webserver-llc/angie Angie-1.8.2

Angie 1.8.2

on GitHub

Security: Insufficient validation while handling virtual servers with TLSv1.3 SNI allowed SSL sessions to be reused in a different virtual server, bypassing client SSL certificate verification (CVE-2025-23419); the fix was ported from nginx 1.27.4.

Bugfix: API requests to retrieve statistic values from an individual zone, which was set via variables, could cause a worker process to enter an infinite loop.

Bugfix: HTTP/3 requests were not counted in zone statistics; the bug had appeared in 1.8.0.

Bugfix: TLS handshakes using QUIC protocol were not counted in SSL statistics.

Bugfix: Certificate renewal via the ACME protocol could fail for server names prefixed with a dot in the server_name directive.