[nginx-announce] nginx-1.9.10

Kevin Worthington kworthington at gmail.com
Wed Jan 27 14:18:18 UTC 2016 

Hello Nginx users,

Now available: Nginx 1.9.10 for Windows
https://kevinworthington.com/nginxwin1910 (32-bit and 64-bit versions)

These versions are to support legacy users who are already using Cygwin
based builds of Nginx. Officially supported native Windows binaries are at
nginx.org.

Announcements are also available here:
Twitter http://twitter.com/kworthington
Google+ https://plus.google.com/+KevinWorthington/

Thank you,
Kevin
--
Kevin Worthington
kworthington *@* (gmail]  [dot} {com)
http://kevinworthington.com/
http://twitter.com/kworthington
https://plus.google.com/+KevinWorthington/

On Tue, Jan 26, 2016 at 11:31 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Changes with nginx 1.9.10                                        26 Jan
> 2016
>
>     *) Security: invalid pointer dereference might occur during DNS server
>        response processing if the "resolver" directive was used, allowing
> an
>        attacker who is able to forge UDP packets from the DNS server to
>        cause segmentation fault in a worker process (CVE-2016-0742).
>
>     *) Security: use-after-free condition might occur during CNAME response
>        processing if the "resolver" directive was used, allowing an
> attacker
>        who is able to trigger name resolution to cause segmentation fault
> in
>        a worker process, or might have potential other impact
>        (CVE-2016-0746).
>
>     *) Security: CNAME resolution was insufficiently limited if the
>        "resolver" directive was used, allowing an attacker who is able to
>        trigger arbitrary name resolution to cause excessive resource
>        consumption in worker processes (CVE-2016-0747).
>
>     *) Feature: the "auto" parameter of the "worker_cpu_affinity"
> directive.
>
>     *) Bugfix: the "proxy_protocol" parameter of the "listen" directive did
>        not work with IPv6 listen sockets.
>
>     *) Bugfix: connections to upstream servers might be cached incorrectly
>        when using the "keepalive" directive.
>
>     *) Bugfix: proxying used the HTTP method of the original request after
>        an "X-Accel-Redirect" redirection.
>
>
> --
> Maxim Dounin
> http://nginx.org/
>
> _______________________________________________
> nginx-announce mailing list
> nginx-announce at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-announce
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20160127/8679bbcb/attachment.html>

More information about the nginx mailing list