oerdnj
commented
1 month ago Yeah, I’ve seen that and I’m already dreading the update. I’ll probably backport the patch to 1.25.x branch first, and then prepare the full update.
Closed jadeops closed 3 weeks ago
oerdnj
commented
1 month ago Yeah, I’ve seen that and I’m already dreading the update. I’ll probably backport the patch to 1.25.x branch first, and then prepare the full update.
jadeops
commented
4 weeks ago why not just update to 1.27 directly?
oerdnj
commented
3 weeks ago So, I have a local installation with:
ii libnginx-mod-brotli 1:1.0.0~rc+1.25.5-9+ubuntu20.04.1+deb.sury.org+1 all Brotli lossless compression support for Nginx - meta
ii libnginx-mod-http-auth-pam 1:1.5.5+1.25.5-2+ubuntu20.04.1+deb.sury.org+6 amd64 PAM authentication module for Nginx
ii libnginx-mod-http-brotli 1.0.0~rc+1.25.4-5+ubuntu20.04.1+deb.sury.org+2 all Brotli lossless compression support for Nginx - meta
ii libnginx-mod-http-brotli-filter 1:1.0.0~rc+1.25.5-9+ubuntu20.04.1+deb.sury.org+1 amd64 Brotli lossless compression support for Nginx - filter
ii libnginx-mod-http-brotli-static 1:1.0.0~rc+1.25.5-9+ubuntu20.04.1+deb.sury.org+1 amd64 Brotli lossless compression support for Nginx - static
ii libnginx-mod-http-cache-purge 1:2.3+1.25.5-7+ubuntu20.04.1+deb.sury.org+6 amd64 Purge content from Nginx caches
ii libnginx-mod-http-dav-ext 1:3.0.0+1.25.5-5+ubuntu20.04.1+deb.sury.org+6 amd64 WebDAV missing commands support for Nginx
ii libnginx-mod-http-echo 1:0.63+1.25.5-6+ubuntu20.04.1+deb.sury.org+6 amd64 Bring echo and more shell style goodies to Nginx
ii libnginx-mod-http-fancyindex 1:0.5.2+1.25.5-5+ubuntu20.04.1+deb.sury.org+6 amd64 Fancy indexes module for the Nginx
ii libnginx-mod-http-geoip 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 amd64 GeoIP HTTP module for Nginx
ii libnginx-mod-http-geoip2 1:3.4+1.25.5-5+ubuntu20.04.1+deb.sury.org+6 amd64 GeoIP2 HTTP module for Nginx
ii libnginx-mod-http-headers-more-filter 1:0.37+1.25.5-2+ubuntu20.04.1+deb.sury.org+6 amd64 Set and clear input and output headers for Nginx
ii libnginx-mod-http-image-filter 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 amd64 HTTP image filter module for Nginx
ii libnginx-mod-http-lua 1:0.10.26+1.25.5-2+ubuntu20.04.1+deb.sury.org+6 amd64 Lua module for Nginx
ii libnginx-mod-http-ndk 1:0.3.3+1.25.5-1+ubuntu20.04.1+deb.sury.org+6 amd64 Nginx Development Kit module
ii libnginx-mod-http-ndk-dev 1:0.3.3+1.25.5-1+ubuntu20.04.1+deb.sury.org+6 all Nginx Development Kit module - development files
ii libnginx-mod-http-perl 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 amd64 Perl module for Nginx
ii libnginx-mod-http-subs-filter 1:0.6.4+1.25.5-6+ubuntu20.04.1+deb.sury.org+6 amd64 Substitution filter module for Nginx
ii libnginx-mod-http-uploadprogress 1:0.9.2+1.25.5-5+ubuntu20.04.1+deb.sury.org+6 amd64 Upload progress system for Nginx
ii libnginx-mod-http-upstream-fair 1:0.0~git20120408.a18b409+1.25.5-5+ubuntu20.04.1+deb.sury.org+6 amd64 Nginx Upstream Fair Proxy Load Balancer
ii libnginx-mod-http-xslt-filter 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 amd64 XSLT Transformation module for Nginx
ii libnginx-mod-mail 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 amd64 Mail module for Nginx
ii libnginx-mod-nchan 1:1.3.6+dfsg+1.25.5-4+ubuntu20.04.1+deb.sury.org+6 amd64 Fast, flexible pub/sub server for Nginx
ii libnginx-mod-rtmp 1:1.2.2+dfsg+1.25.5-5+ubuntu20.04.1+deb.sury.org+6 amd64 RTMP support for Nginx
ii libnginx-mod-ssl-ct 1:1.3.2+1.25.5-2+ubuntu20.04.1+deb.sury.org+6 amd64 adds support for the TLS signed_certificate_timestamp ex>
ii libnginx-mod-stream 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 amd64 Stream module for Nginx
ii libnginx-mod-stream-geoip 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 amd64 GeoIP Stream module for Nginx
ii libnginx-mod-stream-geoip2 1:3.4+1.25.5-5+ubuntu20.04.1+deb.sury.org+6 amd64 GeoIP2 Stream module for Nginx
ii nginx 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 amd64 small, powerful, scalable web/proxy server
un nginx-abi-1.25.5-1 <none> <none> (no description available)
ii nginx-common 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 all small, powerful, scalable web/proxy server - common files
ii nginx-core 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 all nginx web/proxy server (standard version)
un nginx-doc <none> <none> (no description available)
ii nginx-extras 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 amd64 nginx web/proxy server (extended version)
ii nginx-full 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 all nginx web/proxy server (standard version with 3rd partie>
ii nginx-light 1.25.5-3+ubuntu20.04.1+deb.sury.org+1 all nginx web/proxy server (basic version)and it seems to work so far:
# nginx -t
2024/06/03 09:49:45 [info] 2279028#2279028: Using 116KiB of shared memory for nchan in /etc/nginx/nginx.conf:61
2024/06/03 09:49:45 [info] 2279028#2279028: Using 131072KiB of shared memory for nchan in /etc/nginx/nginx.conf:61
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successfulNow, lets see what happens when we start to upgrade the repository to 1.27.0. I hope I will be able to get something useful.
