<?xml version="1.0" encoding="utf-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
    <id>https://n.wtf/</id>
    <title>N.WTF</title>
    <updated>2026-07-16T22:46:49.826Z</updated>
    <generator>https://github.com/jpmonette/feed</generator>
    <author>
        <name>m.ac</name>
        <uri>https://m.ac/</uri>
    </author>
    <link rel="alternate" href="https://n.wtf/"/>
    <link rel="self" href="https://n.wtf/atom.xml"/>
    <subtitle>Open-source nginx Debian / Ubuntu repository with latest mainline builds.</subtitle>
    <rights>© 2026 N.WTF</rights>
    <entry>
        <title type="html"><![CDATA[nginx 1.31.3]]></title>
        <id>https://n.wtf/blog/nginx-1-31-3/</id>
        <link href="https://n.wtf/blog/nginx-1-31-3/"/>
        <updated>2026-07-17T00:00:00.001Z</updated>
        <summary type="html"><![CDATA[Upstream fixes three security issues, including a heap buffer overflow in map with regex. Packages are live for all supported releases, upgrade now.]]></summary>
        <content type="html"><![CDATA[<p>Upstream released <a href="https://nginx.org/en/CHANGES">nginx 1.31.3</a> on July 15, 2026, and the n.wtf packages are now published for all <a href="https://n.wtf/install/">supported Debian and Ubuntu releases</a>. This is a security release. If you run 1.31.2 or older from this repository, upgrade now.</p>
<h2>Security fixes</h2>
<p>Three vulnerabilities are fixed, all in the worker process:</p>
<ul>
<li><a href="https://nvd.nist.gov/vuln/detail/CVE-2026-42533">CVE-2026-42533</a>: a heap buffer overflow when a <code>map</code> directive with regex matching feeds a string expression, and a similar case with non-cacheable variables. This is the one to take seriously; <code>map</code> with regex is everywhere.</li>
<li><a href="https://nvd.nist.gov/vuln/detail/CVE-2026-60005">CVE-2026-60005</a>: uninitialized memory access with unnamed regex captures combined with the <code>slice</code> directive or background cache updates. Upstream says it can disclose worker memory or crash the worker.</li>
<li><a href="https://nvd.nist.gov/vuln/detail/CVE-2026-56434">CVE-2026-56434</a>: a use-after-free in the SSI filter when processing a crafted proxied backend response.</li>
</ul>
<p>If your config uses <code>map</code> with regex captures, <code>slice</code>, proxy caching, or SSI, treat the upgrade as urgent. Everyone else should not wait either; the full details are public in the <a href="https://github.com/nginx/nginx/releases/tag/release-1.31.3">upstream release notes</a>.</p>
<h2>Also in this release</h2>
<p>Beyond the security fixes, 1.31.3 rejects HTTP/2 requests with out-of-order pseudo-headers, disables external entity loading in the XSLT filter by default (with a new <code>xml_external_entities</code> directive to turn it back on), and adds <code>*_socket_sndbuf</code> / <code>*_socket_rcvbuf</code> directives for tuning upstream socket buffers across the proxy, FastCGI, gRPC, SCGI, and uWSGI modules.</p>
<h2>Changes</h2>
<ul>
<li>Upgrade nginx to 1.31.3</li>
<li>Upgrade <a href="https://n.wtf/modules/acme/">nginx-acme</a> to 0.4.1</li>
</ul>
<h2>How to upgrade</h2>
<pre><code class="language-bash">sudo apt update
sudo apt full-upgrade

nginx -v
# nginx version: nginx-n.wtf/1.31.3
</code></pre>
<p><code>full-upgrade</code> lets <code>apt</code> add or remove dependencies when the package set changes between releases; plain <code>apt upgrade</code> can hold nginx back in that case.</p>
<p>Not on the repository yet? The <a href="https://n.wtf/install/">install page</a> has extrepo, one-line, DEB822, and Docker instructions.</p>
]]></content>
        <author>
            <name>m.ac</name>
            <uri>https://m.ac/</uri>
        </author>
        <published>2026-07-17T00:00:00.000Z</published>
    </entry>
    <entry>
        <title type="html"><![CDATA[nginx, Nginx, or NGINX?]]></title>
        <id>https://n.wtf/blog/nginx-nginx-or-nginx/</id>
        <link href="https://n.wtf/blog/nginx-nginx-or-nginx/"/>
        <updated>2026-07-17T00:00:00.000Z</updated>
        <summary type="html"><![CDATA[The lowercase name is the software, the all-caps name is a brand, and n.wtf follows the software.]]></summary>
