Changelog for
nginx-1.0-1.0.15-3.2.x86_64.rpm :
Mon Oct 15 14:00:00 2012 cooloAATTsuse.com
- call configure as ./configure
Tue Jun 5 14:00:00 2012 lslezakAATTsuse.cz
- added \"BuildRequires: ruby\" (needed for %rb_ver macro expansion),
fixes build at Factory
Mon Apr 16 14:00:00 2012 schubiAATTsuse.com
- Update to version 1.0.15
Changes with nginx 1.0.15 12 Apr 2012
* ) Security: specially crafted mp4 file might allow to overwrite memory
locations in a worker process if the ngx_http_mp4_module was used,
potentially resulting in arbitrary code execution (CVE-2012-2089).
Thanks to Matthew Daley.
* ) Bugfix: in the ngx_http_mp4_module.
Fri Mar 16 13:00:00 2012 schubiAATTsuse.com
- Update to Version 1.0.14
Changes with nginx 1.0.14 15 Mar 2012
* ) Security: content of previously freed memory might be sent to a
client if backend returned specially crafted response.
Thanks to Matthew Daley.
Tue Mar 13 13:00:00 2012 schubiAATTsuse.com
- Update to Version 1.0.13
Changes with nginx 1.0.13 05 Mar 2012
* ) Feature: the \"return\" and \"error_page\" directives can now be used to
return 307 redirections.
* ) Bugfix: a segmentation fault might occur in a worker process if the
\"resolver\" directive was used and there was no \"error_log\" directive
specified at global level.
Thanks to Roman Arutyunyan.
* ) Bugfix: memory leaks.
Thanks to Lanshun Zhou.
* ) Bugfix: nginx might log incorrect error \"upstream prematurely closed
connection\" instead of correct \"upstream sent too big header\" one.
Thanks to Feibo Li.
* ) Bugfix: on ZFS filesystem disk cache size might be calculated
incorrectly; the bug had appeared in 1.0.1.
* ) Bugfix: the number of internal redirects to named locations was not
limited.
* ) Bugfix: temporary files might be not removed if the \"proxy_store\"
directive was used with SSI includes.
* ) Bugfix: in some cases non-cacheable variables (such as the $args
variable) returned old empty cached value.
* ) Bugfix: the \"proxy_redirect\" directives might be inherited
incorrectly.
* ) Bugfix: nginx could not be built with the ngx_http_perl_module if the
- -with-openssl option was used.
* ) Bugfix: nginx could not be built by the icc 12.1 compiler.
Changes with nginx 1.0.12 06 Feb 2012
* ) Feature: the \"TLSv1.1\" and \"TLSv1.2\" parameters of the
\"ssl_protocols\" directive.
* ) Feature: the \"if\" SSI command supports captures in regular
expressions.
* ) Bugfix: the \"if\" SSI command did not work inside the \"block\" command.
* ) Bugfix: in AIO error handling on FreeBSD.
* ) Bugfix: in the OpenSSL library initialization.
* ) Bugfix: the \"worker_cpu_affinity\" directive might not work.
* ) Bugfix: the \"limit_conn_log_level\" and \"limit_req_log_level\"
directives might not work.
* ) Bugfix: the \"read_ahead\" directive might not work combined with
\"try_files\" and \"open_file_cache\".
* ) Bugfix: the \"proxy_cache_use_stale\" directive with \"error\" parameter
did not return answer from cache if there were no live upstreams.
* ) Bugfix: a segmentation fault might occur in a worker process if small
time was used in the \"inactive\" parameter of the \"proxy_cache_path\"
directive.
* ) Bugfix: responses from cache might hang.
* ) Bugfix: in error handling while connecting to a backend.
Thanks to Piotr Sikora.
* ) Bugfix: in the \"epoll\" event method.
Thanks to Yichun Zhang.
* ) Bugfix: the $sent_http_cache_control variable might contain a wrong
value if the \"expires\" directive was used.
Thanks to Yichun Zhang.
* ) Bugfix: the \"limit_rate\" directive did not allow to use full
throughput, even if limit value was very high.
* ) Bugfix: the \"sendfile_max_chunk\" directive did not work, if the
\"limit_rate\" directive was used.
