Changes with nginx 1.4.1 07 May 2013
*) Security: a stack-based buffer overflow might occur in a worker
process while handling a specially crafted request, potentially
resulting in arbitrary code execution (CVE-2013-2028); the bug had
appeared in 1.3.9.
Thanks to Greg MacManus, iSIGHT Partners Labs.
Changes with nginx 1.4.0 24 Apr 2013
*) Bugfix: nginx could not be built with the ngx_http_perl_module if the
–with-openssl option was used; the bug had appeared in 1.3.16.
*) Bugfix: in a request body handling in the ngx_http_perl_module; the
bug had appeared in 1.3.9.
Changes with nginx 1.2.8 02 Apr 2013
*) Bugfix: new sessions were not always stored if the “ssl_session_cache
shared” directive was used and there was no free space in shared
memory.
Thanks to Piotr Sikora.
*) Bugfix: responses might hang if subrequests were used and a DNS error
happened during subrequest processing.
Thanks to Lanshun Zhou.
*) Bugfix: in the ngx_http_mp4_module.
Thanks to Gernot Vormayr.
*) Bugfix: in backend usage accounting.