Compile yourself. I do that and can build it with any OpenSSL version I like.
Why? Centos 6 doesn’t update the packages anymore and I’m too lazy to rebuild a reverse proxy. Eric > On Mar 27, 2022, at 10:00, Sergey A. Osokin <o...@freebsd.org.ru> wrote: > > Hi, > >> On Sun, Mar 27, 2022 at 02:04:10AM -0400, sukeerthiadiga wrote: >> The Mainline version of Nginx i.e 1.12.6 has the OpenSSL version 1.1.1m and >> it is vulnerable. > > That's a bit far from true. NGINX, as many other products, depends on other > open source software components, like openssl, pcre, zlib. Library of those > components are supported by an operating system vendor. I'd recommend > to contact to the vendor of a corresponding OS to get an update of a > component. > >> Is there any plan to release another version of Nginx with the latest >> OpenSSL(i.e 1.1.1n)? > > I don't think that such plans are available. > > -- > Sergey A. Osokin > _______________________________________________ > nginx mailing list -- nginx@nginx.org > To unsubscribe send an email to nginx-le...@nginx.org _______________________________________________ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
