3 files changed, 23 insertions, 4 deletions

diff --git a/network/nginx/CVE-2016-4450.diff b/network/nginx/CVE-2016-4450.diff
new file mode 100644
index 0000000000..6f2c25b0c4
--- /dev/null
+++ b/network/nginx/CVE-2016-4450.diff
@@ -0,0 +1,15 @@
+--- src/os/unix/ngx_files.c
++++ src/os/unix/ngx_files.c
+@@ -183,6 +183,12 @@ ngx_write_chain_to_file(ngx_file_t *file
+         /* create the iovec and coalesce the neighbouring bufs */
+ 
+         while (cl && vec.nelts < IOV_MAX) {
++
++            if (ngx_buf_special(cl->buf)) {
++                cl = cl->next;
++                continue;
++            }
++
+             if (prev == cl->buf->pos) {
+                 iov->iov_len += cl->buf->last - cl->buf->pos;
+ 
diff --git a/network/nginx/nginx.SlackBuild b/network/nginx/nginx.SlackBuild
index de05bf525b..e2e2af9435 100644
--- a/network/nginx/nginx.SlackBuild
+++ b/network/nginx/nginx.SlackBuild
@@ -28,7 +28,7 @@
 # Special thanks to Thomas Morper for some configuration adjustments tips
 
 PRGNAM=nginx
-VERSION=${VERSION:-1.8.0}
+VERSION=${VERSION:-1.8.1}
 BUILD=${BUILD:-1}
 TAG=${TAG:-_SBo}
 
@@ -74,6 +74,10 @@ find -L . \
  \( -perm 666 -o -perm 664 -o -perm 640 -o -perm 600 -o -perm 444 \
   -o -perm 440 -o -perm 400 \) -exec chmod 644 {} \;
 
+# Apply CVE-2016-4450 patch (NULL pointer dereference when writing client
+# request body)
+patch -p0 < $CWD/CVE-2016-4450.diff
+
 # Fix the nginx.conf file for html and virtual server directory.
 sed -i \
   -e '/root[ ]*html/s|html;|/var/www/&|' \
diff --git a/network/nginx/nginx.info b/network/nginx/nginx.info
index b981b76735..48e5d053a7 100644
--- a/network/nginx/nginx.info
+++ b/network/nginx/nginx.info
@@ -1,8 +1,8 @@
 PRGNAM="nginx"
-VERSION="1.8.0"
+VERSION="1.8.1"
 HOMEPAGE="http://nginx.org/"
-DOWNLOAD="http://nginx.org/download/nginx-1.8.0.tar.gz"
-MD5SUM="3ca4a37931e9fa301964b8ce889da8cb"
+DOWNLOAD="https://nginx.org/download/nginx-1.8.1.tar.gz"
+MD5SUM="2e91695074dbdfbf1bcec0ada9fda462"
 DOWNLOAD_x86_64=""
 MD5SUM_x86_64=""
 REQUIRES=""