Note: This affects EPEL 7 only. Nginx is not delivered through EPEL for EL8.
Greetings,
This is a friendly heads-up that nginx will see a major version upgrade
in EPEL 7 soon.
Due to existing CVEs (most recently, CVE-2021-23017) affecting the
unmaintained 1.16 version stream I am replacing nginx 1.16.1 currently
in EPEL 7 with version 1.20.1.
To fix another CVE (CVE-2016-1247) the permissions on the log folder
/var/log/nginx have changed to root:root and mode 700.
While my testing showed that this will not break nginx logging, it may
affect applications other than nginx that access nginx log files. So
please plan accordingly if this use case applies to you.
No breaking config changes should have occurred between these versions,
but I am obviously unable to test every use case out there. So please
use the next 14 days the update will sit in epel-testing to do some
testing in your environment.
Furthermore this update is built against OpenSSL 1.1, so TLSv1.3 is now
available in nginx on EL7.
I have provided a relatively comprehensive change log in the Bodhi
update: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-c64b965c33
I appreciate your testing efforts and any feedback you can provide.
Thanks and regards,
Felix
_______________________________________________
epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/epel-devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
