Published The release of the main branch nginx 1.29.2, in which the development of new features continues. The parallel supported stable branch 1.28.x contains only changes related to the elimination of serious bugs and vulnerabilities. In the future, based on the main branch 1.29.x, a stable branch 1.30 will be formed. The project code is written in C and distributed under the BSD license.
In new release:
- Added the ability to build with the AWS-LC cryptographic library developed by Amazon.
- The problem when working with the “ssl_protocols” directive with a virtual server other than the default server has been resolved. The issue occurred when using OpenSSL 1.1.1 and later releases.
- Fixed a failure to negotiate TLSv1.3 connections in configurations with OpenSSL and client certificates. The crash occurred when resuming the session with a different SNI value.
- Fixed a bug that led to the output of the message “ignoring stale global SSL error” when using the QUIC protocol and the “ssl_reject_handshake” directive.
- Fixed problem when processing values over time in the HTTP header returned by the backend “Cache-Control“.
- Improved use of xtext encoding in the command XCLIENT.
- The problem with caching TLS certificates during reconfiguration has been fixed.
Additionally, you can note the publication of the release of the project FreeNginx 1.29.2, which develops a fork Nginx. The fork is being developed by Maxim Dunin, one of the key Nginx developers. FreeNginx is positioned as a non-profit project that provides development of the Nginx code base without corporate intervention. FreeNginx code continues to be released under the BSD license. Among the changes in FreeNginx 1.29.2 there is the addition of support ECH (Encrypted Client) TLS extension Hello).