Compile yourself. I do that and can build it with any OpenSSL version I like.
Why? Centos 6 doesn’t update the packages anymore and I’m too lazy to rebuild a reverse proxy.
Eric
> On Mar 27, 2022, at 10:00, Sergey A. Osokin <osa@freebsd.org.ru> wrote:
>
> Hi,
>
>> On Sun, Mar 27, 2022 at 02:04:10AM -0400, sukeerthiadiga wrote:
>> The Mainline version of Nginx i.e 1.12.6 has the OpenSSL version 1.1.1m and
>> it is vulnerable.
>
> That's a bit far from true. NGINX, as many other products, depends on other
> open source software components, like openssl, pcre, zlib. Library of those
> components are supported by an operating system vendor. I'd recommend
> to contact to the vendor of a corresponding OS to get an update of a
> component.
>
>> Is there any plan to release another version of Nginx with the latest
>> OpenSSL(i.e 1.1.1n)?
>
> I don't think that such plans are available.
>
> --
> Sergey A. Osokin
> _______________________________________________
> nginx mailing list -- nginx@nginx.org
> To unsubscribe send an email to nginx-leave@nginx.org
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org