Description: New version of NginX web server has been released recently (v.1.11.9)
- Bugfix: nginx might hog CPU when using the stream module; the bug had appeared in 1.11.5.
- Bugfix: EXTERNAL authentication mechanism in mail proxy was accepted even if it was not enabled in the configuration.
- Bugfix: a segmentation fault might occur in a worker process if the "ssl_verify_client" directive of the stream module was used.
- Bugfix: the "ssl_verify_client" directive of the stream module might not work.
- Bugfix: closing keepalive connections due to no free worker connections might be too aggressive. Thanks to Joel Cunningham.
- Bugfix: an incorrect response might be returned when using the "sendfile" directive on FreeBSD and macOS; the bug had appeared in 1.7.8.
- Bugfix: a truncated response might be stored in cache when using the "aio_write" directive.
- Bugfix: a socket leak might occur when using the "aio_write" directive.
Affected versions: v.1.11.x
Recommended action: Apply upgrade.