[ANN] ngx_openresty devel version 1.2.8.1 released

2013-04-26 Thread agentzh
Hello guys! I am excited to announce that the new development version of ngx_openresty, 1.2.8.1, is now released: http://openresty.org/#Download Special thanks go to all our contributors and users for helping make this release happen! Below is the complete change log for this release, as co

nginx openssl compilation problem

2013-04-26 Thread Fleshgrinder
Hello, I'm desparately trying to compile the latest nginx with the latest OpenSSL. In short I'm grabbing the latest nginx tar.gz (1.4.0 but had the same problem with 1.3.16) and the latest OpenSSL tar.gz (1.0.1e but have the same problem with 1.0.1d) extract them and want to compile them. Everythi

Nginx as Reverse Proxy Cache of fcgi django app in separate server

2013-04-26 Thread Alvaro Mantilla Gimenez
Hi, I've been looking on Internet about this but seems all the examples available are for a proxy conf or fcgi conf. Not both. This is my scenario: I have three servers. The first one run only nginx (and it should be the entry point for my websites) and the other two servers run django apps

Re: Integer overflow in ngx_http_close_connection

2013-04-26 Thread Andrew Alexeev
On Apr 26, 2013, at 4:12 PM, Lukas Tribus wrote: > Hi! > >> Cfr. http://www.securityfocus.com/archive/1/526439/30/0/threaded >> >> Is 1.4.x release affected? > > I guess. Please see the "recent nginx security issue announce‏" thread. We are still investigating. So far we can't confirm it's a f

RE: Integer overflow in ngx_http_close_connection

2013-04-26 Thread Lukas Tribus
Hi! > Cfr. http://www.securityfocus.com/archive/1/526439/30/0/threaded > > Is 1.4.x release affected? I guess. Please see the "recent nginx security issue announce‏" thread. Cheers, Lukas ___ nginx mailing list ng

Integer overflow in ngx_http_close_connection

2013-04-26 Thread Davide D'Amico
Cfr. http://www.securityfocus.com/archive/1/526439/30/0/threaded Is 1.4.x release affected? Thanks, d. ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx

Config file templating

2013-04-26 Thread René Neumann
Hi, I'm in the mid of converting from lighttpd to nginx. There I have one small config snippet for each 'subsite' (it's personal only, so lots of different unrelated stuff). Unfortunately, quite often a snippet contains a location part that should go into the main server block and one server block

Re: recent nginx security issue announce

2013-04-26 Thread António P . P . Almeida
It seems that they don't know the meaning of responsible disclosure. They should have given you some time before going public. Unfortunately there are plenty of drama queens in the IT security field. All responsible disclosure be gone, for I want to have the attribution: first post is all that mat

recent nginx security issue announce

2013-04-26 Thread Maxim Konovalov
Hello, On behalf of the nginx team I want to let the community know that we are aware of the recent security announce[*] and working on the issue. We will share our conclusion when get more details about its nature and impact. * http://www.securityfocus.com/archive/1/526439/30/0/threaded -- Ma