|バージョン||1.15.6 1.15.5 1.15.4 1.15.3 1.15.2 1.15.1 1.15.0 1.13.12 1.13.11 1.13.10 1.13.9|
|種別||フリーソフト / オープンソース(その他)|
2018/11/07 ver 1.15.6
Changes with nginx 1.15.6 06 Nov 2018
*) Security: when using HTTP/2 a client might cause excessive memory
consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).
*) Security: processing of a specially crafted mp4 file with the
ngx_http_mp4_module might result in worker process memory disclosure
*) Feature: the "proxy_socket_keepalive", "fastcgi_socket_keepalive",
"scgi_socket_keepalive", and "uwsgi_socket_keepalive" directives.
*) Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL
1.1.1, the TLS 1.3 protocol was always enabled.
*) Bugfix: working with gRPC backends might result in excessive memory
2018/10/03 ver 1.15.5
Changes with nginx 1.15.5 02 Oct 2018
*) Bugfix: a segmentation fault might occur in a worker process when
using OpenSSL 1.1.0h or newer; the bug had appeared in 1.15.4.
*) Bugfix: of minor potential bugs.
2018/09/26 ver 1.15.4
Changes with nginx 1.15.4 25 Sep 2018
*) Feature: now the "ssl_early_data" directive can be used with OpenSSL.
*) Bugfix: in the ngx_http_uwsgi_module.
Thanks to Chris Caputo.
*) Bugfix: connections with some gRPC backends might not be cached when
using the "keepalive" directive.
*) Bugfix: a socket leak might occur when using the "error_page"
directive to redirect early request processing errors, notably errors
with code 400.
*) Bugfix: the "return" directive did not change the response code when
returning errors if the request was redirected by the "error_page"
*) Bugfix: standard error pages and responses of the
ngx_http_autoindex_module module used the "bgcolor" attribute, and
might be displayed incorrectly when using custom color settings in
Thanks to Nova DasSarma.
*) Change: the logging level of the "no suitable key share" and "no
suitable signature algorithm" SSL errors has been lowered from "crit"
2018/08/29 ver 1.15.3
Changes with nginx 1.15.3 28 Aug 2018
*) Feature: now TLSv1.3 can be used with BoringSSL.
*) Feature: the "ssl_early_data" directive, currently available with
*) Feature: the "keepalive_timeout" and "keepalive_requests" directives
in the "upstream" block.
*) Bugfix: the ngx_http_dav_module did not truncate destination file
when copying a file over an existing one with the COPY method.
*) Bugfix: the ngx_http_dav_module used zero access rights on the
destination file and did not preserve file modification time when
moving a file between different file systems with the MOVE method.
*) Bugfix: the ngx_http_dav_module used default access rights when
copying a file with the COPY method.
*) Workaround: some clients might not work when using HTTP/2; the bug
had appeared in 1.13.5.
*) Bugfix: nginx could not be built with LibreSSL 2.8.0.
2018/07/25 ver 1.15.2
Changes with nginx 1.15.2 24 Jul 2018
*) Feature: the $ssl_preread_protocol variable in the
*) Feature: now when using the "reset_timedout_connection" directive
nginx will reset connections being closed with the 444 code.
*) Change: a logging level of the "http request", "https proxy request",
"unsupported protocol", and "version too low" SSL errors has been
lowered from "crit" to "info".
*) Bugfix: DNS requests were not resent if initial sending of a request
*) Bugfix: the "reuseport" parameter of the "listen" directive was
ignored if the number of worker processes was specified after the
*) Bugfix: when using OpenSSL 1.1.0 or newer it was not possible to
switch off "ssl_prefer_server_ciphers" in a virtual server if it was
switched on in the default server.
*) Bugfix: SSL session reuse with upstream servers did not work with the
TLS 1.3 protocol.
2018/07/04 ver 1.15.1
Changes with nginx 1.15.1 03 Jul 2018
*) Feature: the "random" directive inside the "upstream" block.
*) Feature: improved performance when using the "hash" and "ip_hash"
directives with the "zone" directive.
*) Feature: the "reuseport" parameter of the "listen" directive now uses
SO_REUSEPORT_LB on FreeBSD 12.
*) Bugfix: HTTP/2 server push did not work if SSL was terminated by a
proxy server in front of nginx.
*) Bugfix: the "tcp_nopush" directive was always used on backend
*) Bugfix: sending a disk-buffered request body to a gRPC backend might
2018/06/05 ver 1.15.0
Changes with nginx 1.15.0 05 Jun 2018
*) Change: the "ssl" directive is deprecated; the "ssl" parameter of the
"listen" directive should be used instead.
*) Change: now nginx detects missing SSL certificates during
configuration testing when using the "ssl" parameter of the "listen"
*) Feature: now the stream module can handle multiple incoming UDP
datagrams from a client within a single session.
*) Bugfix: it was possible to specify an incorrect response code in the
*) Bugfix: nginx could not be built by gcc 8.1.
*) Bugfix: logging to syslog stopped on local IP address changes.
*) Bugfix: nginx could not be built by clang with CUDA SDK installed;
the bug had appeared in 1.13.8.
*) Bugfix: "getsockopt(TCP_FASTOPEN) ... failed" messages might appear
in logs during binary upgrade when using unix domain listen sockets
*) Bugfix: nginx could not be built on Fedora 28 Linux.
*) Bugfix: request processing rate might exceed configured rate when
2018/04/10 ver 1.13.12
Changes with nginx 1.13.12 10 Apr 2018
*) Bugfix: connections with gRPC backends might be closed unexpectedly
when returning a large response.
2018/04/04 ver 1.13.11
Changes with nginx 1.13.11 03 Apr 2018
*) Feature: the "proxy_protocol" parameter of the "listen" directive now
supports the PROXY protocol version 2.
*) Bugfix: nginx could not be built with OpenSSL 1.1.1 statically on
*) Bugfix: in the "http_404", "http_500", etc. parameters of the
2018/03/21 ver 1.13.10
Changes with nginx 1.13.10 20 Mar 2018
*) Feature: the "set" parameter of the "include" SSI directive now
allows writing arbitrary responses to a variable; the
"subrequest_output_buffer_size" directive defines maximum response
*) Feature: now nginx uses clock_gettime(CLOCK_MONOTONIC) if available,
to avoid timeouts being incorrectly triggered on system time changes.
*) Feature: the "escape=none" parameter of the "log_format" directive.
Thanks to Johannes Baiter and Calin Don.
*) Feature: the $ssl_preread_alpn_protocols variable in the
*) Feature: the ngx_http_grpc_module.
*) Bugfix: in memory allocation error handling in the "geo" directive.
*) Bugfix: when using variables in the "auth_basic_user_file" directive
a null character might appear in logs.
Thanks to Vadim Filimonov.
2018/02/21 ver 1.13.9
Changes with nginx 1.13.9 20 Feb 2018
*) Feature: HTTP/2 server push support; the "http2_push" and
*) Bugfix: "header already sent" alerts might appear in logs when using
cache; the bug had appeared in 1.9.13.
*) Bugfix: a segmentation fault might occur in a worker process if the
"ssl_verify_client" directive was used and no SSL certificate was
specified in a virtual server.
*) Bugfix: in the ngx_http_v2_module.
*) Bugfix: in the ngx_http_dav_module.