* ) Bugfix: nginx could not be built on Solaris; the bug had appeared in
1.0.11.
* ) Bugfix: in the ngx_http_scgi_module.
* ) Bugfix: in the ngx_http_mp4_module.
Changes with nginx 1.0.11 15 Dec 2011
* ) Change: now double quotes are encoded in an \"echo\" SSI-command
output.
Thanks to Zaur Abasmirzoev.
* ) Feature: the \"image_filter_sharpen\" directive.
* ) Bugfix: a segmentation fault might occur in a worker process if SNI
was used; the bug had appeared in 1.0.9.
* ) Bugfix: SIGWINCH signal did not work after first binary upgrade; the
bug had appeared in 1.0.9.
* ) Bugfix: the \"If-Modified-Since\", \"If-Range\", etc. client request
header lines might be passed to backend while caching; or not passed
without caching if caching was enabled in another part of the
configuration.
* ) Bugfix: in the \"scgi_param\" directive, if complex parameters were
used.
* ) Bugfix: \"add_header\" and \"expires\" directives did not work if a
request was proxied and response status code was 206.
* ) Bugfix: in the \"expires AATTtime\" directive.
* ) Bugfix: in the ngx_http_flv_module.
Thanks to Piotr Sikora.
* ) Bugfix: in the ngx_http_mp4_module.
* ) Bugfix: nginx could not be built on FreeBSD 10.
* ) Bugfix: nginx could not be built on AIX.
Fri Dec 2 13:00:00 2011 schubiAATTsuse.com
- 1.0.10 includes a fix for:
Fixed VUL-0: CVE-2011-4315: nginx: heap overflow (bnc #731084)
Fri Nov 18 13:00:00 2011 schubiAATTsuse.com
- Uppstream update to 1.0.10
Changes with nginx 1.0.10
* ) Bugfix: a segmentation fault might occur in a worker process if
resolver got a big DNS response.
Thanks to Ben Hawkes.
* ) Bugfix: in cache key calculation if internal MD5 implementation was
used; the bug had appeared in 1.0.4.
* ) Bugfix: the module ngx_http_mp4_module sent incorrect
\"Content-Length\" response header line if the \"start\" argument was
used.
Thanks to Piotr Sikora.
Changes with nginx 1.0.9
* ) Change: now the 0x7F-0x1F characters are escaped as \\xXX in an
access_log.
* ) Change: now SIGWINCH signal works only in daemon mode.
* ) Feature: \"proxy/fastcgi/scgi/uwsgi_ignore_headers\" directives support
the following additional values: X-Accel-Limit-Rate,
X-Accel-Buffering, X-Accel-Charset.
* ) Feature: decrease of memory consumption if SSL is used.
* ) Feature: accept filters are now supported on NetBSD.
* ) Feature: the \"uwsgi_buffering\" and \"scgi_buffering\" directives.
Thanks to Peter Smit.
* ) Bugfix: a segmentation fault occurred on start or while
reconfiguration if the \"ssl\" directive was used at http level and
there was no \"ssl_certificate\" defined.
* ) Bugfix: some UTF-8 characters were processed incorrectly.
Thanks to Alexey Kuts.
* ) Bugfix: the ngx_http_rewrite_module directives specified at \"server\"
level were executed twice if no matching locations were defined.
* ) Bugfix: a socket leak might occurred if \"aio sendfile\" was used.
* ) Bugfix: connections with fast clients might be closed after
send_timeout if file AIO was used.
* ) Bugfix: in the ngx_http_autoindex_module.
* ) Bugfix: the module ngx_http_mp4_module did not support seeking on
32-bit platforms.
* ) Bugfix: non-cacheable responses might be cached if
\"proxy_cache_bypass\" directive was used.
Thanks to John Ferlito.
* ) Bugfix: cached responses with an empty body were returned
incorrectly; the bug had appeared in 0.8.31.
* ) Bugfix: 201 responses of the ngx_http_dav_module were incorrect; the
bug had appeared in 0.8.32.
* ) Bugfix: in the \"return\" directive.
* ) Bugfix: the \"ssl_verify_client\", \"ssl_verify_depth\", and
\"ssl_prefer_server_ciphers\" directives might work incorrectly if SNI
was used.
