SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for nginx-debuginfo-1.27.4-1.1.x86_64.rpm :

* Thu Feb 06 2025 Илья Индиго - Changed URL\'s from nginx.org to github.com .- Updated to 1.27.4
* https://nginx.org/en/CHANGES
* Fixed insufficient check in virtual servers handling with TLSv1.3 SNI allowed to reuse SSL sessions in a different virtual server, to bypass client SSL certificates verification (CVE-2025-23419).
* Added the \"ssl_object_cache_inheritable\", \"ssl_certificate_cache\", \"proxy_ssl_certificate_cache\", \"grpc_ssl_certificate_cache\", and \"uwsgi_ssl_certificate_cache\", \"keepalive_min_timeout\" directives.
* Fixed nginx could not build libatomic library using the library sources if the --with-libatomic=DIR option was used.
* Wed Nov 27 2024 Илья Индиго - Updated to 1.27.3
* https://github.com/nginx/nginx/releases/tag/release-1.27.3
* Added the \"server\" directive in the \"upstream\" block supports the \"resolve\" parameter.
* Added the \"resolver\" and \"resolver_timeout\" directives in the \"upstream\" block.
* Added SmarterMail specific mode support for IMAP LOGIN with untagged CAPABILITY response in the mail proxy module.
* Changed TLSv1 and TLSv1.1 protocols are disabled by default.
* Changed IPv6 address in square brackets and no port can be specified in the \"proxy_bind\", \"fastcgi_bind\", \"grpc_bind\", \"memcached_bind\", \"scgi_bind\", and \"uwsgi_bind\" directives, and as client address in ngx_http_realip_module.
* Fixed ngx_http_mp4_module and \"proxy_store\" directive.
* Thu Oct 03 2024 Илья Индиго - Updated to 1.27.2
* https://nginx.org/en/CHANGES
* Added SSL certificates, secret keys, and CRLs are now cached on start or during reconfiguration.
* Added client certificate validation with OCSP in the stream module.
* Added OCSP stapling support in the stream module.
* Added the \"proxy_pass_trailers\" directive in the ngx_http_proxy_module.
* Added the \"ssl_client_certificate\" directive now supports certificates with auxiliary information.
* Changed now the \"ssl_client_certificate\" directive is not required for client SSL certificates verification.
* Fri Sep 27 2024 Thorsten Kukuk - Add /srv/www to filelist [bsc#1231027]
* Fri Aug 16 2024 Илья Индиго - Renamed nginx-1.6.1-default_config.patch to nginx-conf.patch.- Renamed nginx-1.2.4-perl_vendor_install.patch to nginx-perl.patch.- Used atosetup -p1 macro and replaced editor from perl to sed.- Added %check section with gpg signature source verification.- Updated to 1.27.1
* https://nginx.org/en/CHANGES
* Fixed crash in ngx_http_mp4_module via specially crafted mp4 file (CVE-2024-7347).
* Now the stream module handler is not mandatory.
* Fixed new HTTP/2 connections might ignore graceful shutdown of old worker processes.
* Fri May 31 2024 Илья Индиго - Updated to 1.27.0
* Changed nginx.keyring to Sergey Kandaurov’s PGP public key.
* https://nginx.org/en/CHANGES
* Added variables support in the \"proxy_limit_rate\", \"fastcgi_limit_rate\", \"scgi_limit_rate\", and \"uwsgi_limit_rate\" directives.
* Fixed reduced memory consumption for long-lived requests if \"gzip\", \"gunzip\", \"ssi\", \"sub_filter\", or \"grpc_pass\" directives are used.
* Fixed building with gcc 14 with --with-atomic option.
* Sat May 11 2024 Илья Индиго - Updated list of recommended modules (deleted unavailable in TW).
* Wed Apr 17 2024 Илья Индиго - Updated to 1.25.5
* Changed nginx.keyring to Roman Arutyunyan’s PGP public key.
* https://nginx.org/en/CHANGES
* Added virtual servers in the stream module.
* Fixed the ngx_stream_pass_module.
* Fixed the \"deferred\", \"accept_filter\", and \"setfib\" parameters of the \"listen\" directive in the stream module.
* Added cache line size detection for some architectures.
* Tue Apr 16 2024 Georg Pfuetzenreuter - Set RuntimeDirectory to offer a location for Unix sockets at /run/nginx
* Sun Mar 03 2024 Adam Mizerski - logrotate: don\'t fail if service not running
* Thu Feb 22 2024 Dominique Leuenberger - Use %patch -P N instead of deprecated %patchN.
* Sun Feb 18 2024 Илья Индиго - Updated to 1.25.4
* Changed nginx.keyring to Sergey Kandaurov’s PGP public key.
* https://nginx.org/en/CHANGES
* Fixed segmentation fault might occur in a worker process while processing a specially crafted QUIC session (CVE-2024-24989, CVE-2024-24990).
* Fixed connections with pending AIO operations might be closed prematurely during graceful shutdown of old worker processes.
* Fixed socket leak alerts no longer logged when fast shutdown was requested after graceful shutdown of old worker processes.
* Fixed socket descriptor error, a socket leak, or a segmentation fault in a worker process might occur if AIO was used in a subrequest.
* Fixed segmentation fault might occur in a worker process if SSL proxying was used along with the \"image_filter\" directive and errors with code 415 were redirected with the \"error_page\" directive.
* Thu Oct 26 2023 Илья Индиго - Updated to 1.25.3
* https://nginx.org/en/CHANGES
* Changed: improved detection of misbehaving clients when using HTTP/2.
* Added: startup speedup when using a large number of locations.
* Fixed: a segmentation fault might occur in a worker process when using HTTP/2 without SSL; the bug had appeared in 1.25.1.
