Last month I patched NGINX Extended against the CVE-2021-23017. I was still having trouble with upgrading to anything higher than 1.19.5 though – which I wrote about back in January. I was getting to the point where I started to explore alternatives when I finally got it building properly.
There are some changes involved though as I had to drop the following modules:
If you rely on any or all of these, please don’t upgrade. Few modules had also been upgraded, namely:
- http-fancyindex to version 0.5.1
- http-modsecurity to version 1.0.2
- http-upsync to version 2.1.3
- rtmp to version 1.2.2
At the moment the latest stable build 1.20.1 is available in the mainline PPA for
groovy (last release) and
hirsute (first release). Here’s a quick recap on how to grab it:
sudo add-apt-repository ppa:hadret/nginx-mainline sudo apt-get update sudo apt-get install nginx-full
For the upcoming future the plan is simple: migrate 1.20.1 build to the stable PPA branch and prepare 1.21 in the mainline. But for that to happen I need to do some proper testing of the 1.20 builds first.