Welcome to Centmin Mod Community
Become a Member

Nginx [nginx-announce] nginx-1.9.10

Discussion in 'Nginx and PHP-FPM news & discussions' started by eva2000, Jan 27, 2016.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    29,024
    6,587
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,778
    Local Time:
    12:06 AM
    Nginx 1.13.x
    MariaDB 5.5
    Changes with nginx 1.9.10 26 Jan 2016

    *) Security: invalid pointer dereference might occur during DNS server
    response processing if the "resolver" directive was used, allowing an
    attacker who is able to forge UDP packets from the DNS server to
    cause segmentation fault in a worker process (CVE-2016-0742).

    *) Security: use-after-free condition might occur during CNAME response
    processing if the "resolver" directive was used, allowing an attacker
    who is able to trigger name resolution to cause segmentation fault in
    a worker process, or might have potential other impact
    (CVE-2016-0746).

    *) Security: CNAME resolution was insufficiently limited if the
    "resolver" directive was used, allowing an attacker who is able to
    trigger arbitrary name resolution to cause excessive resource
    consumption in worker processes (CVE-2016-0747).

    *) Feature: the "auto" parameter of the "worker_cpu_affinity" directive.

    *) Bugfix: the "proxy_protocol" parameter of the "listen" directive did
    not work with IPv6 listen sockets.

    *) Bugfix: connections to upstream servers might be cached incorrectly
    when using the "keepalive" directive.

    *) Bugfix: proxying used the HTTP method of the original request after
    an "X-Accel-Redirect" redirection.


    --
    Maxim Dounin
    http://nginx.org/

    _______________________________________________
    nginx-announce mailing list
    nginx-announce@nginx.org
    http://mailman.nginx.org/mailman/listinfo/nginx-announce

    Continue reading...
     
  2. Sunka

    Sunka Active Member

    888
    230
    43
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +376
    Local Time:
    4:06 PM
    Nginx 1.13.3
    MariaDB 10.1.24
    Upgraded, all seems to be OK
     
    • Like Like x 1