freenginx-1.31.3

Maxim Dounin mdounin at mdounin.ru
Tue Jul 7 15:11:33 UTC 2026


Changes with freenginx 1.31.3                                    07 Jul 2026

    *) Feature: additional checks are now used during variable substitution,
       including during execution of the ngx_http_rewrite_module directives,
       to prevent buffer overruns in case of errors in the code.

    *) Bugfix: if the "auth_request_set" directive or regular expression
       named captures were used to change prefix variables, such as
       "$http_...", corresponding variables became empty in other parts of
       the configuration.

    *) Bugfix: changing the $limit_rate and $args variables with the
       "auth_request_set" directive or regular expression named captures
       worked incorrectly.

    *) Bugfix: in error handling in the mail proxy module.
       Thanks to Evan Hellman, Trail of Bits.

    *) Bugfix: in error handling when using gzipping.
       Thanks to Evan Hellman, Trail of Bits.

    *) Bugfix: in HTTP/3.

    *) Bugfix: a segmentation fault might occur in a worker process when
       sending very long request header lines to a gRPC backend.
       Thanks to Evan Hellman, Trail of Bits.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_charset_module was used to convert responses from UTF-8.

    *) Bugfix: in the ngx_http_perl_module.
       Thanks to Evan Hellman, Trail of Bits and Axel Mierczuk, Keith
       Hoodlet, 1Password's Off-by-1 Labs.

    *) Bugfix: in error handling when using the proxy_no_cache directive.
       Thanks to Valentin Bartenev.


-- 
Maxim Dounin
http://freenginx.org/


More information about the nginx mailing list