Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed "CRIME", allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update to nginx disables SSL compression.