From 7f04cfb881081af496dd08e2522be7844e14335a Mon Sep 17 00:00:00 2001
From: Mykola Marzhan <mykola.marzhan@percona.com>
Date: Fri, 11 Aug 2017 16:48:28 +0300
Subject: [PATCH] PMM-1280 workaround CVE-2017-7529

---
 nginx.conf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/nginx.conf b/nginx.conf
index d1d749819..e96e390c4 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -9,6 +9,9 @@
 		server_name		_;
 		server_tokens		off;
 
+		# workaround CVE-2017-7529
+		max_ranges		1;
+
 		ssl_certificate		/srv/nginx/certificate.crt;
 		ssl_certificate_key	/srv/nginx/certificate.key;
 		ssl_trusted_certificate	/srv/nginx/ca-certs.pem;