AU: 1 updated - nginx-service

[skip ci] https://gist.github.com/1b0f0584554f6e98b14aca7f2fec2230

nginx-service/nginx-service.nuspec

@@ -4,7 +4,7 @@
   <metadata>
 	<!-- == PACKAGE SPECIFIC SECTION == -->
     <id>nginx-service</id>
-    <version>1.20.0</version>
+    <version>1.20.1</version>
     <packageSourceUrl>https://github.com/Pilskalns/choco-au-packages/tree/master/nginx-service</packageSourceUrl>
     <owners>Andzs Pilskalns</owners>
 	<!-- == SOFTWARE SPECIFIC SECTION == -->
@@ -57,7 +57,11 @@ On default, the service will autostart with Windows. To disable this use Service
 
 See the [nginx.org](https://nginx.org) for more detailed documentation.
 ]]></description>
-	<releaseNotes><![CDATA[*) 1.20.x stable branch.]]></releaseNotes>
+	<releaseNotes><![CDATA[*) Security: 1-byte memory overwrite might occur during DNS server
+   response processing if the "resolver" directive was used, allowing an
+   attacker who is able to forge UDP packets from the DNS server to
+   cause worker process crash or, potentially, arbitrary code execution
+   (CVE-2021-23017).]]></releaseNotes>
     <dependencies>
 		  <dependency id="nssm" version="2.24.0" />
     </dependencies>

nginx-service/nginx-service.nuspec.mainline

@@ -4,7 +4,7 @@
   <metadata>
 	<!-- == PACKAGE SPECIFIC SECTION == -->
     <id>nginx-service</id>
-    <version>1.19.10-mainline</version>
+    <version>1.21.0-mainline</version>
     <packageSourceUrl>https://github.com/Pilskalns/choco-au-packages/tree/master/nginx-service</packageSourceUrl>
     <owners>Andzs Pilskalns</owners>
 	<!-- == SOFTWARE SPECIFIC SECTION == -->
@@ -57,15 +57,30 @@ On default, the service will autostart with Windows. To disable this use Service
 
 See the [nginx.org](https://nginx.org) for more detailed documentation.
 ]]></description>
-	<releaseNotes><![CDATA[*) Change: the default value of the "keepalive_requests" directive was
-   changed to 1000.
+	<releaseNotes><![CDATA[*) Security: 1-byte memory overwrite might occur during DNS server
+   response processing if the "resolver" directive was used, allowing an
+   attacker who is able to forge UDP packets from the DNS server to
+   cause worker process crash or, potentially, arbitrary code execution
+   (CVE-2021-23017).
 
-*) Feature: the "keepalive_time" directive.
+*) Feature: variables support in the "proxy_ssl_certificate",
+   "proxy_ssl_certificate_key" "grpc_ssl_certificate",
+   "grpc_ssl_certificate_key", "uwsgi_ssl_certificate", and
+   "uwsgi_ssl_certificate_key" directives.
 
-*) Feature: the $connection_time variable.
+*) Feature: the "max_errors" directive in the mail proxy module.
 
-*) Workaround: "gzip filter failed to use preallocated memory" alerts
-   appeared in logs when using zlib-ng.]]></releaseNotes>
+*) Feature: the mail proxy module supports POP3 and IMAP pipelining.
+
+*) Feature: the "fastopen" parameter of the "listen" directive in the
+   stream module.
+   Thanks to Anbang Wen.
+
+*) Bugfix: special characters were not escaped during automatic redirect
+   with appended trailing slash.
+
+*) Bugfix: connections with clients in the mail proxy module might be
+   closed unexpectedly when using SMTP pipelining.]]></releaseNotes>
     <dependencies>
 		  <dependency id="nssm" version="2.24.0" />
     </dependencies>

nginx-service/nginx-service.nuspec.stable

@@ -4,7 +4,7 @@
   <metadata>
 	<!-- == PACKAGE SPECIFIC SECTION == -->
     <id>nginx-service</id>
-    <version>1.20.0</version>
+    <version>1.20.1</version>
     <packageSourceUrl>https://github.com/Pilskalns/choco-au-packages/tree/master/nginx-service</packageSourceUrl>
     <owners>Andzs Pilskalns</owners>
 	<!-- == SOFTWARE SPECIFIC SECTION == -->
@@ -57,7 +57,11 @@ On default, the service will autostart with Windows. To disable this use Service
 
 See the [nginx.org](https://nginx.org) for more detailed documentation.
 ]]></description>
-	<releaseNotes><![CDATA[*) 1.20.x stable branch.]]></releaseNotes>
+	<releaseNotes><![CDATA[*) Security: 1-byte memory overwrite might occur during DNS server
+   response processing if the "resolver" directive was used, allowing an
+   attacker who is able to forge UDP packets from the DNS server to
+   cause worker process crash or, potentially, arbitrary code execution
+   (CVE-2021-23017).]]></releaseNotes>
     <dependencies>
 		  <dependency id="nssm" version="2.24.0" />
     </dependencies>

nginx-service/tools/VERIFICATION.ps1

@@ -18,7 +18,7 @@ Invoke-WebRequest "https://nginx.org/keys/mdounin.key" -UseBasicParsing -OutFile
 
 # Get original signature from
 # https://nginx.org/en/download.html
-Invoke-WebRequest "https://nginx.org/download/nginx-1.20.0.zip.asc" -UseBasicParsing -OutFile "$toolsDir\..\bin\nginx-1.20.0.zip.asc"
+Invoke-WebRequest "https://nginx.org/download/nginx-1.20.1.zip.asc" -UseBasicParsing -OutFile "$toolsDir\..\bin\nginx-1.20.1.zip.asc"
 
 ### Preperation
 # Check that we have GPG 
@@ -27,4 +27,4 @@ choco install gpg4win -y | out-null
 ### Verify
 # Import keys and verify ZIP file against the signature
 gpg --import "$toolsDir\..\bin\mdounin.key"
-gpg --verify "$toolsDir\..\bin\nginx-1.20.0.zip.asc" "$toolsDir\..\bin\nginx.zip"
+gpg --verify "$toolsDir\..\bin\nginx-1.20.1.zip.asc" "$toolsDir\..\bin\nginx.zip"

nginx-service/tools/VERIFICATION.txt

@@ -3,12 +3,12 @@ VERIFICATION
 Nginx for each release provide a ZIP file and .asc signature file.
 Files are listed on the official page http://nginx.org/en/download.html
 
-This package bin\ content includes the release ZIP file, obtained from https://nginx.org/download/nginx-1.20.0.zip
+This package bin\ content includes the release ZIP file, obtained from https://nginx.org/download/nginx-1.20.1.zip
 
 Package also includes VERIFICATION.ps1, which essentially does the following:
 
     1. Downloads Maxim Dounin’s publick key from https://nginx.org/en/pgp_keys.html
-    2. Downloads signature for this release: https://nginx.org/download/nginx-1.20.0.zip.asc
+    2. Downloads signature for this release: https://nginx.org/download/nginx-1.20.1.zip.asc
     3. Verifies signature authenticity against bin\nginx.zip
 
 File 'LICENSE.txt' is obtained from <https://nginx.org/LICENSE>