MFH: r484324

Security update from 1.15.5 to 1.15.6.

Temporary disable third-party upstream_fair module, it should
be updated to build with the modern version of the nginx.

While I'm here fix some whitespaces.

Security: 84ca56be-e1de-11e8-bcfd-00e04c1ea73d
Approved by: ports-secteam (miwi)

<ChangeLog>

*) Security: when using HTTP/2 a client might cause excessive memory

consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).

*) Security: processing of a specially crafted mp4 file with the

ngx_http_mp4_module might result in worker process memory disclosure
(CVE-2018-16845).

*) Feature: the "proxy_socket_keepalive", "fastcgi_socket_keepalive",

"grpc_socket_keepalive", "memcached_socket_keepalive",
"scgi_socket_keepalive", and "uwsgi_socket_keepalive" directives.

*) Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL

1.1.1, the TLS 1.3 protocol was always enabled.

*) Bugfix: working with gRPC backends might result in excessive memory

consumption.

</ChangeLog>