ProHoster > Ibhulogi > iindaba ze-intanethi > nginx 1.30.0

nginx 1.30.0

Emva konyaka wophuhliso, iprojekthi yeNginx ibhengeze ukukhutshwa kwesebe elitsha elizinzileyo, i-1.30.0. Iingxaki ezintandathu zilungisiwe ngexesha lokulungiselela olu hlobo oluzinzileyo, ezine zazo zazinxulumene nemodyuli yokucubungula iifayile zemidiya kunye neenkqubo zokuqinisekisa. Utshintsho oluphambili yayikukuxhaswa kwe-HTTP/3 kunye ne-QUIC, ngoku ethathwa njengelungele imveliso.

Ubuthathaka obuzinzileyo:

  • I-CVE-2026-27654: Ukugcwala kwe-buffer xa kucutshungulwa izicelo ze-COPY okanye ze-MOVE kwindawo ene-alias directive kunokuvumela umhlaseli ukuba aphume kwi-root directory yesayithi.
  • I-CVE-2026-27784: Ifayile ye-MP4 eyenziwe ngendlela ekhethekileyo inokubangela ukuqhekeka kwamaqonga e-32-bit.
  • I-CVE-2026-27651: Kwenzeke impazamo yokwahlulahlula kwi-workflow xa kusetyenziswa iindlela zokuqinisekisa ze-CRAM-MD5 okanye ze-APOP kunye nokuzama kwakhona ukuqinisekiswa okuvuliweyo.
  • I-CVE-2026-28753: Ukusebenzisa iirekhodi ze-PTR DNS ukufaka idatha kwizicelo ze-auth_http kunye nomyalelo we-XCLIENT kuqhagamshelo lwe-backend SMTP.
  • I-CVE-2026-28755: Ukugqitywa ngempumelelo SSL-ukuxhawulana ngezandla, nangona isatifikethi somthengi singamkelwanga yi-OCSP ejonga kwimodyuli yokusasaza.

Ezinye izinto ezintsha ezibalulekileyo:

  • Iingcebiso Zasekuqaleni zeHTTP (103): Iseva ingathumela ii-headers zexeshana ngaphandle kokulinda ukuba i-backend ivelise impendulo ngokupheleleyo, nto leyo ekhawulezisa ukulayisha iphepha.
  • I-Client Hello Efihliweyo (ECH): Isici sabucala se-TLS esifihla igama lesiza esiceliweyo kubajongi benethiwekhi.
  • Iiseshoni ezincangathi: Umyalelo onamathelayo kwibhloko ephezulu uqinisekisa ukuba iiseshoni zabathengi "ziqhagamshelwe" kwindawo ethile umncedisi umva.
  • Iindlela ezininzi ze-TCP (MPTCP): Inkxaso yeparameter ye-multipath kwi-listen directive ukuphucula ukunyamezelana kweempazamo kunye nokufikelela kwi-transport layer.
  • Gcina Uphila: Ixabiso le-proxy_http_version elimiselweyo litshintshiwe laba yi-1.1 kwaye i-Connection header ayisathunyelwa yi-proxy.umncedisi, nto leyo ephucula ukusetyenziswa kwakhona konxibelelwano.
  • I-OpenSSL 4.0: Ukuhambelana nenguqulelo enkulu ezayo yelayibrari ye-cryptographic kuye kwaqinisekiswa.
  • imodyuli ye-geo: Imiyalelo equka ngaphakathi kwebhloko ye-geo ngoku ixhasa oonobumba be-wildcard.

umthombo: linux.org.ru

Thenga ukusingathwa okuthembekileyo kwiindawo ezinokhuseleko lweDDoS, iiseva zeVPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekileyo ngokhuseleko lwe-DDoS, iiseva zeVPS VDS | ProHoster