Learn about Centmin Mod LEMP Stack today
Become a Member

Nginx-1.22.1, nginx-1.23.2 released

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by buik, Oct 20, 2022.

  1. buik

    buik “The best traveler is one without a camera.”

    2,026
    524
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,674
    Local Time:
    1:08 PM
    Nginx-1.22.1 and nginx-1.23.2 released.

    1.22*

    CVE-2022-41741, CVE-2022-41742

    1.23*


    *) Security: processing of a specially crafted mp4 file by the
    ngx_http_mp4_module might cause a worker process crash, worker
    process memory disclosure, or might have potential other impact
    (CVE-2022-41741, CVE-2022-41742).

    *) Feature: the "$proxy_protocol_tlv_..." variables.

    *) Feature: TLS session tickets encryption keys are now automatically
    rotated when using shared memory in the "ssl_session_cache"
    directive.

    *) Change: the logging level of the "bad record type" SSL errors has
    been lowered from "crit" to "info".
    Thanks to Murilo Andrade.

    *) Change: now when using shared memory in the "ssl_session_cache"
    directive the "could not allocate new session" errors are logged at
    the "warn" level instead of "alert" and not more often than once per
    second.

    *) Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x.

    *) Bugfix: in logging of the PROXY protocol errors.
    Thanks to Sergey Brester.

    *) Workaround: shared memory from the "ssl_session_cache" directive was
    spent on sessions using TLS session tickets when using TLSv1.3 with
    OpenSSL.

    *) Workaround: timeout specified with the "ssl_session_timeout"
    directive did not work when using TLSv1.3 with OpenSSL or BoringSSL.
     
  2. eva2000

    eva2000 Administrator Staff Member

    54,523
    12,211
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,780
    Local Time:
    10:08 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Yup both 124.00stable and 130.00beta01 got updated to Nginx 1.23.2 for defaults :)

    • update Nginx default to 1.23.2 http://nginx.org/en/CHANGES with NGINX_ONETWOTHREE_COMPAT='y' enabled by default now so Nginx 1.23 mainline versions are installable by default
    • existing users can run cmupdate command, then centmin.sh menu option 4 to recompile/update Nginx