Nginx web server forked as Freenginx to escape corporate overlords Russian developer Maxim Dounin has announced a new fork of the Nginx web server and caching proxy, aimed at avoiding the corporate control of owner F5. US networking vendor F5 acquired Russian web server Nginx for $670 million in 2019. Some of F5's decisions, such as the recent disclosure of CVE-2024-24989, have not gone down …
This post has been deleted by its author
Don't confuse governments with people .... you don't get to choose where you are born.
At what point does the Populace become responsible for the actions of the State? The people have the ability, some might say the obligation, to rise up and remove the government at a certain point. If they don't, do they implicitly agree that the State is doing their will?
> At what point does the Populace become responsible for the actions of the State?
At the point when they have a say in the composition of the state.
> The people have the ability ... to rise up and remove the government at a certain point.
See above.
> If they don't, do they implicitly agree that the State is doing their will?
I don't know... maybe ask Alexei Navalny's widow.
How do you go about registering a FOSS product in a country? His complaints about Nginx and Angle was that they were owned by companies which did have a geographical location. Some products are overseen by foundations and there might be an issue with where the foundation is registered but otherwise FOSS is a citizen of the world. I grant you that may irk some people and governments.
Yeah, right, because what the Swiss have done with Crypto AG and other backdoor equipped software products was such a stellar success.
Switzerland is only a neutral country in a world of myths, while in reality it's as bad as any western nation, and always has been.
If you don't want the headache of CVEs & the resulting prioritized bug fixes in your experimental code, don't include that code in your mainline branch. Irrespective of the code being enabled by default or not.
nginx isn't a pet project, it's a core piece that underpins today's internet.
I've also been struggling to understand this. There is publicly available code, potentially in public use, which contains a security vulnerability.
Sure the responsible thing to do is to fix it, disclose and register a CVE so that venerable systems are patched?
I don't get why *not* disclosing is in any way a good or responsible thing to do, even if it's in a section marked experimental.
Bugs happen, it shouldn't be taken personally. It's the project's obligation to handle it properly so that users don't get owned. Or you could have a shitfit, and go fork a project on the basis that you don't want to make security disclosures?
《Almost. They bought the name and rights to maintain something someone else could download for free and then fork. But the forkers have to vary the name.》
I too was wondering what F5 paid for.
Nginx is weird enough to pronounce of first sight - I thought the ng was ñ and ñingx rhymed with sphinx or jinx - any fork might have gone for EngineX which is its actual pronounciation (Musk has probably already Xpropriated it. :) Djinn[i]X might fly too.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
