Mercurial > hg > nginx-site
diff text/en/CHANGES-1.20 @ 2726:a7a36efd10af
nginx-1.21.0, nginx-1.20.1
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 25 May 2021 18:32:30 +0300 |
parents | caa04d53b7af |
children | cf75284a3557 |
line wrap: on
line diff
--- a/text/en/CHANGES-1.20 Tue May 25 12:53:00 2021 +0100 +++ b/text/en/CHANGES-1.20 Tue May 25 18:32:30 2021 +0300 @@ -1,4 +1,13 @@ +Changes with nginx 1.20.1 25 May 2021 + + *) Security: 1-byte memory overwrite might occur during DNS server + response processing if the "resolver" directive was used, allowing an + attacker who is able to forge UDP packets from the DNS server to + cause worker process crash or, potentially, arbitrary code execution + (CVE-2021-23017). + + Changes with nginx 1.20.0 20 Apr 2021 *) 1.20.x stable branch.