Changes with nginx 1.0.8
* ) Bugfix: nginx could not be built --with-http_mp4_module and without
- -with-debug option.
Changes with nginx 1.0.7
* ) Change: now if total size of all ranges is greater than source
response size, then nginx disables ranges and returns just the source
response.
* ) Feature: the \"max_ranges\" directive.
* ) Feature: the module ngx_http_mp4_module.
* ) Feature: the \"worker_aio_requests\" directive.
* ) Bugfix: if nginx was built --with-file-aio it could not be run on
Linux kernel which did not support AIO.
* ) Bugfix: in Linux AIO error processing.
Thanks to Hagai Avrahami.
* ) Bugfix: in Linux AIO combined with open_file_cache.
* ) Bugfix: open_file_cache did not update file info on retest if file
was not atomically changed.
* ) Bugfix: reduced memory consumption for long-lived requests.
* ) Bugfix: in the \"proxy/fastcgi/scgi/uwsgi_ignore_client_abort\"
directives.
* ) Bugfix: nginx could not be built on MacOSX 10.7.
* ) Bugfix: request body might be processed incorrectly if client used
pipelining.
* ) Bugfix: in the \"request_body_in_single_buf\" directive.
* ) Bugfix: in \"proxy_set_body\" and \"proxy_pass_request_body\" directives
if SSL connection to backend was used.
* ) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
\"down\".
* ) Bugfix: a segmentation fault might occur during reconfiguration if
ssl_session_cache was defined but not used in previous configuration.
* ) Bugfix: a segmentation fault might occur in a worker process if many
backup servers were used in an upstream.
Changes with nginx 1.0.6
* ) Feature: cache loader run time decrease.
* ) Feature: loading time decrease of configuration with large number of
HTTPS sites.
* ) Feature: now nginx supports ECDHE key exchange ciphers.
Thanks to Adrian Kotelba.
* ) Feature: the \"lingering_close\" directive.
* ) Feature: now shared zones and caches use POSIX semaphores on Solaris.
Thanks to Den Ivanov.
* ) Bugfix: nginx could not be built on Linux 3.0.
* ) Bugfix: a segmentation fault might occur in a worker process if
\"fastcgi/scgi/uwsgi_param\" directives were used with values starting
with \"HTTP_\"; the bug had appeared in 0.8.40.
* ) Bugfix: in closing connection for pipelined requests.
* ) Bugfix: nginx did not disable gzipping if client sent \"gzip;q=0\" in
\"Accept-Encoding\" request header line.
* ) Bugfix: in timeout in unbuffered proxied mode.
* ) Bugfix: memory leaks when a \"proxy_pass\" directive contains variables
and proxies to an HTTPS backend.
* ) Bugfix: in parameter validaiton of a \"proxy_pass\" directive with
variables.
Thanks to Lanshun Zhou.
* ) Bugfix: SSL did not work on QNX.
* ) Bugfix: SSL modules could not be built by gcc 4.6 without
- -with-debug option.
Mon Oct 24 14:00:00 2011 schubiAATTsuse.com
- Reduce requirement of rubygem-rack to 1_1 cause 1_3 produces
errors.
Tue Aug 16 14:00:00 2011 ammlerAATTopenttdcoop.org
- upstream update 1.0.5
* Change: now default SSL ciphers are \"HIGH:!aNULL:!MD5\".
* Feature: the \"referer_hash_max_size\" and \"referer_hash_bucket_size\"
directives.
* Feature: $uid_reset variable.
* Bugfix: a segmentation fault might occur in a worker process, if a
caching was used.
* Bugfix: worker processes may got caught in an endless loop during
reconfiguration, if a caching was used; the bug had appeared in
0.8.48.
* Bugfix: \"stalled cache updating\" alert.
- add logrotate
* add reopen killsiganl -USR1 to init script
* logrotate conf
- Backport r4003: Configure: catch up with new Linux version numbering
Fri Jun 24 14:00:00 2011 jreidingerAATTnovell.com
- fix init script to write use its pid file to allow separate nginx
server run independent (bnc#702005)
Thu Jun 9 14:00:00 2011 ammlerAATTopenttdcoop.org
- upstream update 1.0.4
* Change: now regular expressions case sensitivity in the \"map\"
directive is given by prefixes \"~\" or \"~
*\".
