Nginx 1.13.6 Patches Web Server for the Year 2038 Flaw

Jonathan MathewsPublic

Developers and organizations around the world rushed to fix the Y2K bug nearly 20 years ago as the calendar rolled over to the new millennium. There is also a similar bug that is resident in Unix/Linux systems known as the Year 2038 bug.

The latest vendor to fix its software for the 2038 bug is open-source web application server vendor nginx. The new nginx 1.13.6 release debuts on Oct. 10, fixing 11 different bugs.

“Bugfix: nginx did not support dates after the year 2038 on 32-bit platforms with 64-bit time_t,” the nginx changelog noted.

While the Year 2038 issue is well known in Linux, the nginx 1.13.6 update also patches for another interesting date related bug.

“Bugfix: in handling of dates prior to the year 1970 and after the year 10000,” the nginx changelog states.

Other bugs fixed in the nginx 1.13.6 update include:

*)Bugfix: switching to the next upstream server in the stream module
did not work when using the “ssl_preread” directive.

*) Bugfix: in the ngx_http_v2_module.
Thanks to Piotr Sikora.

*) Bugfix: in the stream module timeouts waiting for UDP datagrams from
upstream servers were not logged or logged at the “info” level
instead of “error”.

*) Bugfix: when using HTTP/2 nginx might return the 400 response without
logging the reason.

Full Article