Description: When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. The issues affect nginx compiled with the ngx_http_v3_module (not compiled by default) if the "quic" option of the "listen" directive is used in a configuration file. For more information, refer to Support for QUIC and HTTP/3 https://nginx.org/en/docs/quic.html References: https://my.f5.com/manage/s/article/K000138444 https://my.f5.com/manage/s/article/K000138445 https://nginx.org/en/security_advisories.html The issue affects nginx 1.25.0 - 1.25.3. The issue is fixed in nginx 1.25.4.
Created nginx tracking bugs for this issue: Affects: epel-all [bug 2264299] Affects: fedora-all [bug 2264301] Created nginx:1.20/nginx tracking bugs for this issue: Affects: fedora-all [bug 2264302] Created nginx:mainline/nginx tracking bugs for this issue: Affects: epel-all [bug 2264300] Affects: fedora-all [bug 2264303]