Change8

release-1.31.2

📦 nginxView on GitHub →
3 features🐛 4 fixes🔧 6 symbols

Summary

Nginx 1.31.2 mainline release includes critical security fixes for HTTP/2 proxy, gRPC, HTTP/3, and charset modules, alongside performance improvements and new variables.

Migration Steps

  1. No specific migration steps required based on the provided notes, primarily security fixes and enhancements.

✨ New Features

  • Use SipHash to speed up $request_id generation.
  • Add $ssl_sigalgs variable for SSL.
  • Improved calculation of range boundaries for split clients.

🐛 Bug Fixes

  • Fixed handle vsnprintf return value in Xslt module.
  • Fixed secure link hash comparison to be in constant time.
  • Fixed "request_length" format length in access log.
  • Fixed security vulnerabilities: use-after-free in ngx_http_v3_module (CVE-2026-42530), buffer overflow in ngx_http_proxy_v2_module and ngx_http_grpc_module (CVE-2026-42055), and buffer overread in ngx_http_charset_module (CVE-2026-48142).

Affected Symbols