Update NGINX Stable v1.16.1 to latest NGINX Stable v1.18.0 for CWP & CWP PRO!
-
Hi "sandeep", do you have any news about this important update ?
Having said that, i ask you to consider from your next CWP (Control Web Panel) and CWP (Control Web Panel) PRO release, updating NGINX Stable v1.16.1 to the latest version of NGINX Stable v1.18.0 which was released on 21 April 2020.
This is the official announce and / or news link for NGINX Stable v1.18.0: http://nginx.org/
This is the official download link page for NGINX Stable v1.18.0: http://nginx.org/en/download.html
This is the official changelog link for NGINX Stable v1.18.0: http://nginx.org/en/CHANGES-1.18
Among the changes made to Nginx 1.18 that follow the numerous development versions of Nginx 1.17 for example and just to mention a few there are:
-
Variables support in more directives.
-
Security work including a CVE fix for where an HTTP/2 client might cause excessive memory consumption and CPU Usage.
-
A fix where Nginx might hog the CPU in certain conditions, among many other bug fixes.
-
OpenSSL 0.9.8 or higher is now required.
Full changelog for NGINX Stable v1.18.0 (all changes in this list are included in NGINX Stable v1.18.0) :
Changes with nginx 1.18.0 21 Apr 2020
*) 1.18.x stable branch.Changes with nginx 1.17.10 14 Apr 2020
*) Feature: the "auth_delay" directive.Changes with nginx 1.17.9 03 Mar 2020
*) Change: now nginx does not allow several "Host" request header lines. *) Bugfix: nginx ignored additional "Transfer-Encoding" request header lines. *) Bugfix: socket leak when using HTTP/2. *) Bugfix: a segmentation fault might occur in a worker process if OCSP stapling was used. *) Bugfix: in the ngx_http_mp4_module. *) Bugfix: nginx used status code 494 instead of 400 if errors with code 494 were redirected with the "error_page" directive. *) Bugfix: socket leak when using subrequests in the njs module and the "aio" directive.Changes with nginx 1.17.8 21 Jan 2020
*) Feature: variables support in the "grpc_pass" directive. *) Bugfix: a timeout might occur while handling pipelined requests in an SSL connection; the bug had appeared in 1.17.5. *) Bugfix: in the "debug_points" directive when using HTTP/2. Thanks to Daniil Bondarev.Changes with nginx 1.17.7 24 Dec 2019
*) Bugfix: a segmentation fault might occur on start or during reconfiguration if the "rewrite" directive with an empty replacement string was used in the configuration. *) Bugfix: a segmentation fault might occur in a worker process if the "break" directive was used with the "alias" directive or with the "proxy_pass" directive with a URI. *) Bugfix: the "Location" response header line might contain garbage if the request URI was rewritten to the one containing a null character. *) Bugfix: requests with bodies were handled incorrectly when returning redirections with the "error_page" directive; the bug had appeared in 0.7.12. *) Bugfix: socket leak when using HTTP/2. *) Bugfix: a timeout might occur while handling pipelined requests in an SSL connection; the bug had appeared in 1.17.5. *) Bugfix: in the ngx_http_dav_module.Changes with nginx 1.17.6 19 Nov 2019
*) Feature: the $proxy_protocol_server_addr and $proxy_protocol_server_port variables. *) Feature: the "limit_conn_dry_run" directive. *) Feature: the $limit_req_status and $limit_conn_status variables.Changes with nginx 1.17.5 22 Oct 2019
*) Feature: now nginx uses ioctl(FIONREAD), if available, to avoid reading from a fast connection for a long time. *) Bugfix: incomplete escaped characters at the end of the request URI were ignored. *) Bugfix: "/." and "/.." at the end of the request URI were not normalized. *) Bugfix: in the "merge_slashes" directive. *) Bugfix: in the "ignore_invalid_headers" directive. Thanks to Alan Kemp. *) Bugfix: nginx could not be built with MinGW-w64 gcc 8.1 or newer.Changes with nginx 1.17.4 24 Sep 2019
