Following our core refresh last month, we have executed an immediate security update. We have upgraded our edge web server to Nginx 1.29.5. This release addresses specific issues in connection processing and further stabilizes the HTTP/3 QUIC implementation.
Crucially, we have also applied significant fixes to our nftables firewall logic. We have refined the state-machine rules to prevent edge-case bypasses during high-load traffic bursts and optimized the kernel hook points for tighter packet dropping efficiency.
Rapid deployment of Nginx 1.29.5 addressing upstream bugs, alongside a critical logic update to our nftables firewall engine to tighten stateful packet inspection.
Highlights
- Nginx 1.29.5 Upgrade (Upstream Fixes)
- Nftables Logic Hardening & Optimization
- Refined Stateful Packet Inspection (SPI)
- Patched HTTP/3 Connection Handling