nginx

nginx/nginx last check 2026-06-18 16:06 UTC 25 releases recent

Notes

no notes yet

Release notes

v-1.31.1

nginx-1.31.1 mainline version has been released, with a fix for buffer overflow vulnerability in the ngx_http_rewrite_module (CVE-2026-9256).

See official CHANGES on nginx.org.

Below is a release summary generated by GitHub.

What's Changed

Fix the set-creation-date.yaml workflow by @ac000 in https://github.com/nginx/nginx/pull/1353
Mp4: avoid adding or comparing to null pointer by @arut in https://github.com/nginx/nginx/pull/1360
HTTP/2: limit Content-Type and Location response header length by @arut in https://github.com/nginx/nginx/pull/1359
Mail error path fixes by @arut in https://github.com/nginx/nginx/pull/1358
Rewrite: harden escape flags control by @arut in https://github.com/nginx/nginx/pull/1381
Rewrite: fix buffer overflow with overlapping captures by @arut in https://github.com/nginx/nginx/pull/1395
nginx-1.31.1-RELEASE by @pluknet in https://github.com/nginx/nginx/pull/1396

Full Changelog: https://github.com/nginx/nginx/compare/release-1.31.0...release-1.31.1