NGINX Extended 1.20.1 update

Last month I patched NGINX Extended against the CVE-2021-23017. I was still having trouble with upgrading to anything higher than 1.19.5 though – which I wrote about back in January. I was getting to the point where I started to explore alternatives when I finally got it building properly.

There are some changes involved though as I had to drop the following modules:

• http-upstream-check
• http-upstream-fair
• nchan

If you rely on any or all of these, please don’t upgrade. Few modules had also been upgraded, namely:

• http-fancyindex to version 0.5.1
• http-modsecurity to version 1.0.2
• http-upsync to version 2.1.3
• rtmp to version 1.2.2

At the moment the latest stable build 1.20.1 is available in the mainline PPA for bionic, focal, groovy (last release) and hirsute (first release). Here’s a quick recap on how to grab it:

sudo add-apt-repository ppa:hadret/nginx-mainline
sudo apt-get update
sudo apt-get install nginx-full

For the upcoming future the plan is simple: migrate 1.20.1 build to the stable PPA branch and prepare 1.21 in the mainline. But for that to happen I need to do some proper testing of the 1.20 builds first.