Nginx 1.31.3 Released: Critical Security Patches, Socket Tuning, and Protocol Hardening

Published by

Nginx has released version 1.31.3, which includes three critical security patches addressing buffer overflows and memory leaks in specific modules, as well as ten new TCP socket buffer directives for backend tuning. This update also disables external XML entity loading by default and patches several vulnerabilities related to HTTP/3 and QUIC protocols. Developers using the mainline branch are urged to upgrade immediately, while those seeking long-term stability can wait for the upcoming stable release. Overall, this release emphasizes security and performance tuning, reflecting the increasing complexity of backend architectures



Nginx 1.31.3 Released: Critical Security Patches, Socket Tuning, and Protocol Hardening

Nginx 1.31.3 has landed in the mainline branch with three critical security patches targeting buffer overflows and memory leaks in the map, slice, and SSI modules. The update introduces ten new TCP socket buffer directives for granular backend tuning and caps HTTP/2 trailer sizes to prevent unbounded memory allocation. This release also disables external XML entity loading by default and patches several HTTP/3 and QUIC protocol vulnerabilities tracked across the 1.31.x cycle. Developers running the mainline branch should upgrade immediately, while those prioritizing long-term stability can wait for the upcoming 1.32.x stable release.

Nginx 1.31.3 Released: Critical Security Patches, Socket Tuning, and Protocol Hardening @ Linux Compatible