stable

nginx-mainline-3520221019155610.f27b74a8

FEDORA-MODULAR-2022-2454736cf7 created by heffer 3 months ago for Fedora 35 Modular
  • Security: processing of a specially crafted mp4 file by the ngx_http_mp4_module might cause a worker process crash, worker process memory disclosure, or might have potential other impact (CVE-2022-41741, CVE-2022-41742).

  • Feature: the "$proxy_protocol_tlv_..." variables.

  • Feature: TLS session tickets encryption keys are now automatically rotated when using shared memory in the "ssl_session_cache" directive.

  • Change: the logging level of the "bad record type" SSL errors has been lowered from "crit" to "info". Thanks to Murilo Andrade.

  • Change: now when using shared memory in the "ssl_session_cache" directive the "could not allocate new session" errors are logged at the "warn" level instead of "alert" and not more often than once per second.

  • Bugfix: nginx/Windows could not be built with OpenSSL 3.0.x.

  • Bugfix: in logging of the PROXY protocol errors. Thanks to Sergey Brester.

  • Workaround: shared memory from the "ssl_session_cache" directive was spent on sessions using TLS session tickets when using TLSv1.3 with OpenSSL.

  • Workaround: timeout specified with the "ssl_session_timeout" directive did not work when using TLSv1.3 with OpenSSL or BoringSSL.

This update has been submitted for testing by heffer.

3 months ago

This update's test gating status has been changed to 'ignored'.

3 months ago

This update has been pushed to testing.

3 months ago

This update has been submitted for stable by bodhi.

3 months ago

This update has been pushed to stable.

3 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
Module
Test Gating
Settings
Unstable by Karma
-2
Stable by Karma
2
Stable by Time
7 days
Dates
submitted
3 months ago
in testing
3 months ago
in stable
3 months ago
BZ#2136192 nginx-1.23.2 is available
0
0

Automated Test Results

ignored