Angie and Angie PRO Receive Update 1.8.2#
Version 1.8.2 of the Angie web server and its commercial version Angie PRO has been released, including important security fixes as well as a number of other fixes.
We have updated the open-source web server Angie and its commercial version Angie PRO to version 1.8.2.
First, the new version includes a ported fix for the vulnerability CVE-2025-23419, recently released as part of nginx 1.27.4. The vulnerability arose from the reuse of a TLS session in a virtual host different from where it was created, allowing bypass of client TLS certificate validation. This occurred when multiple virtual hosts had different client certificate validation settings with session resumption enabled or when using session caching.
Additionally, the update fixes issues with HTTP/3 protocol statistics counting and API request handling, as well as an error in processing domain names via the ACME protocol and worker process crashes when using active health checks in the stream module.
For more details about the update, see the links:
