NGINX App Protect WAF Release 4.11
September 25, 2024
Note:
Release 4.8.1 cannot be upgraded to v4.11. You must uninstall 4.8.1 and install 4.11. Upgrade is supported for versions prior to 4.8.1.
New Feature
Supported Packages
App Protect
Alpine Linux 3.16 / Alpine Linux 3.17
- app-protect-32.5.144.0-r1.apk
Debian 11
- app-protect_32+5.144.0-1~bullseye_amd64.deb
Debian 12
- app-protect_32+5.144.0-1~bookworm_amd64.deb
Oracle Linux 8.1+
- app-protect-32+5.144.0-1.el8.ngx.x86_64.rpm
RHEL 8.1+
- app-protect-32+5.144.0-1.el8.ngx.x86_64.rpm
RHEL 9+
- app-protect-32+5.144.0-1.el9.ngx.x86_64.rpm
Ubuntu 20.04
- app-protect_32+5.144.0-1~focal_amd64.deb
Ubuntu 22.04
- app-protect_32+5.144.0-1~jammy_amd64.deb
Ubuntu 24.04
- app-protect_32+5.144.0-1~noble_amd64.deb
Resolved Issues
- 10775 Fixed - Resolved a threshold calculation in the base64 decoding mechanism.
- 11426 Fixed - Resolved log entry of an XFF header that contains more than one value.
- 11272 Fixed - Resolved an issue where, in certain instances, the original HTTP response code was shown for rejected requests.
- 5302 Fixed - The enforcer leaves an incomplete job when NGINX reloads during DNS resolution.
Important Note
- Starting from this release, CentOS 7.4, Rhel 7.4 and Amazon Linux 2 support has been deprecated.