        <content type="html"><![CDATA[<p>Open <a href="https://www.f5.com/products/nginx">f5.com/products/nginx</a> and the word appears in capitals everywhere: &quot;F5 NGINX: Built for cloud-native apps&quot;, NGINX One, NGINX Plus, NGINX Ingress Controller. Open <a href="https://nginx.org/en/">nginx.org</a> and the very first sentence reads &quot;nginx (&quot;engine x&quot;) is an HTTP web server, reverse proxy, content cache, load balancer, TCP/UDP proxy server, and mail proxy server.&quot; Lowercase, even at the start of the sentence.</p>
<p>Both pages are official. They just name different things. The lowercase spelling is the name of the open-source server, chosen by its author and used consistently by the project itself. The all-caps spelling is a commercial brand that now belongs to F5. n.wtf packages the server, so this site writes nginx.</p>
<h2>The project has always been lowercase</h2>
<p>Igor Sysoev released nginx in 2004, and the project has written the name in lowercase ever since. <a href="https://nginx.org/en/">nginx.org</a> uses it throughout, including at sentence starts, and the <a href="https://nginx.org/en/CHANGES">CHANGES</a> file for every release does the same. Netcraft looked at this exact question in a 2018 piece, <a href="https://www.netcraft.com/blog/nginx-nginx-nginx-or-nginx">&quot;nginx, Nginx, NGiИX, or NGINX?!&quot;</a>, and noted that the lowercase form also appeared in the HTTP Server headers of the 447 million sites running it at the time.</p>
<p>A stock installation still answers the same way. nginx.org itself, for example:</p>
<pre><code class="language-bash">curl -sI https://nginx.org/ | grep -i &#39;^server&#39;
# Server: nginx/1.29.8
</code></pre>
<p>The ecosystem inherited the casing. The binary is <code>/usr/sbin/nginx</code>, the Debian and Ubuntu package is <code>nginx</code>, the config test command is <code>nginx -t</code>, and the packages from this repository identify themselves as <code>nginx-n.wtf</code> in <code>nginx -V</code> output. Nothing in the software itself ever prints NGINX. This site&#39;s own header says <code>Server: n.wtf</code> instead, set with the <a href="https://n.wtf/modules/headers-more/">headers-more</a> module, but that is us overriding the default, not the default.</p>
<h2>The capitals came with the company</h2>
<p>The all-caps form arrived with commercialization. Nginx, Inc. was founded in 2011 to build a business around the server, later selling NGINX Plus, and it stylized the name as NGINX in its marketing. As the Netcraft piece points out, the company at one point drew the distinction itself: the company was &quot;Nginx&quot;, the server it promoted was &quot;NGINX&quot;. After <a href="https://www.f5.com/company/news/press-releases/f5-completes-acquisition-of-nginx">F5 completed its acquisition of the company in May 2019</a>, the brand followed, which is why every product on the F5 site today is NGINX-something.</p>
<p>The logo sidesteps the question entirely. It spells NGiИX with a mirrored Cyrillic И, a nod to the project&#39;s Russian origins, and matches neither spelling.</p>
<p>None of this is a complaint. F5 owns the <a href="https://www.f5.com/company/policies/trademarks">NGINX trademark</a> and can style its products however it likes. It just means the capitals mark F5&#39;s commercial line: NGINX Plus, NGINX One, NGINX Gateway Fabric. The server that Debian, Ubuntu, and this repository ship is the open-source project from nginx.org, and that project calls itself nginx.</p>
<h2>What this means on n.wtf</h2>
<p>This site follows upstream. Prose says nginx, lowercase, sentence start included. Package names, commands, and version strings are lowercase because that is what the software actually emits. The all-caps form appears in exactly one place: the trademark notice in the footer, because a trademark should be written the way its owner registered it.</p>
<p>If you upgrade through <a href="https://n.wtf/install/">this repository</a>, the casing question answers itself every time you check a version:</p>
<pre><code class="language-bash">nginx -v
# nginx version: nginx-n.wtf/1.31.3
</code></pre>
<p>The software tells you its own name.</p>
]]></content>
        <author>
            <name>m.ac</name>
            <uri>https://m.ac/</uri>
        </author>
        <published>2026-07-17T00:00:00.000Z</published>
    </entry>
</feed>