OpenResty® Scalable Web Platform by Extending NGINX with Lua

OpenResty XRay

Advanced observability built for OpenResty and more


limited time offer

Request TRIAL today and receive a diagnostic REPORT
Learn more
New! OpenResty is now released!
New! Test::Nginx 0.30 is now released!
New! New blog post The Wonderland of Dynamic Tracing (Part 1 of 3) is published.
New! New blog post The Wonderland of Dynamic Tracing (Part 2 of 3) is published.

OpenResty Released

Yichun Zhang (agentzh) , 21 Mar 2020 (created 21 Mar 2020)

OpenResty is a patch release addressing recent security vulnerabilities in both the Nginx core and the ngx_http_lua module.

The (portable) source code distribution, the Win32/Win64 binary distributions, and the pre-built binary Linux packages for Ubuntu, Debian, Fedora, CentOS, RHEL, OpenSUSE, Amazon Linux are provided on this page:

We also upgraded PCRE to 8.44 and OpenSSL to 1.1.0l for our binary packages.

This is the third OpenResty release based on the nginx 1.15.8 core.


Thanks the HackerOne team for reporting the memory content leak vulnerabilities.

Thanks Thibault Charbonnier and Dejiang Zhu for helping this release.

Full Changelog

Complete change logs since the last (formal) release,, can be browsed in the page Change Log for 1.15.8.x.


Feedback on this release is more than welcome. Feel free to create new GitHub issues or send emails to one of our mailing lists.

The Next Release

The next release will be OpenResty based on the recent nginx 1.17.8 core and its RC1 version is already out for community testing. See