Hello!
On 08/22/2016 10:58 PM, rainer@ultra-secure.de wrote:
>
> nginx doesn't provide an auto-update mechanism that stupidly downloads
> and accepts all and everything somebody makes available under some
> spoofed address.
You can use PGP key[1] to verified the binary was correct or "injected"
or "spoofed". Anyway, nginx support auto-update mechanism using
repositories. [2]
[1] http://nginx.org/en/pgp_keys.html
[2] http://nginx.org/en/linux_packages.html
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx