Welcome to Centmin Mod Community
Register Now

Nginx [nginx-announce] nginx-1.9.10

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Jan 27, 2016.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    35,603
    7,841
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,085
    Local Time:
    6:38 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Changes with nginx 1.9.10 26 Jan 2016

    *) Security: invalid pointer dereference might occur during DNS server
    response processing if the "resolver" directive was used, allowing an
    attacker who is able to forge UDP packets from the DNS server to
    cause segmentation fault in a worker process (CVE-2016-0742).

    *) Security: use-after-free condition might occur during CNAME response
    processing if the "resolver" directive was used, allowing an attacker
    who is able to trigger name resolution to cause segmentation fault in
    a worker process, or might have potential other impact
    (CVE-2016-0746).

    *) Security: CNAME resolution was insufficiently limited if the
    "resolver" directive was used, allowing an attacker who is able to
    trigger arbitrary name resolution to cause excessive resource
    consumption in worker processes (CVE-2016-0747).

    *) Feature: the "auto" parameter of the "worker_cpu_affinity" directive.

    *) Bugfix: the "proxy_protocol" parameter of the "listen" directive did
    not work with IPv6 listen sockets.

    *) Bugfix: connections to upstream servers might be cached incorrectly
    when using the "keepalive" directive.

    *) Bugfix: proxying used the HTTP method of the original request after
    an "X-Accel-Redirect" redirection.


    --
    Maxim Dounin
    http://nginx.org/

    _______________________________________________
    nginx-announce mailing list
    [email protected]
    http://mailman.nginx.org/mailman/listinfo/nginx-announce

    Continue reading...
     
  2. Sunka

    Sunka Well-Known Member

    997
    273
    63
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +449
    Local Time:
    10:38 AM
    Nginx 1.15.0
    MariaDB 10.2.15
    Upgraded, all seems to be OK
     
    • Like Like x 1
..