Read more on "Server OS Spotlight" »

Nginx 1.13.6 Patches Web Server for the Year 2038 Flaw

By Sean Michael Kerner (Send Email)
Posted October 10, 2017


Developers and organizations around the world rushed to fix the Y2K bug nearly 20 years ago as the calendar rolled over to the new millennium. There is also a similar bug that is resident in Unix/Linux systems known as the Year 2038 bug.

The latest vendor to fix its software for the 2038 bug is open-source web application server vendor nginx. The new nginx 1.13.6 release debuts on Oct. 10, fixing 11 different bugs.

"Bugfix: nginx did not support dates after the year 2038 on 32-bit platforms with 64-bit time_t," the nginx changelog noted.

While the Year 2038 issue is well known in Linux, the nginx 1.13.6 update also patches for another interesting date-related bug.

"Bugfix: in handling of dates prior to the year 1970 and after the year 10000," the nginx changelog states.

Other bugs fixed in the nginx 1.13.6 update include:


*)Bugfix: switching to the next upstream server in the stream module did not work when using the "ssl_preread" directive.

    *) Bugfix: in the ngx_http_v2_module.
       Thanks to Piotr Sikora.

    *) Bugfix: in the stream module timeouts waiting for UDP datagrams from
       upstream servers were not logged or logged at the "info" level
       instead of "error."

    *) Bugfix: when using HTTP/2 nginx might return the 400 response without
       logging the reason.

    *) Bugfix: in processing of corrupted cache files.

    *) Bugfix: cache control headers were ignored when caching errors
       intercepted by error_page.

    *) Bugfix: when using HTTP/2 client request body might be corrupted.

    *) Bugfix: in handling of client addresses when using unix domain
       sockets.

    *) Bugfix: nginx hogged CPU when using the "hash ... consistent"
       directive in the upstream block if large weights were used and all or
       most of the servers were unavailable.

The 1.13.x line of nginx first debuted on Apr.25 and has benefited from incremental feature, security and bugfixes on a monthly release cycle.

Nginx remains one of the most widely deploy web servers on the internet today. The Netcraft September 2017 web server survey reports that nginx powers 20.65 percent of all active sites on the internet today.

Sean Michael Kerner is a senior editor at ServerWatch and InternetNews.com. Follow him on Twitter @TechJournalist.

Page 1 of 1

Read more on "Server OS Spotlight" »

Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.


 

 


Thanks for your registration, follow us on our social networks to keep up-to-date