Mercurial > hg > nginx
comparison docs/xml/nginx/changes.xml @ 7380:2351853ce686 release-1.15.6
nginx-1.15.6-RELEASE
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Tue, 06 Nov 2018 16:32:08 +0300 |
| parents | f062e43d74fc |
| children | 051a039ce1c7 |
comparison
equal
deleted
inserted
replaced
| 7379:57463f4e2fcd | 7380:2351853ce686 |
|---|---|
| 1 <?xml version="1.0" ?> | 1 <?xml version="1.0" ?> |
| 2 <!DOCTYPE change_log SYSTEM "../../dtd/changes.dtd" > | 2 <!DOCTYPE change_log SYSTEM "../../dtd/changes.dtd" > |
| 3 | 3 |
| 4 | 4 |
| 5 <change_log title="nginx"> | 5 <change_log title="nginx"> |
| 6 | |
| 7 | |
| 8 <changes ver="1.15.6" date="2018-11-06"> | |
| 9 | |
| 10 <change type="security"> | |
| 11 <para lang="ru"> | |
| 12 при использовании HTTP/2 клиент мог вызвать | |
| 13 чрезмерное потреблению памяти (CVE-2018-16843) | |
| 14 и ресурсов процессора (CVE-2018-16844). | |
| 15 </para> | |
| 16 <para lang="en"> | |
| 17 when using HTTP/2 a client might cause | |
| 18 excessive memory consumption (CVE-2018-16843) | |
| 19 and CPU usage (CVE-2018-16844). | |
| 20 </para> | |
| 21 </change> | |
| 22 | |
| 23 <change type="security"> | |
| 24 <para lang="ru"> | |
| 25 при обработке специально созданного mp4-файла модулем ngx_http_mp4_module | |
| 26 содержимое памяти рабочего процесса могло быть отправлено клиенту | |
| 27 (CVE-2018-16845). | |
| 28 </para> | |
| 29 <para lang="en"> | |
| 30 processing of a specially crafted mp4 file with the ngx_http_mp4_module | |
| 31 might result in worker process memory disclosure | |
| 32 (CVE-2018-16845). | |
| 33 </para> | |
| 34 </change> | |
| 35 | |
| 36 <change type="feature"> | |
| 37 <para lang="ru"> | |
| 38 директивы proxy_socket_keepalive, fastcgi_socket_keepalive, | |
| 39 grpc_socket_keepalive, memcached_socket_keepalive, | |
| 40 scgi_socket_keepalive и uwsgi_socket_keepalive. | |
| 41 </para> | |
| 42 <para lang="en"> | |
| 43 the "proxy_socket_keepalive", "fastcgi_socket_keepalive", | |
| 44 "grpc_socket_keepalive", "memcached_socket_keepalive", | |
| 45 "scgi_socket_keepalive", and "uwsgi_socket_keepalive" directives. | |
| 46 </para> | |
| 47 </change> | |
| 48 | |
| 49 <change type="bugfix"> | |
| 50 <para lang="ru"> | |
| 51 если nginx был собран с OpenSSL 1.1.0, а использовался с OpenSSL 1.1.1, | |
| 52 протокол TLS 1.3 всегда был разрешён. | |
| 53 </para> | |
| 54 <para lang="en"> | |
| 55 if nginx was built with OpenSSL 1.1.0 and used with OpenSSL 1.1.1, | |
| 56 the TLS 1.3 protocol was always enabled. | |
| 57 </para> | |
| 58 </change> | |
| 59 | |
| 60 <change type="bugfix"> | |
| 61 <para lang="ru"> | |
| 62 при работе с gRPC-бэкендами могло расходоваться большое количество памяти. | |
| 63 </para> | |
| 64 <para lang="en"> | |
| 65 working with gRPC backends might result in excessive memory consumption. | |
| 66 </para> | |
| 67 </change> | |
| 68 | |
| 69 </changes> | |
| 6 | 70 |
| 7 | 71 |
| 8 <changes ver="1.15.5" date="2018-10-02"> | 72 <changes ver="1.15.5" date="2018-10-02"> |
| 9 | 73 |
| 10 <change type="bugfix"> | 74 <change type="bugfix"> |