well.  I will
work on diffs, and then ping the SRU team to look at it once my own
build tests and update/upgrade testing is confirmed to not break anything.

That said, there's a huge snow/ice storm that just rolled through, so
power is spotty at my location - won't be able to get to this until the
electricity stabilizes (it's got some periods of being out while mostly
being on).


Thomas


On 12/15/2016 04:12 PM, Jon Grimm wrote:
> Hi Thomas,
>
> As 16.04 is an LTS with a whole lot of life yet to it, I think its
> reasonable to consider bringing it back to Xenial.   
>
> As you have a lot more experience with nginx you can help assess
> whether it meets the SRU micro-release exception even:
>
>     https://wiki.ubuntu.com/StableReleaseUpdates#New_upstream_microreleases
>
>
> Obviously, we want to be very cautious with the LTS in not regressing
> anyone, but looking through your changelog it seems reasonable to
> attempt it.   
>
> Thank you for your looking after diligent looking after of nginx; I
> greatly appreciate it!
>
>
> On Thu, Dec 15, 2016 at 11:27 AM, Thomas Ward <teward at ubuntu.com
> <mailto:teward at ubuntu.com>> wrote:
>
>     Hello to all on the Server Team!
>
>     Just to put this out of the way: The nginx merge from Debian is
>     currently giving build errors, so I am going to upload a 1.10.2
>     directly to Zesty, the same as we did during the Yakkety and
>     Xenial cycles.  That way, we get nginx 1.10.2 available for Zesty.
>
>     However, it was initially requested via a bug on Launchpad to
>     update the version of nginx in Xenial (and by extension, Yakkety)
>     to 1.10.2 as well.  [1]  For now, I've marked those tasks as
>     "Won't Fix" because I wanted to touch base with the Server Team
>     first on this.
>
>     This request to update to 1.10.2 would include the following
>     changes from Upstream:
>
>     Changes with nginx 1.10.2                                        18 Oct 2016
>
>         *) Change: the "421 Misdirected Request" response now used when
>            rejecting requests to a virtual server different from one negotiated
>            during an SSL handshake; this improves interoperability with some
>            HTTP/2 clients when using client certificates.
>
>         *) Change: HTTP/2 clients can now start sending request body
>            immediately; the "http2_body_preread_size" directive controls size of
>            the buffer used before nginx will start reading client request body.
>
>         *) Bugfix: a segmentation fault might occur in a worker process when
>            using HTTP/2 and the "proxy_request_buffering" directive.
>
>         *) Bugfix: the "Content-Length" request header line was always added to
>            requests passed to backends, including requests without body, when
>            using HTTP/2.
>
>         *) Bugfix: "http request count is zero" alerts might appear in logs when
>            using HTTP/2.
>
>         *) Bugfix: unnecessary buffering might occur when using the "sub_filter"
>            directive; the issue had appeared in 1.9.4.
>
>         *) Bugfix: socket leak when using HTTP/2.
>
>         *) Bugfix: an incorrect response might be returned when using the "aio
>            threads" and "sendfile" directives; the bug had appeared in 1.9.13.
>
>         *) Workaround: OpenSSL 1.1.0 compatibility.
>
>
>     Note that the CVE update from 1.10.1 is already applied in Ubuntu
>     releases.  I coordinated with the Security team to make sure that
>     got pushed out in a timely manner.  1.10.1 introduces a few
>     changes, a lot of bugfixes, and a workaround for OpenSSL 1.1.0
>     compatibility.
>
>     I am not 100% sure whether we should be updating Xenial to
>     1.10.2.  Apart from the fact it is more than just a 'bug fix'
>     release, I'm not so sure whether we need all of these bug fixes in
>     Xenial.  Because I am unsure, I'd like Server Team member input on
>     how we should proceed.
>
>     Namely, should we consider updating nginx 1.10.2 in both Xenial
>     and Yakkety to get these bugfixes in?  And if we think we should,
>     we'll need SRU team approval.
>
>
>     Thomas Ward
>     Ubuntu Server Team Member
>     LP: https://launchpad.net/~teward <https://launchpad.net/%7Eteward>
>
>     [1]: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1636593
>     <https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1636593>
>
>
>     --
>     ubuntu-server mailing list
>     ubuntu-server at lists.ubuntu.com <mailto:ubuntu-server at lists.ubuntu.com>
>     https://lists.ubuntu.com/mailman/listinfo/ubuntu-server
>     <https://lists.ubuntu.com/mailman/listinfo/ubuntu-server>
>     More info: https://wiki.ubuntu.com/ServerTeam
>     <https://wiki.ubuntu.com/ServerTeam>
>
>
>
>
> -- 
> Jon Grimm
> Engineering Manager, Ubuntu Server
> Canonical Ltd

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-server/attachments/20161217/cc7509ea/attachment.html>

More information about the ubuntu-server mailing list