[Pkg-nginx-maintainers] Bug#1079520: nginx.conf: server_tokens off should be mentioned in NEWS.Debian
Alejandro Colomar
alx at kernel.org
Sat Aug 24 10:21:32 BST 2024
Package: nginx-common
Version: 1.26.0-2
Severity: normal
X-Debbugs-Cc: alx at kernel.org
Dear Maintainer,
After upgrading a server to 1.26.0-2, the server started failing with
nginx[1012]: 2024/08/24 10:55:57 [emerg] 1012#1012: "server_tokens" directive is duplicate in /etc/nginx/conf.d/security-parameters.conf:1
Because I had already defined that directive, and the nginx.conf file
started defining it. While I like the change, it's a breaking one, and
should be mentioned in NEWS.Debian so that others have a chance to
prepare their servers for the update.
Have a lovely day!
Alex
-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 6.9.7-amd64 (SMP w/24 CPU threads; PREEMPT)
Locale: LANG=C.utf8, LC_CTYPE=C.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages nginx-common depends on:
ii debconf [debconf-2.0] 1.5.87
pn nginx <none>
nginx-common recommends no packages.
Versions of packages nginx-common suggests:
pn fcgiwrap <none>
pn nginx-doc <none>
ii ssl-cert 1.1.3
More information about the Pkg-nginx-maintainers
mailing list