FEDORA-EPEL-2021-c64b965c33 created by heffer a year ago for Fedora EPEL 7

nginx 1.20.1 for EPEL 7


Log file ownership (potential user impact)

Note that the ownership of log files has changed to root:root and the mode changed to 700 (from 770) to address CVE-2016-1247. This should not affect general operation, as this is the default for log directories and also what httpd uses but if you use external tools to process the log files you may want to check continued operation after this update.

OpenSSL 1.1

nginx in EPEL 7 is now built against OpenSSL 1.1 to allow the use of TLSv1.3.

Default Config changes

Dropped default_server and location / directives so that it can be overridden in conf.d without needing to touch the default config. Note that the first server (as defined in the default config) and root will continue to serve the default index.html as long as no other server is defined.


nginx now handles creation of new log files to ensure correct permissions.


nginx no longer requires nginx-all-modules to allow for a leaner install.

Service start

The systemd unit will now wait for the network-online.target. Previously, start up could fail if DNS names were used for some config options (such as proxy_pass) and these names were not resolvable at service start time.

Service reload

The systemd unit now uses nginx -s to only reload the service if the configuration is valid. In previous versions an invalid configuration could take down nginx upon reload.

Please consult http://nginx.org/en/CHANGES-1.20 for all changes to nginx since the current EPEL 7 release of 1.16.1.

This update has been submitted for testing by heffer.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update's test gating status has been changed to 'waiting'.

a year ago

heffer edited this update.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update has been obsoleted by nginx-1.20.1-2.el7.

a year ago

Please login to add feedback.

Content Type
Test Gating
Unstable by Karma
Stable by Karma
Stable by Time
14 days
a year ago
in testing
a year ago
a year ago
BZ#1964821 CVE-2021-23017 nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name [epel-7]

Automated Test Results