OpenResty 1.19.3.2 Released

We just updated our Dockerfile to set the latest OpenResty Version

OpenResty 1.19.3.2 is a patch release addressing a security vulnerability in the NGINX resolver that may allow an attacker who is able to forge UDP packets from the specified DNS server to cause a 1-byte memory overwrite, resulting in a worker process crash or other unspecified impact. (CVE-2021-23017)

NGINX cores from 0.6.18 to 1.20.0 (included) are affected by this issue. If you are using resolver directive with any previous OpenResty release, upgrade to 1.19.3.2.

This is the second OpenResty release based on the nginx 1.19.3 core.

Version highlights

  • Upgraded openssl to 1.1.1k for Win32/Win64.
  • Applied the patch for security advisory to NGINX cores >= 0.6.18 and <= 1.20.0 (CVE-2021-23017).

Full Change logs

Complete change logs since the last (formal) release, 1.17.8.2, can be browsed in the page Change Log for 1.19.3.x.


Leave a comment