oerdnj
commented
3 weeks ago Ok, apt upgrade looks sane:
# apt upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
libnginx-mod-http-geoip libnginx-mod-http-image-filter libnginx-mod-http-perl libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-stream libnginx-mod-stream-geoip
nginx nginx-common nginx-corethanks! nginx-mainline upgrade worked fine for me on 22.04 :rocket:
~Should I keep the issue open? since someone may ask for stable 1.26 as well sooner or later~
EDIT: nvm, another ticket is open https://github.com/oerdnj/deb.sury.org/issues/2129
oerdnj
commented
3 weeks ago Lets keep this open until all the extensions are updated.
oerdnj
commented
3 weeks ago Looks like everything has been built.
jadeops
commented
3 weeks ago OS: Ubuntu 22.04 arm64
the modules were not bumped for some reason. is this intended?
dpkg -l | grep nginx
rc libnginx-mod-brotli 1.25.4-1+ubuntu22.04.1+deb.sury.org+1 arm64 Brotli lossless compression support for Nginx
rc libnginx-mod-http-geoip 1.25.4-2+ubuntu22.04.1+deb.sury.org+1 arm64 GeoIP HTTP module for Nginx
rc libnginx-mod-http-image-filter 1.25.4-2+ubuntu22.04.1+deb.sury.org+1 arm64 HTTP image filter module for Nginx
rc libnginx-mod-http-xslt-filter 1.25.4-2+ubuntu22.04.1+deb.sury.org+1 arm64 XSLT Transformation module for Nginx
rc libnginx-mod-mail 1.25.4-2+ubuntu22.04.1+deb.sury.org+1 arm64 Mail module for Nginx
rc libnginx-mod-ssl-ct 1.25.4-1+ubuntu22.04.1+deb.sury.org+1 arm64 Certificate Transparency support for Nginx
rc libnginx-mod-stream 1.25.4-2+ubuntu22.04.1+deb.sury.org+1 arm64 Stream module for Nginx
rc libnginx-mod-stream-geoip 1.25.4-2+ubuntu22.04.1+deb.sury.org+1 arm64 GeoIP Stream module for Nginx
ii nginx 1.27.0-1+ubuntu22.04.1+deb.sury.org+1 arm64 small, powerful, scalable web/proxy server
ii nginx-common 1.27.0-1+ubuntu22.04.1+deb.sury.org+1 all small, powerful, scalable web/proxy server - common files
# sudo apt update && sudo apt upgrade && sudo apt clean && sudo apt autoremove
Hit:1 http://eu-amsterdam-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports jammy InRelease
Hit:2 http://eu-amsterdam-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports jammy-updates InRelease
Hit:3 http://ports.ubuntu.com/ubuntu-ports jammy-security InRelease
Hit:4 http://eu-amsterdam-1-ad-1.clouds.ports.ubuntu.com/ubuntu-ports jammy-backports InRelease
Hit:5 https://ppa.launchpadcontent.net/ondrej/nginx-mainline/ubuntu jammy InRelease
Hit:6 https://archive.mariadb.org/repo/11.2/ubuntu jammy InRelease
Hit:7 https://ppa.launchpadcontent.net/ondrej/php/ubuntu jammy InRelease
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
All packages are up to date.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
rc means removed but not purged (r - removed, c - configured)
jadeops
commented
3 weeks ago thanks! fixed it.
tree /etc/nginx/modules-enabled/
/etc/nginx/modules-enabled/
├── 50-mod-brotli.conf.removed -> /usr/share/nginx/modules-available/mod-brotli.conf
├── 50-mod-http-geoip.conf.removed -> /usr/share/nginx/modules-available/mod-http-geoip.conf
├── 50-mod-http-image-filter.conf.removed -> /usr/share/nginx/modules-available/mod-http-image-filter.conf
├── 50-mod-http-xslt-filter.conf.removed -> /usr/share/nginx/modules-available/mod-http-xslt-filter.conf
├── 50-mod-mail.conf.removed -> /usr/share/nginx/modules-available/mod-mail.conf
├── 50-mod-ssl-ct.conf.removed -> /usr/share/nginx/modules-available/mod-ssl-ct.conf
├── 50-mod-stream.conf.removed -> /usr/share/nginx/modules-available/mod-stream.conf
└── 70-mod-stream-geoip.conf.removed -> /usr/share/nginx/modules-available/mod-stream-geoip.conf
sudo apt purge libnginx-mod-brotli libnginx-mod-http-geoip libnginx-mod-http-image-filter libnginx-mod-http-xslt-filter libnginx-mod-mail libnginx-mod-ssl-ct libnginx-mod-stream-geoip libnginx-mod-stream
OS: Ubuntu 22.04 arm64
2024-05-29 nginx-1.26.1 stable and nginx-1.27.0 mainline versions have been released, with fixes for vulnerabilities in HTTP/3 (CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161).
Thanks