[Heads-up] nginx 1.20.1 to replace 1.16.1 in EPEL 7, changes to log file permissions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Note: This affects EPEL 7 only. Nginx is not delivered through EPEL for EL8.



Greetings,



This is a friendly heads-up that nginx will see a major version upgrade in EPEL 7 soon.



Due to existing CVEs (most recently, CVE-2021-23017) affecting the unmaintained 1.16 version stream I am replacing nginx 1.16.1 currently in EPEL 7 with version 1.20.1.



To fix another CVE (CVE-2016-1247) the permissions on the log folder /var/log/nginx have changed to root:root and mode 700.



While my testing showed that this will not break nginx logging, it may affect applications other than nginx that access nginx log files. So please plan accordingly if this use case applies to you.



No breaking config changes should have occurred between these versions, but I am obviously unable to test every use case out there. So please use the next 14 days the update will sit in epel-testing to do some testing in your environment.



Furthermore this update is built against OpenSSL 1.1, so TLSv1.3 is now available in nginx on EL7.



I have provided a relatively comprehensive change log in the Bodhi update: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c64b965c33



I appreciate your testing efforts and any feedback you can provide.



Thanks and regards,

Felix
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure




[Index of Archives]     [Fedora Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Announce]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Linux Apps]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux