Kusunungurwa kwebazi guru nginx 1.23.4 yakaumbwa, mukati umo kuvandudzwa kwezvinhu zvitsva zvinopfuurira. Mubazi rakagadzikana re 1.22.x, iro rinochengetwa rakafanana, chete shanduko dzine chokuita nekubviswa kwezvipembenene zvakakomba uye kukanganisa kunoitwa. Mune ramangwana, pamusana pebazi guru 1.23.x, bazi rakagadzikana 1.24 richaumbwa.
Pakati pekuchinja:
- Nekumisikidza, iyo TLSv1.3 protocol inogoneswa.
- Yambiro yave kuratidzwa kana marongero emaprotocol anoshandiswa socket yekuteerera akadhindwa.
- Kana mutengi ashandisa iyo "pipelining" modhi, zvinongedzo zvinovharwa uchimirira imwe data (inononoka kuvhara).
- Yakawedzera tsigiro yemabhayiti muchikamu ngx_http_gzip_static_module.
- Chiyero chekutema matanda chezvikanganiso zveSSL "data kureba kwakarebesa", "kurebesa kupfupi", "bad legacy version", "hapana akagovaniswa siginecha algorithms", "bad digest kureba", "kushaikwa sigalgs" achinjwa kubva ku "crit" kuenda "info" extension", "encrypted length yakarebesa", "bad urefu", "bad key update", "musanganiswa we handshake and non handshake data", "ccs yakagamuchirwa kare", "data pakati peccs nekupera", "packet urefu yakarebesa" , "yambiro yakawandisa", "rekodha idiki" uye "wakawana chimbi pamberi peccs".
- Kushanda kwenzvimbo dzechiteshi mukuraira kwekuteerera kwakagadziridzwa.
- Dambudziko rekusarudza nzvimbo isiriyo nzvimbo kana uchishandisa prefix nzvimbo yakareba kupfuura 255 mavara akagadziriswa.
- Iyo ngx_http_autoindex_module uye ngx_http_dav_module modules, pamwe neiyo inosanganisira rairo, ikozvino inotsigira asiri-ASCII mavara mumazita emafaira paWindows platform.
- Yakagadziriswa socket leak kana uchishandisa HTTP/2 uye kukanganisa_peji kuraira kutungamira 400 zvikanganiso.
Source: opennet.ru