DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixes for CVE-2018-16843, CVE-2018-16844, CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516 (#4440)

Browse source
This commit is contained in:
Manuel Alejandro de Brito Fontes 2019-08-13 16:30:41 -04:00 committed by GitHub
parent c4930c9124
commit 333d9fd48d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 143 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

6
images/nginx/rootfs/build.sh
View file

@ -376,6 +376,12 @@ Include /etc/nginx/owasp-modsecurity-crs/rules/RESPONSE-999-EXCLUSION-RULES-AFTE
# build nginx
cd "$BUILD_PATH/openresty-$OPENRESTY_VERSION"
echo "Patching NGINX for CVE-2018-16843, CVE-2018-16844, CVE-2019-9511, CVE-2019-9513, and CVE-2019-9516"
# Upstream change https://github.com/openresty/openresty/pull/515
# TODO: remove after openresty release
cat /patches/patch.2019.h2.txt | patch -d bundle/nginx-1.15.8/ -p0
rm -rf /patches
WITH_FLAGS="--with-debug \
--with-compat \
--with-pcre-jit \