NGINX 1.27.0 Mainline with Brotli, TLS 1.3, OpenSSL 3.0.13, HTTP/2 and HTTP/3 for Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

1.27.0 Mainline with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.13.

NGINX 1.26.1 Stable with Brotli, TLS 1.3, OpenSSL 3.0.13, HTTP/2 and HTTP/3 for Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

1.26.1 Stable with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.13.

nghttp2 1.62.1 released

nghttp2 1.62.1 rpms released and added to EL7, EL8 and EL9 platforms.

At the same time please note that we already build nghttp2 for EL7 and EL8 since 1.61.0 with patches that allow c-ares 1.10 usage, as c-ares 1.16 is the minimum supported version.

nghttp2 requires C++-20 and is built with GCC 13 on EL8 and EL9.

UPD. EL7 platform is built with clang 15.

nghttp2 1.62.0 released

nghttp2 1.62.0 rpms released and added to EL8 and EL9 platforms.

EL7 platform is excluded as GCC 13 is minimum supported version.

At the same time please note that we already build nghttp2 for EL7 and EL8 since 1.61.0 with patches that allow c-ares 1.10 usage, as c-ares 1.16 is the minimum supported version.

nghttp2 requires C++-20 and is built with GCC 13 on EL8 and EL9.

NGINX 1.26.0 Stable with Brotli, TLS 1.3, OpenSSL 3.0.13, HTTP/2 and HTTP/3 for Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

1.26.0 Stable with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.13.

NGINX 1.25.5 Mainline with Brotli, TLS 1.3, OpenSSL 3.0.13, HTTP/2 and HTTP/3 for Red Hat Enterprise Linux, CentOS, Rocky, Oracle, Alma Linux EL7/EL8/EL9

NGINX 1.25.5 mainline with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.13.

Apache httpd 2.4.59 with brotli support, TLS 1.3, OpenSSL 3.0.13 with http2, mod_http2 2.0.27 and ALPN for Red Hat Enterprise Linux 7/8/9, CentOS 7, Alma Linux 8/9, Rocky Linux 8/9

Apache httpd 2.4.59-1 with brotli compression library from Google, TLS 1.3, http2 (HTTP/2) support for Red Hat Enterprise Linux and CentOS 7/8, Alma Linux 8/9, Rocky Linux 8/9 added to repository. mod_http2 2.0.13 and mod_ssl are built dynamically against OpenSSL 3.0.11. Important fix: CVE-2024-27316 We build OpenSSL+QUIC 3.0.11 separately since v2.4.56-2, installing it separately to /lib64 with .so.81.3 suffix to ensure it won’t interfere with your system libraries. You can safely delete openssl111* packages. On EL8 and EL9 please enable httpd module:

dnf module enable httpd:codeit

Since 2.4.33 we added brotli compression library. Since 2.4.35 release we start building Apache httpd against OpenSSL 1.1.1*. Since 2.4.37 release TLS 1.3 final version (not to be confused with any draft versions) is supported and enabled by default. Please note that TLS 1.3 final version is supported in Chrome 70+ and Mozilla Firefox 63+. brotli support is already included in base RPM file. All you need is to add filters like

AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/javascript

nghttp2 1.62.0 released for EL8, EL9

nghttp2 1.62.0 rpms released and added to EL8 and EL9 platforms.

EL7 platform is excluded as GCC 13 is minimum supported version.

At the same time please note that we already build nghttp2 for EL7 and EL8 since 1.61.0 with patches that allow c-ares 1.10 usage, as c-ares 1.16 is the minimum supported version.

nghttp2 requires C++-20 and is built with GCC 13 on EL8 and EL9.

nghttp2 1.60.0 released

nghttp2 1.60.0 rpms released and added to all supported platforms

makerelease.sh: Speed up git submodule by @tatsuhiro-t in #2043
Speed up git clone by @tatsuhiro-t in #2044
build(deps): bump actions/cache from 3 to 4 by @dependabot in #2046
Fixing the build and install trees by @anthonyalayo in #2051
build(deps): bump microsoft/setup-msbuild from 1 to 2 by @dependabot in #2052
nghttpx: Set ocsp response to SSL in case of boringssl by @tatsuhiro-t in #2055
Run with python3 by @tatsuhiro-t in #2054
src: Certificate Compression with boringssl by @tatsuhiro-t in #2056
Fix missing newline by @tatsuhiro-t in #2057
Switch to aws lc by @tatsuhiro-t in #2058
Libbrotli fixup by @tatsuhiro-t in #2059
Deprecate RFC 7540 priorities (aka stream dependencies) by @tatsuhiro-t in #2060
Let dependabot manage go modules by @tatsuhiro-t in #2061
build(deps): bump golang.org/x/net from 0.20.0 to 0.21.0 by @dependabot in #2062
integration-tests: Omit unused parameters by @tatsuhiro-t in #2065
Munit by @tatsuhiro-t in #2064
Introduce nghttp2_ssize API by @tatsuhiro-t in #2066
Move deprecated warning upfront by @tatsuhiro-t in #2067
Describe RFC 7540 priorities deprecation plan by @tatsuhiro-t in #2068
Apps migrate nghttp2 ssize by @tatsuhiro-t in #2069
src: Remove unused functions by @tatsuhiro-t in #2070
Reconsider ssize t usage in src by @tatsuhiro-t in #2071
Use GitHub private vulnerability reporting by @tatsuhiro-t in #2072
Move security policy to GitHub standard location by @tatsuhiro-t in #2073
Bump mruby to 3.3.0 by @tatsuhiro-t in #2074
Bump llhttp to 48588093ca4219b5f689acfc9ebea9e4c8c37663 by @tatsuhiro-t in #2075
h2load: Add —sni option by @tatsuhiro-t in #2076
Bump ngtcp2 dependencies by @tatsuhiro-t in #2077
mruby: Adopt deprecation of mrbc_ prefix by @tatsuhiro-t in #2078
neverbleed: Define _GNU_SOURCE for pthread_setaffinity_np by @tatsuhiro-t in #2079
bpf: Pre-expand aes key by @tatsuhiro-t in #2080
mruby: Exclude mrdb gem which causes nghttpx to crash by @tatsuhiro-t in #2081
nghttpx: Reuse EVP_CIPHER_CTX for QUIC connection ID encryption by @tatsuhiro-t in #2082
Run apt-get update before install by @tatsuhiro-t in #2083
src: Deal with the case that send_quantum < max_udp_payload_size by @tatsuhiro-t in #2084
nghttpx: Remove SHRPX_QUIC_MAX_UDP_PAYLOAD_SIZE by @tatsuhiro-t in #2085
Fix build when AI_NUMERICSERV is undefined by @barracuda156 in #2086