thr3ads.net - nginx announce - [nginx-announce] nginx-1.26.1 [May 2024]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Sergey Kandaurov

2024-May-29 15:12 UTC

[nginx-announce] nginx-1.26.1

Changes with nginx 1.26.1                                        29 May 2024

   *) Security: when using HTTP/3, processing of a specially crafted QUIC
      session might cause a worker process crash, worker process memory
      disclosure on systems with MTU larger than 4096 bytes, or might have
      potential other impact (CVE-2024-32760, CVE-2024-31079,
      CVE-2024-35200, CVE-2024-34161).
      Thanks to Nils Bars of CISPA.

   *) Bugfix: reduced memory consumption for long-lived requests if
"gzip",
      "gunzip", "ssi", "sub_filter", or
"grpc_pass" directives are used.

   *) Bugfix: nginx could not be built by gcc 14 if the --with-atomic
      option was used.
      Thanks to Edgar Bonet.

   *) Bugfix: in HTTP/3.


-- 
Sergey Kandaurov

Reasonably Related Threads

nginx-1.26.1
nginx-1.27.0
nginx-1.27.0
nginx security advisory (CVE-2024-31079, CVE-2024-32760, CVE-2024-34161, CVE-2024-35200)
nginx security advisory (CVE-2024-31079, CVE-2024-32760, CVE-2024-34161, CVE-2024-35200)

Search for more maybe matching threads

nginx announce - May 2024 - nginx-1.26.1

[nginx-announce] nginx-1.26.1

Reasonably Related Threads