# Angie and Angie PRO Receive Update 1.8.2

*13.02.2025*

Version 1.8.2 of the Angie web server and its commercial version Angie PRO
has been released, including important security fixes as well as a number of
other fixes.

We have updated the open-source web server Angie and its commercial version
Angie PRO to version 1.8.2.

First, the new version includes a ported fix for the vulnerability [CVE-2025-23419](https://www.cve.org/CVERecord?id=CVE-2025-23419), recently released as part
of nginx 1.27.4. The vulnerability arose from the reuse of a TLS session in a
virtual host different from where it was created, allowing bypass of client TLS
certificate validation. This occurred when multiple virtual hosts had different
client certificate validation settings with session resumption enabled or when
using session caching.

Additionally, the update fixes issues with HTTP/3 protocol statistics counting
and API request handling, as well as an error in processing domain names via the
ACME protocol and worker process crashes when using active health probes in the
stream module.

For more details about the update, see the links:

- [Changes in Angie 1.8.2](https://en.angie.software/angie/docs/oss_changes/#angie-1-8-2)
- [Changes in Angie PRO 1.8.2](https://en.angie.software/angie/docs/pro_changes/#angie-pro-1-8-2)