openssl 1.1.1e 14095126:SSL routines:ssl3_read_n

itpp2012 nginx-forum at
Mon Mar 23 11:41:28 UTC 2020

It doesn't and there are a few more for which this doesn't work either, it
needs a lot more work and testing.
I had a new concept patch but today decided to roll back to 1.1.1d and back
port 1.1.1e (de) patches only.
Only NGX_ERROR mitigates a truncation attack, not NGX_DONE (which is open
for debate).

Posted at Nginx Forum:,287377,287426#msg-287426

More information about the nginx mailing list