1. Repository Packages Updated to 1.7.4 Release

    A bug in nginx SMTP proxy was found, which allows an attacker in a privileged network position to inject commands into SSL sessions started with the STARTTLS command, potentially making it possible to steal sensitive information sent by clients (CVE-2014-3556).

    New feature:
    • nginx can be build with BoringSSL and LibreSSL
    MattW likes this.
  2. Repository Packages Updated to 1.7.1 Release

    New features:
    • "$upstream_cookie_..." variables
    • $ssl_client_fingerprint variable
    • "error_log" and "access_log" directives now support logging to syslog
    • mail proxy now logs client port on connect
    We enhanced the package PCRE-JIT performance with the new system based PCRE 8.35 library, available as yum update into AXIVO repository:
    # yum --enablerepo=axivo -q list pcre
    Installed Packages
    pcre.x86_64   8.35-1.el6...
  3. Repository Packages Updated to 1.7.0 Release

    New features:
    • backend SSL certificate verification
    • support for SNI while working with SSL backends
    • $ssl_server_name variable
    • "if" parameter of the "access_log" directive