AU: 1 updated - nginx-service

[skip ci] https://gist.github.com/Pilskalns/1b0f0584554f6e98b14aca7f2fec2230/68e35bdff80951a1b740deb7e2e5a59878f9eaff

nginx-service/nginx-service.nuspec

@@ -4,7 +4,7 @@
   <metadata>
 	<!-- == PACKAGE SPECIFIC SECTION == -->
     <id>nginx-service</id>
-    <version>1.26.0</version>
+    <version>1.26.1</version>
     <packageSourceUrl>https://github.com/Pilskalns/choco-au-packages/tree/master/nginx-service</packageSourceUrl>
     <owners>Andzs Pilskalns</owners>
 	<!-- == SOFTWARE SPECIFIC SECTION == -->
@@ -57,7 +57,21 @@ On default, the service will autostart with Windows. To disable this use Service
 
 See the [nginx.org](https://nginx.org) for more detailed documentation.
 ]]></description>
-	<releaseNotes><![CDATA[*) 1.26.x stable branch.]]></releaseNotes>
+	<releaseNotes><![CDATA[*) Security: when using HTTP/3, processing of a specially crafted QUIC
+   session might cause a worker process crash, worker process memory
+   disclosure on systems with MTU larger than 4096 bytes, or might have
+   potential other impact (CVE-2024-32760, CVE-2024-31079,
+   CVE-2024-35200, CVE-2024-34161).
+   Thanks to Nils Bars of CISPA.
+
+*) Bugfix: reduced memory consumption for long-lived requests if "gzip",
+   "gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
+
+*) Bugfix: nginx could not be built by gcc 14 if the --with-atomic
+   option was used.
+   Thanks to Edgar Bonet.
+
+*) Bugfix: in HTTP/3.]]></releaseNotes>
     <dependencies>
 		  <dependency id="nssm" version="2.24.0" />
     </dependencies>

nginx-service/nginx-service.nuspec.mainline

@@ -4,7 +4,7 @@
   <metadata>
 	<!-- == PACKAGE SPECIFIC SECTION == -->
     <id>nginx-service</id>
-    <version>1.25.5-mainline</version>
+    <version>1.27.0-mainline</version>
     <packageSourceUrl>https://github.com/Pilskalns/choco-au-packages/tree/master/nginx-service</packageSourceUrl>
     <owners>Andzs Pilskalns</owners>
 	<!-- == SOFTWARE SPECIFIC SECTION == -->
@@ -57,24 +57,25 @@ On default, the service will autostart with Windows. To disable this use Service
 
 See the [nginx.org](https://nginx.org) for more detailed documentation.
 ]]></description>
-	<releaseNotes><![CDATA[*) Feature: virtual servers in the stream module.
+	<releaseNotes><![CDATA[*) Security: when using HTTP/3, processing of a specially crafted QUIC
+   session might cause a worker process crash, worker process memory
+   disclosure on systems with MTU larger than 4096 bytes, or might have
+   potential other impact (CVE-2024-32760, CVE-2024-31079,
+   CVE-2024-35200, CVE-2024-34161).
+   Thanks to Nils Bars of CISPA.
 
-*) Feature: the ngx_stream_pass_module.
+*) Feature: variables support in the "proxy_limit_rate",
+   "fastcgi_limit_rate", "scgi_limit_rate", and "uwsgi_limit_rate"
+   directives.
 
-*) Feature: the "deferred", "accept_filter", and "setfib" parameters of
-   the "listen" directive in the stream module.
+*) Bugfix: reduced memory consumption for long-lived requests if "gzip",
+   "gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
 
-*) Feature: cache line size detection for some architectures.
-   Thanks to Piotr Sikora.
+*) Bugfix: nginx could not be built by gcc 14 if the --with-atomic
+   option was used.
+   Thanks to Edgar Bonet.
 
