Want more timely Centmin Mod News Updates?
Become a Member

Nginx [nginx-announce] nginx-1.9.10

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Jan 27, 2016.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    46,655
    10,590
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,435
    Local Time:
    8:00 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Changes with nginx 1.9.10 26 Jan 2016

    *) Security: invalid pointer dereference might occur during DNS server
    response processing if the "resolver" directive was used, allowing an
    attacker who is able to forge UDP packets from the DNS server to
    cause segmentation fault in a worker process (CVE-2016-0742).

    *) Security: use-after-free condition might occur during CNAME response
    processing if the "resolver" directive was used, allowing an attacker
    who is able to trigger name resolution to cause segmentation fault in
    a worker process, or might have potential other impact
    (CVE-2016-0746).

    *) Security: CNAME resolution was insufficiently limited if the
    "resolver" directive was used, allowing an attacker who is able to
    trigger arbitrary name resolution to cause excessive resource
    consumption in worker processes (CVE-2016-0747).

    *) Feature: the "auto" parameter of the "worker_cpu_affinity" directive.

    *) Bugfix: the "proxy_protocol" parameter of the "listen" directive did
    not work with IPv6 listen sockets.

    *) Bugfix: connections to upstream servers might be cached incorrectly
    when using the "keepalive" directive.

    *) Bugfix: proxying used the HTTP method of the original request after
    an "X-Accel-Redirect" redirection.


    --
    Maxim Dounin
    http://nginx.org/


    _______________________________________________
    nginx-announce mailing list
    nginx-announce@nginx.org
    http://mailman.nginx.org/mailman/listinfo/nginx-announce

    Continue reading...
     
  2. Sunka

    Sunka Well-Known Member

    1,145
    316
    83
    Oct 31, 2015
    Pula, Croatia
    Ratings:
    +513
    Local Time:
    12:00 PM
    Nginx 1.17.9
    MariaDB 10.3.22
    Upgraded, all seems to be OK