* Fixed: the \"Status\" backend response header line with an empty reason phrase was handled incorrectly.
* Fixed: memory leak during reconfiguration when using the PCRE2 library.
* Sun Aug 20 2023 Илья Индиго - Updated to 1.25.2
* https://nginx.org/en/CHANGES
* Changed: uses appname \"nginx\" when loading OpenSSL configuration.
* Changed: does not try to load OpenSSL configuration if the - -with-openssl option was used to built OpenSSL and the OPENSSL_CONF environment variable is not set.
* Wed Jun 14 2023 Илья Индиго - Updated to 1.25.1
* https://nginx.org/en/CHANGES
* Added \"http2\" directive, which enables HTTP/2 on a per-server basis.
* Deprecated \"http2\" parameter of the \"listen\" directive.
* Removed HTTP/2 server push support.
* Deprecated \"ssl\" directive is not supported anymore.
* Tue May 23 2023 Илья Индиго - Updated to 1.25.0
* https://nginx.org/en/CHANGES
* Added experimental HTTP/3 support.
* Wed Mar 29 2023 Илья Индиго - Updated to 1.23.4
* https://nginx.org/en/CHANGES
* Enabled TLSv1.3 protocol by default.
* Supported byte ranges support in the ngx_http_gzip_static_module.
* Fixed port ranges in the \"listen\" directive did not work.
* Fixed incorrect location might be chosen to process a request if a prefix location longer than 255 characters.
* Fixed a socket leak might occur when using HTTP/2 and the \"error_page\" directive to redirect errors with code 400.
* Sat Dec 17 2022 Michael Ströder - Updated to 1.23.3
* Bugfix: an error might occur when reading PROXY protocol version 2 header with large number of TLVs.
* Bugfix: a segmentation fault might occur in a worker process if SSI was used to process subrequests created by other modules.
* Workaround: when a hostname used in the \"listen\" directive resolves to multiple addresses, nginx now ignores duplicates within these addresses.
* Bugfix: nginx might hog CPU during unbuffered proxying if SSL connections to backends were used.
* Wed Oct 19 2022 Michael Ströder - Updated to 1.23.2
* Security: processing of a specially crafted mp4 file by the ngx_http_mp4_module might cause a worker process crash, worker process memory disclosure, or might have potential other impact (CVE-2022-41741, CVE-2022-41742).
* Feature: the \"$proxy_protocol_tlv_...\" variables.
* Feature: TLS session tickets encryption keys are now automatically rotated when using shared memory in the \"ssl_session_cache\" directive.
* Change: the logging level of the \"bad record type\" SSL errors has been lowered from \"crit\" to \"info\".
* Change: now when using shared memory in the \"ssl_session_cache\" directive the \"could not allocate new session\" errors are logged at the \"warn\" level instead of \"alert\" and not more often than once per second.
* Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x.
* Bugfix: in logging of the PROXY protocol errors.
* Workaround: shared memory from the \"ssl_session_cache\" directive was spent on sessions using TLS session tickets when using TLSv1.3 with OpenSSL.
* Workaround: timeout specified with the \"ssl_session_timeout\" directive did not work when using TLSv1.3 with OpenSSL or BoringSSL.
* Tue Jul 19 2022 Michael Ströder - Updated to 1.23.1
* Feature: memory usage optimization in configurations with SSL proxying.
* Feature: looking up of IPv4 addresses while resolving now can be disabled with the \"ipv4=off\" parameter of the \"resolver\" directive.
* Change: the logging level of the \"bad key share\", \"bad extension\", \"bad cipher\", and \"bad ecpoint\" SSL errors has been lowered from \"crit\" to \"info\".
* Bugfix: while returning byte ranges nginx did not remove the \"Content-Range\" header line if it was present in the original backend response.
* Bugfix: a proxied response might be truncated during reconfiguration on Linux; the bug had appeared in 1.17.5.
* Tue Jun 21 2022 Илья Индиго - Changed nginx.keyring to Konstantin Pavlov’s PGP public key.- Removed nginx.init.- Updated to 1.23.0
* https://nginx.org/en/CHANGES
* Now header lines are represented as linked lists.
* Now nginx combines arbitrary header lines with identical names when sending to FastCGI, SCGI, and uwsgi backends, in the $r->header_in() method of the ngx_http_perl_module, and during lookup of the \"$http_...\", \"$sent_http_...\", \"$sent_trailer_...\", \"$upstream_http_...\", and \"$upstream_trailer_...\" variables.
* Fixed: if there were multiple \"Vary\" header lines in the backend response, nginx only used the last of them when caching.
* Fixed: if there were multiple \"WWW-Authenticate\" header lines in the backend response and errors with code 401 were intercepted or the \"auth_request\" directive was used, nginx only sent the first of the header lines to the client.
* The logging level of the \"application data after close notify\" SSL errors has been lowered from \"crit\" to \"info\".
* Fixed: connections might hang if nginx was built on Linux 2.6.17 or newer, but was used on systems without EPOLLRDHUP support, notably with epoll emulation layers; the bug had appeared in 1.17.5.
* Fixed: nginx did not cache the response if the \"Expires\" response header line disabled caching, but following \"Cache-Control\" header line enabled caching.
* Tue Feb 01 2022 Илья Индиго - Updated to 1.21.6
* https://nginx.org/en/CHANGES
* Fixed when using EPOLLEXCLUSIVE on Linux client connections were unevenly distributed among worker processes.
* Fixed nginx returned the \"Connection: keep-alive\" header line in responses during graceful shutdown of old worker processes.
* Fixed in the \"ssl_session_ticket_key\" when using TLSv1.3.
  
ICM