nginx 1.29.3 Mainline with HTTP/3 support added to EL7, EL8, EL9, EL10 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using official OpenSSL 3.5.1 with QUIC support.
Our OpenSSL 3.5.4 builds break compatibility with nginx 1.28.x and earlier versions, as they are compiled against quictls project with their own APIs. Thus, to upgrade OpenSSL QUIC libs, please use nginx >= 1.29.0.
SSL: support for compressed server certificates with BoringSSL. by @pluknet in #823
HTTP CONNECT infrastructure by @arut in #935
Upstream: reset local address in case of error. by @arut in #942
SSL: $ssl_sigalg, $ssl_client_sigalg. by @pluknet in #932, initial work by @willmafh in #554
Geo: the «volatile» parameter. by @dplotnikov-f5 in #943
Inheritance control for add_header and add_trailer. by @arut in #918
OCSP: fixed invalid type for the ‘ssl_ocsp’ directive. by @roman-f5 in #938
Fixed compilation warnings on Windows after c93a0c4. by @arut in #954
Modules compatibility: increased compat section size. by @arut in #952
nginx-1.29.3 changes by @arut in #953