Nginx 1.6.1 has been released on August 5th 2014, with the following changes :
- Security: pipelined commands were not discarded after STARTTLS command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6. Thanks to Chris Boulton.
- Bugfix: the $uri variable might contain garbage when returning errors with code 400. Thanks to Sergey Bobrov.
- Bugfix: in the none parameter in the smtp_auth directive; the bug had appeared in 1.5.6. Thanks to Svyatoslav Nikolsky.
As a consequence, packages of Nginx 1.6.1 are now available for both Debian 7.0 “Wheezy” and Debian 6.0 “Squeeze” (amd64/i386).
For more details about which modules are included in the different Nginx flavors, just have to look at this document.
3 replies on “Nginx 1.6.1, for Wheezy and Squeeze”
Can we get a revision number places under /dists/ for easy knowledge if an update has happened on the mirrors or not?
Again many thanks! Great.
I hoped that this release would include the fix for: https://github.com/pagespeed/ngx_pagespeed/issues/725
Any chance that the fix will be included in the next release?