github webserver-llc/angie Angie-1.12.1
Angie 1.12.1

5 hours ago

Security: When evaluating a string expression in which unnamed capture variables ($1, $2, etc.) preceded a map directive variable whose value is determined by a regular expression, or when using a non-cacheable (volatile) map directive variable whose key contained a capture variable also used in the value of the same directive, worker process memory corruption or a worker process crash could occur (CVE-2026-42533); the fix was ported from nginx 1.31.3.

Security: When using the slice directive or background cache update, if unnamed capture variables ($1, $2, etc.) were used together with a non-cacheable (volatile) map directive variable with a regular expression, the value of an unnamed capture variable could contain arbitrary bytes from worker process memory, or a worker process crash could occur (CVE-2026-60005); the fix was ported from nginx 1.31.3.

Security: When using the SSI module with unbuffered proxying, worker process memory corruption or a worker process crash could occur (CVE-2026-56434); the fix was ported from nginx 1.31.3.

Bugfix: In certain cases when using the Metric module, metric data corruption could occur; in expire=on mode, this could also cause a worker process crash.

Bugfix: When using the least_time directive with the zone directive, proxying to such a group with all servers unavailable could cause the worker process to enter an infinite loop.

Don't miss a new angie release

NewReleases is sending notifications on new releases.