The OpenResty web platform based on NGINX and LuaJIT version 1.29.2.5 has been officially released. You can view the complete release notes.

This release provides source code distributions, Win32/Win64 binary distributions, and versions for all common Linux distributions. You can download the packages through the following link: http://openresty.org/en/download.html

Special thanks to all our developers and contributors! Thanks to OpenResty Inc. for sponsoring a large amount of OpenResty core development work.

Key Changes

This release features:

• Nginx Core: Backported Nginx official security patch (CVE-2026-9256), fixed a buffer overflow in ngx_http_rewrite_module.

For a complete list of changes, please refer to the release notes.

Complete Changelog

For the complete list of changes, HTML version of the changelog, and other hyperlinks, please refer to the complete release notes.

Website

OpenResty is a mature web platform that integrates the standard Nginx core, Lua/LuaJIT, numerous third-party Nginx modules and Lua libraries, as well as most of their external dependencies. This makes OpenResty a complete and powerful networking solution. For detailed information, please visit the OpenResty homepage: https://openresty.org/

Quality Assurance

We have conducted extensive testing on Amazon EC2 test clusters and ensured that all components (including the Nginx core) work well together. The latest test reports can be found here: https://qa.openresty.org/

Commercial Version

We run OpenResty based on the latest open-source version in our own global CDN network (known as “Mini CDN”). This network supports our openresty.org and openresty.com websites, and is also used for our commercial software. For more information, please visit https://openresty.com/.

Feedback

We appreciate your feedback on this release. Feel free to create new GitHub issues or send emails to one of our mailing lists.