Метка: http3

nginx 1.29.0 Mainline with HTTP/3 support added to EL7, EL8, EL9, EL10 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using official OpenSSL 3.5.0 with QUIC support.

Our OpenSSL 3.5.0 builds break compatibility with nginx 1.28.x and earlier versions, as they are compiled against quictls project with their own APIs. Thus, to upgrade OpenSSL QUIC libs, please use nginx >= 1.29.0.

*) Feature: support for response code 103 from proxy and gRPC backends;
the «early_hints» directive.

*) Feature: loading of secret keys from hardware tokens with OpenSSL
provider.

*) Feature: support for the «so_keepalive» parameter of the «listen»
directive on macOS.

*) Change: the logging level of SSL errors in a QUIC handshake has been
changed from «error» to «crit» for critical errors, and to «info» for
the rest; the logging level of unsupported QUIC transport parameters
has been lowered from «info» to «debug».

*) Change: the native nginx/Windows binary release is now built using
Windows SDK 10.

*) Bugfix: nginx could not be built by gcc 15 if ngx_http_v2_module or
ngx_http_v3_module modules were used.

*) Bugfix: nginx might not be built by gcc 14 or newer with -O3 -flto
optimization if ngx_http_v3_module was used.

*) Bugfixes and improvements in HTTP/3.

nginx 1.28.0 Stable with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.16.

Incorporating new features and bug fixes from the 1.27.x mainline branch — including memory usage and CPU usage optimizations in complex SSL configurations, automatic re‑resolution of hostnames in upstream groups, performance enhancements in QUIC, OCSP validation of client SSL certificates and OCSP stapling support in the stream module, variables support in the proxy_limit_rate, fastcgi_limit_rate, scgi_limit_rate, and uwsgi_limit_rate directives, the proxy_pass_trailers directive, and more.

nginx 1.27.5 Mainline with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.16.

Featuring CUBIC congestion control in QUIC connections and bugfixes in ssl_curves and ssl password files; Performance improvements and bugfixes in HTTP/3

nginx 1.27.4 Mainline with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.15.

Featuring optimized resource usage for complex SSL configurations, and with a fix for the SSL session reuse vulnerability (CVE-2025-23419).

nginx 1.26.3 Stable with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.15.

Fixed CVE-2025-23419.

nginx 1.27.3 Mainline with HTTP/3 support added to EL7, EL8, EL9 repositories. brotli compression module from Google, http2, ngx cache purge and ngx http geoip2 modules added or built-in. OpenSSL built dynamically using OpenSSL+QUIC 3.0.15.