释放双眼,带上耳机,听听看~!
nginx 1.17.3 主线版发布,包含修复内存CPU占用过高等问题
nginx 1.17.3 2010年8月13日CHANGES *)安全性: 使用HTTP/2时,客户端可能会导致过多的内存消耗和CPU使用(CVE-2019-9511,CVE-2019-9513,CVE-2019-9516)。 *)修正: 使用gzipping 时,日志中可能会显示"zero size buf"警报; 这个bug出现在1.17.2中。 *)修正: 如果 在SMTP代理中使用“resolver”指令,则可能在工作进程中发生分段错误。
以下为原文
Changes with nginx 1.17.3 13 Aug 2019
*) Security: when using HTTP/2 a client might cause excessive memory
consumption and CPU usage (CVE-2019-9511, CVE-2019-9513,
CVE-2019-9516).
*) Bugfix: "zero size buf" alerts might appear in logs when using
gzipping; the bug had appeared in 1.17.2.
*) Bugfix: a segmentation fault might occur in a worker process if the
"resolver" directive was used in SMTP proxy.
Changes with nginx 1.17.2 23 Jul 2019
*) Change: minimum supported zlib version is 1.2.0.4.
Thanks to Ilya Leoshkevich.
*) Change: the $r->internal_redirect() embedded perl method now expects
escaped URIs.
*) Feature: it is now possible to switch to a named location using the
$r->internal_redirect() embedded perl method.
*) Bugfix: in error handling in embedded perl.
*) Bugfix: a segmentation fault might occur on start or during
reconfiguration if hash bucket size larger than 64 kilobytes was used
in the configuration.
*) Bugfix: nginx might hog CPU during unbuffered proxying and when
proxying WebSocket connections if the select, poll, or /dev/poll
methods were used.
*) Bugfix: in the ngx_http_xslt_filter_module.
*) Bugfix: in the ngx_http_ssi_filter_module.
相关链接
声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
