nginx.git, branch release-1.14.1 nginx nginx-1.14.1-RELEASE 2018-11-06T13:52:46+00:00 Maxim Dounin mdounin@mdounin.ru 2018-11-06T13:52:46+00:00 79b5093854dbbae2e8a53df1b08d2ec466b124ba 






gRPC: limited allocations due to ping and settings frames.
2018-11-06T13:29:59+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-11-06T13:29:59+00:00

65a28d1703c8eaf6b43a92e122c3aa533ba9f5c9












HTTP/2: limit the number of idle state switches.
2018-11-06T13:29:49+00:00

Ruslan Ermilov
ru@nginx.com

2018-11-06T13:29:49+00:00

b5802dbf51cf713f84c763180bc45069fb3bf320

An attack that continuously switches HTTP/2 connection between
idle and active states can result in excessive CPU usage.
This is because when a connection switches to the idle state,
all of its memory pool caches are freed.

This change limits the maximum allowed number of idle state
switches to 10 * http2_max_requests (i.e., 10000 by default).
This limits possible CPU usage in one connection, and also
imposes a limit on the maximum lifetime of a connection.

Initially reported by Gal Goldshtein from F5 Networks.





An attack that continuously switches HTTP/2 connection between
idle and active states can result in excessive CPU usage.
This is because when a connection switches to the idle state,
all of its memory pool caches are freed.

This change limits the maximum allowed number of idle state
switches to 10 * http2_max_requests (i.e., 10000 by default).
This limits possible CPU usage in one connection, and also
imposes a limit on the maximum lifetime of a connection.

Initially reported by Gal Goldshtein from F5 Networks.







HTTP/2: flood detection.
2018-11-06T13:29:35+00:00

Ruslan Ermilov
ru@nginx.com

2018-11-06T13:29:35+00:00

65b2c00d624f17892c777f8fb5bb9c623cff5188

Fixed uncontrolled memory growth in case peer is flooding us with
some frames (e.g., SETTINGS and PING) and doesn't read data.  Fix
is to limit the number of allocated control frames.





Fixed uncontrolled memory growth in case peer is flooding us with
some frames (e.g., SETTINGS and PING) and doesn't read data.  Fix
is to limit the number of allocated control frames.







Mp4: fixed reading 64-bit atoms.
2018-11-06T13:29:18+00:00

Roman Arutyunyan
arut@nginx.com

2018-11-06T13:29:18+00:00

1d4c2fb6da12f3d103849cb9384687213f1656cf

Previously there was no validation for the size of a 64-bit atom
in an mp4 file.  This could lead to a CPU hog when the size is 0,
or various other problems due to integer underflow when calculating
atom data size, including segmentation fault or worker process
memory disclosure.





Previously there was no validation for the size of a 64-bit atom
in an mp4 file.  This could lead to a CPU hog when the size is 0,
or various other problems due to integer underflow when calculating
atom data size, including segmentation fault or worker process
memory disclosure.







Updated OpenSSL used for win32 builds.
2018-08-28T12:05:41+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-08-28T12:05:41+00:00

8a23ea2af52d4c181171d82690132b756c233e88












Version bump.
2018-11-06T13:33:16+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-11-06T13:33:16+00:00

aedf03a6bb6e4d262ac0ef90427eb78bb7d3ac56












release-1.14.0 tag
2018-04-17T15:22:36+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-04-17T15:22:36+00:00

1165dc2b0fd4d419162078c939b05d4089ccfb04












nginx-1.14.0-RELEASE
2018-04-17T15:22:35+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-04-17T15:22:35+00:00

a8fe224b46a8125a623f1ddeea411b046d1a6008












Stable branch.
2018-04-17T13:30:10+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-04-17T13:30:10+00:00

9bc4b9d19abf3d24b7c8dc26bd38c9adc15946bc