ProHoster > Блог > izindaba ze-inthanethi > I-Nginx 1.30.0

I-Nginx 1.30.0

Ngemva konyaka wokuthuthukiswa, iphrojekthi ye-Nginx yamemezela ukukhishwa kwegatsha elisha elizinzile, i-1.30.0. Kwalungiswa ubuthakathaka obuyisithupha ngesikhathi kulungiselelwa le nguqulo ezinzile, ezine zazo ezazihlobene nemojuli yokucubungula amafayela emidiya kanye nezinqubo zokuqinisekisa. Ushintsho olubalulekile kwakuwukusekelwa kwe-HTTP/3 kanye ne-QUIC, manje esebhekwa njengokulungele ukukhiqizwa.

Ubungozi obulungisiwe:

  • I-CVE-2026-27654: Ukuchichima kwe-buffer lapho kucutshungulwa izicelo ze-COPY noma ze-MOVE endaweni enesiqondiso se-alias kungavumela umhlaseli ukuba aphunyuke kufolda yempande yesayithi.
  • I-CVE-2026-27784: Ifayela le-MP4 elenziwe ngendlela ekhethekile lingabangela ukuphahlazeka kwamapulatifomu angu-32-bit.
  • I-CVE-2026-27651: Kwenzeke iphutha lokuhlukanisa emsebenzini lapho kusetshenziswa izindlela zokuqinisekisa ze-CRAM-MD5 noma ze-APOP lapho kuphinde kwazanywa khona ukuqinisekiswa.
  • I-CVE-2026-28753: Ukusebenzisa amarekhodi e-PTR DNS ukufaka idatha ezicelweni ze-auth_http kanye nomyalo we-XCLIENT kuxhumo lwe-backend SMTP.
  • I-CVE-2026-28755: Ukuqedwa okuphumelelayo I-SSL-ukuxhawulana, naphezu kokuthi isitifiketi seklayenti senqatshwe yi-OCSP ehlola kumojuli yokusakaza.

Ezinye izinto ezintsha ezibalulekile:

  • Amacebo Okuqala e-HTTP (103): Iseva ingathumela ama-header esikhashana ngaphandle kokulinda ukuthi i-backend ikhiqize impendulo ngokugcwele, okusheshisa ukulayisha ikhasi.
  • Iklayenti Elibethelwe Sawubona (ECH): Isici sobumfihlo se-TLS esifihla igama lesayithi eliceliwe kubabukeli benethiwekhi.
  • Amaseshini Anamathelayo: Isiqondiso esinamathelayo ku-block ephezulu siqinisekisa ukuthi izikhathi zamakhasimende "zixhunywe" ku-"specific" iseva ingemuva.
  • I-Multipath TCP (MPTCP): Ukusekelwa kwepharamitha ye-multipath kusiqondiso sokulalela ukuthuthukisa ukubekezelela amaphutha kanye nokudluliselwa kwawo kungqimba yokuthutha.
  • Gcina Uphila: Inani elizenzakalelayo le-proxy_http_version lishintshelwe ku-1.1 futhi inhloko ye-Connection ayisathunyelwa yi-proxy.iseva, okuthuthukisa ukusetshenziswa kabusha koxhumano.
  • I-OpenSSL 4.0: Ukuhambisana nenguqulo enkulu ezayo yomtapo wolwazi we-cryptographic kuye kwaqinisekiswa.
  • i-geo-module: Isiqondiso sokufaka ngaphakathi kwe-geo block manje sisekela izinhlamvu ze-wildcard.

Source: linux.org.ru

Thenga ukusingathwa okuthembekile kwamasayithi anokuvikelwa kwe-DDoS, amaseva e-VPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekile ngokuvikelwa kwe-DDoS, amaseva e-VPS VDS | ProHoster