Nginx 1.29.1 has been officially released, featuring important updates and a security fix for a vulnerability identified in the ngx_mail_smtp_module (CVE-2025-53859). This version addresses several key areas, including the PCRE license, QUIC support, OpenSSL compatibility, kqueue build enhancements, and improvements related to HTTP/2 and HTTP/3 protocols.
Key changes in this release include:
- A fix for the PCRE license issue for Win32 zip files.
- Adjustments made to the QUIC API feature test for OpenSSL 3.5.
- Corrections to the OPENSSL_VERSION_NUMBER for compatibility with OpenSSL 3.0.
- Various fixes to the kqueue build process.
- Improvements to how HTTP/3 handles prefixed integers and authority headers.
- Enhancements to HTTP/2, including better flushing of early hints and resolution of inconsistencies between ":authority" and "Host" headers.
- Implementation of certificate compression.
- A fix for a file descriptor leak in the Auth basic module during memory allocation errors.
- Additional fixes to the SMTP module.
For more comprehensive details, users can refer to the official changelog available on nginx.org.
Furthermore, Nginx continues to evolve, with ongoing contributions from the community that enhance security, performance, and functionality. Users are encouraged to keep their installations updated to benefit from the latest features and security improvements. As internet protocols and security standards evolve, Nginx aims to maintain its reputation as a robust and reliable web server solution, making it essential for developers and system administrators to stay informed about updates like 1.29.1
Key changes in this release include:
- A fix for the PCRE license issue for Win32 zip files.
- Adjustments made to the QUIC API feature test for OpenSSL 3.5.
- Corrections to the OPENSSL_VERSION_NUMBER for compatibility with OpenSSL 3.0.
- Various fixes to the kqueue build process.
- Improvements to how HTTP/3 handles prefixed integers and authority headers.
- Enhancements to HTTP/2, including better flushing of early hints and resolution of inconsistencies between ":authority" and "Host" headers.
- Implementation of certificate compression.
- A fix for a file descriptor leak in the Auth basic module during memory allocation errors.
- Additional fixes to the SMTP module.
For more comprehensive details, users can refer to the official changelog available on nginx.org.
Furthermore, Nginx continues to evolve, with ongoing contributions from the community that enhance security, performance, and functionality. Users are encouraged to keep their installations updated to benefit from the latest features and security improvements. As internet protocols and security standards evolve, Nginx aims to maintain its reputation as a robust and reliable web server solution, making it essential for developers and system administrators to stay informed about updates like 1.29.1
Nginx 1.29.1 released
Nginx 1.29.1 has been released and incorporates a security fix addressing a vulnerability in the ngx_mail_smtp_module. The release encompasses updates addressing the PCRE license, QUIC, OPENSSL_VERSION_NUMBER, kqueue build, HTTP/3, HTTP/2, certificate compression, Auth basic, and the SMTP module.
