Skip to content

nginx 1.25.4 + njs 0.8.3 + headers-more-nginx-module 0.37

Latest
Latest
Compare
Choose a tag to compare
@macbre macbre released this 13 Mar 23:36
· 4 commits to master since this release
v1.25.4
f2f4b52
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode. 
Changes with nginx 1.25.4                                        14 Feb 2024

    *) Security: when using HTTP/3 a segmentation fault might occur in a
       worker process while processing a specially crafted QUIC session
       (CVE-2024-24989, CVE-2024-24990).

    *) Bugfix: connections with pending AIO operations might be closed
       prematurely during graceful shutdown of old worker processes.

    *) Bugfix: socket leak alerts no longer logged when fast shutdown was
       requested after graceful shutdown of old worker processes.

    *) Bugfix: a socket descriptor error, a socket leak, or a segmentation
       fault in a worker process (for SSL proxying) might occur if AIO was
       used in a subrequest.

    *) Bugfix: a segmentation fault might occur in a worker process if SSL
       proxying was used along with the "image_filter" directive and errors
       with code 415 were redirected with the "error_page" directive.

    *) Bugfixes and improvements in HTTP/3.

What's Changed

  • nginx 1.25.4 + njs 0.8.3 + headers-more-nginx-module 0.37 by @macbre in #135

Full Changelog: v1.25.3...v1.25.4

Contributors

macbre
Assets 2