* Feature: now shared zones and caches use POSIX semaphores on
Linux. Thanks to Denis F. Latypoff.
* Bugfix: \"stalled\" cache updating\" alert.
* Bugfix: nginx could not be built
- -without-http_auth_basic_module; the bug had appeared in
1.0.3.
- additional changes from 1.0.3
- Feature: the \"auth_basic_user_file\" directive supports \"$apr1\",
\"{PLAIN}\", and \"{SSHA}\" password encryption methods. Thanks to
Maxim Dounin.
- Feature: the \"geoip_org\" directive and $geoip_org variable.
Thanks to Alexander Uskov, Arnaud Granal, and Denis F.
Latypoff.
- Feature: ngx_http_geo_module and ngx_http_geoip_module support
IPv4 addresses mapped to IPv6 addresses.
- Bugfix: a segmentation fault occurred in a worker process
during testing IPv4 address mapped to IPv6 address, if access
or deny rules were defined only for IPv6; the bug had appeared
in 0.8.22.
- Bugfix: a cached response may be broken if proxy/fastcgi/scgi/
uwsgi_cache_bypass and proxy/fastcgi/scgi/uwsgi_no_cache
directive values were different; the bug had appeared in
0.8.46.
- additional changes from 1.0.2
- Feature: now shared zones and caches use POSIX semaphores.
- Bugfix: in the \"rotate\" parameter of the \"image_filter\"
directive. Thanks to Adam Bocim.
- Bugfix: nginx could not be built on Solaris; the bug had
appeared in 1.0.1.
- additional changes from 1.0.1
- Change: now the \"split_clients\" directive uses MurmurHash2
algorithm because of better distribution. Thanks to Oleg
Mamontov.
- Change: now long strings starting with zero are not considered
as false values. Thanks to Maxim Dounin.
- Change: now nginx uses a default listen backlog value 511 on
Linux.
- Feature: the $upstream_... variables may be used in the SSI and
perl modules.
- Bugfix: now nginx limits better disk cache size. Thanks to
Oleg Mamontov.
- Bugfix: a segmentation fault might occur while parsing
incorrect IPv4 address; the bug had appeared in 0.9.3. Thanks
to Maxim Dounin.
- Bugfix: nginx could not be built by gcc 4.6 without
- -with-debug option.
- Bugfix: nginx could not be built on Solaris 9 and earlier; the
bug had appeared in 0.9.3. Thanks to Dagobert Michelsen.
- Bugfix: $request_time variable had invalid values if
subrequests were used; the bug had appeared in 0.8.47. Thanks
to Igor A. Valcov.
- new config directories included in context http:
conf.d/
*.conf on top before first server
vhosts.d/
*.conf on bottom (for servers)
Thu May 26 14:00:00 2011 mrueckertAATTsuse.de
- more accurate license header: BSD-2-Clause
Thu Apr 14 14:00:00 2011 mrueckertAATTsuse.de
- move the libatomic usage to sle11/11.1 or newer
Thu Apr 14 14:00:00 2011 mrueckertAATTsuse.de
- remove /srv/www/htdocs/index.html (bnc#670031).
Thu Apr 14 14:00:00 2011 mrueckertAATTsuse.de
- build with libatomic_ops
Thu Apr 14 14:00:00 2011 mrueckertAATTsuse.de
- minor spec file cleanup
- use perl instead of dos2unix
- remove commented out patches from the preamble
- fix ordering in preamble
Wed Apr 13 14:00:00 2011 alexandreAATTexatati.com.br
- Add epoll in default events config as recommended in
http://www.kegel.com/c10k.html#nb.epoll.
Tue Apr 12 14:00:00 2011 mrueckertAATTsuse.de
- enable building of the passenger extension
Tue Apr 12 14:00:00 2011 mrueckertAATTsuse.de
- added more directives to the configure line
- specify tmp path for scgi/uwsgi
- enabled more modules
- geoip lookup
- http_degradation
- mail ssl support
- added build time options to build the profiling/testing stuff
- see with_google_perftools and with_cpp_test
Tue Apr 12 14:00:00 2011 mrueckertAATTsuse.de
- start 1.0 branch package