发布于 2016-01-27 03:25:36 | 189 次阅读 | 评论: 0 | 来源: 网友投递
这里有新鲜出炉的Nginx开发从入门到精通,程序狗速度看过来!
Nginx WEB服务器
Nginx 是一个高性能的 HTTP 和 反向代理 服务器,也是一个 IMAP/POP3/SMTP 代理服务器。 Nginx 是由 Igor Sysoev 为俄罗斯访问量第二的 Rambler.ru 站点开发的,第一个公开版本0.1.0发布于2004年10月4日。其将源代码以类BSD许可证的形式发布,因它的稳定性、丰富的功能集、示例配置文件和低系统资源的消耗而闻名。
Nginx 1.8.1 稳定版发布,同时发布 1.9.10,更新信息如下:
Changes with nginx 1.8.1 26 Jan 2016
*) Security: invalid pointer dereference might occur during DNS server
response processing if the "resolver" directive was used, allowing an
attacker who is able to forge UDP packets from the DNS server to
cause segmentation fault in a worker process (CVE-2016-0742).
*) Security: use-after-free condition might occur during CNAME response
processing if the "resolver" directive was used, allowing an attacker
who is able to trigger name resolution to cause segmentation fault in
a worker process, or might have potential other impact
(CVE-2016-0746).
*) Security: CNAME resolution was insufficiently limited if the
"resolver" directive was used, allowing an attacker who is able to
trigger arbitrary name resolution to cause excessive resource
consumption in worker processes (CVE-2016-0747).
*) Bugfix: the "proxy_protocol" parameter of the "listen" directive did
not work if not specified in the first "listen" directive for a
listen socket.
*) Bugfix: nginx might fail to start on some old Linux variants; the bug
had appeared in 1.7.11.
*) Bugfix: a segmentation fault might occur in a worker process if the
"try_files" and "alias" directives were used inside a location given
by a regular expression; the bug had appeared in 1.7.1.
*) Bugfix: the "try_files" directive inside a nested location given by a
regular expression worked incorrectly if the "alias" directive was
used in the outer location.
*) Bugfix: "header already sent" alerts might appear in logs when using
cache; the bug had appeared in 1.7.5.
*) Bugfix: a segmentation fault might occur in a worker process if
different ssl_session_cache settings were used in different virtual
servers.
*) Bugfix: the "expires" directive might not work when using variables.
*) Bugfix: if nginx was built with the ngx_http_spdy_module it was
possible to use the SPDY protocol even if the "spdy" parameter of the
"listen" directive was not specified.
1.9.10
*) Security: invalid pointer dereference might occur during DNS server
response processing if the "resolver" directive was used, allowing an
attacker who is able to forge UDP packets from the DNS server to
cause segmentation fault in a worker process (CVE-2016-0742).
*) Security: use-after-free condition might occur during CNAME response
processing if the "resolver" directive was used, allowing an attacker
who is able to trigger name resolution to cause segmentation fault in
a worker process, or might have potential other impact
(CVE-2016-0746).
*) Security: CNAME resolution was insufficiently limited if the
"resolver" directive was used, allowing an attacker who is able to
trigger arbitrary name resolution to cause excessive resource
consumption in worker processes (CVE-2016-0747).
*) Feature: the "auto" parameter of the "worker_cpu_affinity" directive.
*) Bugfix: the "proxy_protocol" parameter of the "listen" directive did
not work with IPv6 listen sockets.
*) Bugfix: connections to upstream servers might be cached incorrectly
when using the "keepalive" directive.
*) Bugfix: proxying used the HTTP method of the original request after
an "X-Accel-Redirect" redirection.
详细信息请查看:http://nginx.org/