Nginx with OpenSSL 1.1.1n
Sergey A. Osokin
osa at freebsd.org.ru
Sun Mar 27 13:58:25 UTC 2022
Hi,
On Sun, Mar 27, 2022 at 02:04:10AM -0400, sukeerthiadiga wrote:
> The Mainline version of Nginx i.e 1.12.6 has the OpenSSL version 1.1.1m and
> it is vulnerable.
That's a bit far from true. NGINX, as many other products, depends on other
open source software components, like openssl, pcre, zlib. Library of those
components are supported by an operating system vendor. I'd recommend
to contact to the vendor of a corresponding OS to get an update of a
component.
> Is there any plan to release another version of Nginx with the latest
> OpenSSL(i.e 1.1.1n)?
I don't think that such plans are available.
--
Sergey A. Osokin
More information about the nginx
mailing list