1.25.4

Binaries

• nginx-*-i686.exe: 32-bit nginx
• nginx-*-i686-debug.exe: 32-bit nginx with debugging log and symbols
• nginx-slim-*-i686.exe: 32-bit nginx without openssl
• nginx-*-x86_64.exe: 64-bit nginx
• nginx-*-x86_64-debug.exe: 64-bit nginx with debugging log and symbols
• nginx-slim-*-x86_64.exe: 64-bit nginx without openssl

Sources

• nginx 1.25.4 (nginx/nginx@c8b288c)
• zlib 1.3.1 (madler/zlib@51b7f2a)
• pcre2-10.42 (PCRE2Project/pcre2@52c0884)
• openssl 1.1.1t

Nginx changelog

Changes with nginx 1.25.4                                        14 Feb 2024

    *) Security: when using HTTP/3 a segmentation fault might occur in a
       worker process while processing a specially crafted QUIC session
       (CVE-2024-24989, CVE-2024-24990).

    *) Bugfix: connections with pending AIO operations might be closed
       prematurely during graceful shutdown of old worker processes.

    *) Bugfix: socket leak alerts no longer logged when fast shutdown was
       requested after graceful shutdown of old worker processes.

    *) Bugfix: a socket descriptor error, a socket leak, or a segmentation
       fault in a worker process (for SSL proxying) might occur if AIO was
       used in a subrequest.

    *) Bugfix: a segmentation fault might occur in a worker process if SSL
       proxying was used along with the "image_filter" directive and errors
       with code 415 were redirected with the "error_page" directive.

    *) Bugfixes and improvements in HTTP/3.