-*) Feature: support for Homebrew on Apple Silicon.
-   Thanks to Piotr Sikora.
-
-*) Bugfix: Windows cross-compilation bugfixes and improvements.
-   Thanks to Piotr Sikora.
-
-*) Bugfix: unexpected connection closure while using 0-RTT in QUIC.
-   Thanks to Vladimir Khomutov.]]></releaseNotes>
+*) Bugfixes in HTTP/3.]]></releaseNotes>
     <dependencies>
 		  <dependency id="nssm" version="2.24.0" />
     </dependencies>

nginx-service/nginx-service.nuspec.stable

@@ -4,7 +4,7 @@
   <metadata>
 	<!-- == PACKAGE SPECIFIC SECTION == -->
     <id>nginx-service</id>
-    <version>1.26.0</version>
+    <version>1.26.1</version>
     <packageSourceUrl>https://github.com/Pilskalns/choco-au-packages/tree/master/nginx-service</packageSourceUrl>
     <owners>Andzs Pilskalns</owners>
 	<!-- == SOFTWARE SPECIFIC SECTION == -->
@@ -57,7 +57,21 @@ On default, the service will autostart with Windows. To disable this use Service
 
 See the [nginx.org](https://nginx.org) for more detailed documentation.
 ]]></description>
-	<releaseNotes><![CDATA[*) 1.26.x stable branch.]]></releaseNotes>
+	<releaseNotes><![CDATA[*) Security: when using HTTP/3, processing of a specially crafted QUIC
+   session might cause a worker process crash, worker process memory
+   disclosure on systems with MTU larger than 4096 bytes, or might have
+   potential other impact (CVE-2024-32760, CVE-2024-31079,
+   CVE-2024-35200, CVE-2024-34161).
+   Thanks to Nils Bars of CISPA.
+
+*) Bugfix: reduced memory consumption for long-lived requests if "gzip",
+   "gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
+
+*) Bugfix: nginx could not be built by gcc 14 if the --with-atomic
+   option was used.
+   Thanks to Edgar Bonet.
+
+*) Bugfix: in HTTP/3.]]></releaseNotes>
     <dependencies>
 		  <dependency id="nssm" version="2.24.0" />
     </dependencies>

nginx-service/tools/VERIFICATION.ps1

@@ -18,7 +18,7 @@ Invoke-WebRequest "https://nginx.org/keys/mdounin.key" -UseBasicParsing -OutFile
 
 # Get original signature from
 # https://nginx.org/en/download.html
-Invoke-WebRequest "https://nginx.org/download/nginx-1.26.0.zip.asc" -UseBasicParsing -OutFile "$toolsDir\..\bin\nginx-1.26.0.zip.asc"
+Invoke-WebRequest "https://nginx.org/download/nginx-1.26.1.zip.asc" -UseBasicParsing -OutFile "$toolsDir\..\bin\nginx-1.26.1.zip.asc"
 
 ### Preperation
 # Check that we have GPG 
@@ -27,4 +27,4 @@ choco install gpg4win -y | out-null
 ### Verify
 # Import keys and verify ZIP file against the signature
 gpg --import "$toolsDir\..\bin\mdounin.key"
-gpg --verify "$toolsDir\..\bin\nginx-1.26.0.zip.asc" "$toolsDir\..\bin\nginx.zip"
+gpg --verify "$toolsDir\..\bin\nginx-1.26.1.zip.asc" "$toolsDir\..\bin\nginx.zip"

nginx-service/tools/VERIFICATION.txt

@@ -3,12 +3,12 @@ VERIFICATION
 Nginx for each release provide a ZIP file and .asc signature file.
 Files are listed on the official page http://nginx.org/en/download.html
 
-This package bin\ content includes the release ZIP file, obtained from https://nginx.org/download/nginx-1.26.0.zip
+This package bin\ content includes the release ZIP file, obtained from https://nginx.org/download/nginx-1.26.1.zip
 
 Package also includes VERIFICATION.ps1, which essentially does the following:
 
     1. Downloads Maxim Dounin’s publick key from https://nginx.org/en/pgp_keys.html
-    2. Downloads signature for this release: https://nginx.org/download/nginx-1.26.0.zip.asc
+    2. Downloads signature for this release: https://nginx.org/download/nginx-1.26.1.zip.asc
     3. Verifies signature authenticity against bin\nginx.zip
 
 File 'LICENSE.txt' is obtained from <https://nginx.org/LICENSE>