*) Change: better detection of incorrect client behavior in HTTP/2. *) Change: in handling of not fully read client request body when returning errors in HTTP/2. *) Bugfix: the "worker_shutdown_timeout" directive might not work when using HTTP/2. *) Bugfix: a segmentation fault might occur in a worker process when using HTTP/2 and the "proxy_request_buffering" directive. *) Bugfix: the ECONNABORTED error log level was "crit" instead of "error" on Windows when using SSL. *) Bugfix: nginx ignored extra data when using chunked transfer encoding. *) Bugfix: nginx always returned the 500 error if the "return" directive was used and an error occurred during reading client request body. *) Bugfix: in memory allocation error handling.Changes with nginx 1.17.3 13 Aug 2019
*) Security: when using HTTP/2 a client might cause excessive memory consumption and CPU usage (CVE-2019-9511, CVE-2019-9513, CVE-2019-9516). *) Bugfix: "zero size buf" alerts might appear in logs when using gzipping; the bug had appeared in 1.17.2. *) Bugfix: a segmentation fault might occur in a worker process if the "resolver" directive was used in SMTP proxy.Changes with nginx 1.17.2 23 Jul 2019
*) Change: minimum supported zlib version is 1.2.0.4. Thanks to Ilya Leoshkevich. *) Change: the $r->internal_redirect() embedded perl method now expects escaped URIs. *) Feature: it is now possible to switch to a named location using the $r->internal_redirect() embedded perl method. *) Bugfix: in error handling in embedded perl. *) Bugfix: a segmentation fault might occur on start or during reconfiguration if hash bucket size larger than 64 kilobytes was used in the configuration. *) Bugfix: nginx might hog CPU during unbuffered proxying and when proxying WebSocket connections if the select, poll, or /dev/poll methods were used. *) Bugfix: in the ngx_http_xslt_filter_module. *) Bugfix: in the ngx_http_ssi_filter_module.Changes with nginx 1.17.1 25 Jun 2019
*) Feature: the "limit_req_dry_run" directive. *) Feature: when using the "hash" directive inside the "upstream" block an empty hash key now triggers round-robin balancing. Thanks to Niklas Keller. *) Bugfix: a segmentation fault might occur in a worker process if caching was used along with the "image_filter" directive, and errors with code 415 were redirected with the "error_page" directive; the bug had appeared in 1.11.10. *) Bugfix: a segmentation fault might occur in a worker process if embedded perl was used; the bug had appeared in 1.7.3.Changes with nginx 1.17.0 21 May 2019
*) Feature: variables support in the "limit_rate" and "limit_rate_after" directives. *) Feature: variables support in the "proxy_upload_rate" and "proxy_download_rate" directives in the stream module. *) Change: minimum supported OpenSSL version is 0.9.8. *) Change: now the postpone filter is always built. *) Bugfix: the "include" directive did not work inside the "if" and "limit_except" blocks. *) Bugfix: in byte ranges processing.I know you are always very busy developing CWP but i hope you can consider this suggestion of mine which i believe would be appreciated by all users of CWP (Control Web Panel) and CWP (Control Web Panel) PRO !
Thanks in advance for the support.
-
-
As we have already indicated several times, we support all updates, we don't like to be left behind.
We teach a lot to our clients to be and keep all their systems updated, that's why it would be interesting to have CWP and all its services more updated.
-
nginx by default installed from nginx repo so running yum update will update nginx.
-
@sandeep said in Update NGINX Stable v1.16.1 to latest NGINX Stable v1.18.0 for CWP & CWP PRO!:
nginx by default installed from nginx repo so running yum update will update nginx.
Right, I just realized we already had it in the last version. Thank you!
-
@Automata This update is available in the repository, if you don't want to do the manual update, just select the Apache WebServer in CWP Admin, and it will automatically remove Nginx.
Then select any option with nginx that it will reinstall and configure the new version of Nginx.
I hope it helps
-
@gpl-one Hi and thanks for the support.
