Hi there, OpenResty 1.15.8.3 is a patch release addressing recent security vulnerabilities in both the Nginx core and the ngx_http_lua module.
The (portable) source code distribution, the Win32/Win64 binary distributions, and the pre-built binary Linux packages for Ubuntu, Debian, Fedora, CentOS, RHEL, OpenSUSE, Amazon Linux are provided on this page: https://openresty.org/en/download.html We also upgraded PCRE to 8.44 and OpenSSL to 1.1.0l for our binary packages. This is the third OpenResty release based on the nginx 1.15.8 core. Acknowledgments Thanks the HackerOne team for reporting the memory content leak vulnerabilities. Thanks Thibault Charbonnier and Dejiang Zhu for helping this release. Full Changelog Complete change logs since the last (formal) release, 1.15.8.2, can be browsed in the page Change Log for 1.15.8.x: https://openresty.org/en/changelog-1015008.html Feedback Feedback on this release is more than welcome. Feel free to create new [GitHub issues](https://github.com/openresty/openresty/issues) or send emails to one of our mailing lists. The Next Release The next release will be OpenResty 1.17.8.1 based on the recent nginx 1.17.8 core and its RC1 version is already out for community testing. See https://openresty.org/en/ann-1017008001rc1.html Thanks! Best regards, Yichun _______________________________________________ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx
