chore(rootfs): update to nginx 1.14.2 / vts 0.1.18

this fixes CVE-2018-16843/CVE-2018-16844 DoS attacks when http2 is enabled and adds support for http2 push and PROXY protocol v2. the vts update is required for compatibility with the new nginx version and fixes serveral segfaults in the module.
teamhephy · Mar 15, 2019 · 3c0c1a1 · 3c0c1a1
1 parent c4e6658
commit 3c0c1a1
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/rootfs/Dockerfile b/rootfs/Dockerfile
@@ -14,13 +14,13 @@ RUN buildDeps='gcc make apt-utils libgeoip-dev libssl-dev libpcre3-dev'; \
     apt-get install -y --no-install-recommends \
         $buildDeps \
         libgeoip1 && \
-    export NGINX_VERSION=1.13.7 SIGNING_KEY=A1C052F8 VTS_VERSION=0.1.10 BUILD_PATH=/tmp/build PREFIX=/opt/router && \
+    export NGINX_VERSION=1.14.2 SIGNING_KEY=A1C052F8 VTS_VERSION=0.1.18 BUILD_PATH=/tmp/build PREFIX=/opt/router && \
     rm -rf "$PREFIX" && \
     mkdir "$PREFIX" && \
     mkdir "$BUILD_PATH" && \
     cd "$BUILD_PATH" && \
     get_src_gpg $SIGNING_KEY "http://nginx.org/download/nginx-$NGINX_VERSION.tar.gz" && \
-    get_src c6f3733e9ff84bfcdc6bfb07e1baf59e72c4e272f06964dd0ed3a1bdc93fa0ca "https://github.com/vozlt/nginx-module-vts/archive/v$VTS_VERSION.tar.gz" && \
+    get_src 17ea41d4083f6d1ab1ab83dad9160eeca66867abe16c5a0421f85a39d7c84b65 "https://github.com/vozlt/nginx-module-vts/archive/v$VTS_VERSION.tar.gz" && \
     cd "$BUILD_PATH/nginx-$NGINX_VERSION" && \
     ./configure \
       --prefix="$PREFIX" \