Mercurial > hg > nginx-site

diff text/en/CHANGES @ 2416:eecb26e2c4ab

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx-1.17.3, nginx-1.16.1
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 13 Aug 2019 20:00:02 +0300
parents 3bc28d88f34e
children c1acbe5e1222
line wrap: on
line diff
--- a/text/en/CHANGES	Tue Aug 13 19:01:32 2019 +0300
+++ b/text/en/CHANGES	Tue Aug 13 20:00:02 2019 +0300
@@ -1,4 +1,17 @@
 
+Changes with nginx 1.17.3                                        13 Aug 2019
+
+    *) Security: when using HTTP/2 a client might cause excessive memory
+       consumption and CPU usage (CVE-2019-9511, CVE-2019-9513,
+       CVE-2019-9516).
+
+    *) Bugfix: "zero size buf" alerts might appear in logs when using
+       gzipping; the bug had appeared in 1.17.2.
+
+    *) Bugfix: a segmentation fault might occur in a worker process if the
+       "resolver" directive was used in SMTP proxy.
+
+
 Changes with nginx 1.17.2                                        23 Jul 2019
 
     *) Change: minimum supported zlib version is 1.2.0.4.