Mercurial > hg > nginx-site

comparison text/en/CHANGES @ 2898:0b7e004b5061

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-1.23.2, nginx-1.22.1
author Maxim Dounin <mdounin@mdounin.ru>
date Wed, 19 Oct 2022 11:26:47 +0300
parents 9383e934e546
children 178f55cf631a
comparison
equal deleted inserted replaced
2897:3f5e91af4a52 2898:0b7e004b5061
1
2 Changes with nginx 1.23.2 19 Oct 2022
3
4 *) Security: processing of a specially crafted mp4 file by the
5 ngx_http_mp4_module might cause a worker process crash, worker
6 process memory disclosure, or might have potential other impact
7 (CVE-2022-41741, CVE-2022-41742).
8
9 *) Feature: the "$proxy_protocol_tlv_..." variables.
10
11 *) Feature: TLS session tickets encryption keys are now automatically
12 rotated when using shared memory in the "ssl_session_cache"
13 directive.
14
15 *) Change: the logging level of the "bad record type" SSL errors has
16 been lowered from "crit" to "info".
17 Thanks to Murilo Andrade.
18
19 *) Change: now when using shared memory in the "ssl_session_cache"
20 directive the "could not allocate new session" errors are logged at
21 the "warn" level instead of "alert" and not more often than once per
22 second.
23
24 *) Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x.
25
26 *) Bugfix: in logging of the PROXY protocol errors.
27 Thanks to Sergey Brester.
28
29 *) Workaround: shared memory from the "ssl_session_cache" directive was
30 spent on sessions using TLS session tickets when using TLSv1.3 with
31 OpenSSL.
32
33 *) Workaround: timeout specified with the "ssl_session_timeout"
34 directive did not work when using TLSv1.3 with OpenSSL or BoringSSL.
35
1 36
2 Changes with nginx 1.23.1 19 Jul 2022 37 Changes with nginx 1.23.1 19 Jul 2022
3 38
4 *) Feature: memory usage optimization in configurations with SSL 39 *) Feature: memory usage optimization in configurations with SSL
5 proxying. 40 proxying.