Kutulutsidwa kwa nthambi yayikulu ya nginx 1.29.4 kwasindikizidwa, momwe chitukuko cha zinthu zatsopano chikupitilira. Mofananamo, nthambi yokhazikika 1.28.x imathandizidwa, kusintha kokha kokhudzana ndi kuthetsa zolakwika zazikulu ndi zofooka zimapangidwa. M'tsogolomu, nthambi yokhazikika 1.29 idzakhazikitsidwa pamaziko a nthambi yaikulu 1.30.x. Khodi ya projekitiyo imalembedwa mu C ndipo imagawidwa pansi pa layisensi ya BSD.
M'kutulutsa kwatsopano:
- The ngx_http_proxy module tsopano imathandizira HTTP/2 protocol, kukulolani kuti mugwiritse ntchito HTTP/2 mukalowa kumbuyo.
- Thandizo lowonjezera la ECH (Encrypted ClientHello) TLS extension, kusinthika kwa ESNI (Encrypted Server Name Indication) yomwe imagwiritsidwa ntchito kubisa zambiri za magawo a TLS, monga dzina lachidziwitso lofunsidwa. Kusiyana kwakukulu pakati pa ECH ndi ESNI ndikuti ECH imasunga uthenga wonse wa ClientHello TLS m'malo mobisa magawo amodzi. Izi zimathandiza kuletsa kutayikira kudzera m'magawo omwe sanaphimbidwe ndi ESNI, monga gawo la PSK (Pre-Shared Key). ECH imayatsidwa mwa kutchula "ssl_ech_file" malangizo mu fayilo ya ECHConfig mumtundu wa PEM. Thandizo limapezeka mukamagwiritsa ntchito OpenSSL kumanga ndi ECH.
- Malamulo owunikira wolandila ndi doko pamawu opempha, mutu wa "Host", ndi mutu wabodza wa ":authority" asinthidwa malinga ndi zofunikira za RFC 3986.
- Kutchula munthu wa mzere watsopano monga momwe amatsatirira zopempha zingapo kapena m'bungwe loyankhira tsopano zikuwoneka ngati zolakwika.
- Kukonza ngozi mukamagwiritsa ntchito HTTP/3 ndi OpenSSL 3.5.1+.
- Kukonza ngozi yomwe ingachitike ngati try_files ndi proxy_pass malangizo aperekedwa nthawi imodzi ndi URI.
Source: opennet.ru
