SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for nginx-1.15.8-1.4.i586.rpm :

* Tue Dec 25 2018 neutrino8AATTopensuse.org- Update to version 1.15.8
* Feature: the $upstream_bytes_sent variable. Thanks to Piotr Sikora.
* Feature: new directives in vim syntax highlighting scripts. Thanks to Gena Makhomed.
* Bugfix: in the \"proxy_cache_background_update\" directive.
* Bugfix: in the \"geo\" directive when using unix domain listen sockets.
* Workaround: the \"ignoring stale global SSL error ... bad length\" alerts might appear in logs when using the \"ssl_early_data\" directive with OpenSSL.
* Bugfix: in nginx/Windows.
* Bugfix: in the ngx_http_autoindex_module on 32-bit platforms.
* Tue Nov 27 2018 neutrino8AATTopensuse.org- Update to version 1.15.7
* Feature: the \"proxy_requests\" directive in the stream module.
* Feature: the \"delay\" parameter of the \"limit_req\" directive. Thanks to Vladislav Shabanov and Peter Shchuchkin.
* Bugfix: memory leak on errors during reconfiguration.
* Bugfix: in the $upstream_response_time, $upstream_connect_time, and $upstream_header_time variables.
* Bugfix: a segmentation fault might occur in a worker process if the ngx_http_mp4_module was used on 32-bit platforms.
* Tue Nov 06 2018 neutrino8AATTopensuse.org- Update to version 1.15.6
* Security: when using HTTP/2 a client might cause excessive memory consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).
* Security: processing of a specially crafted mp4 file with the ngx_http_mp4_module might result in worker process memory disclosure (CVE-2018-16845).
* Feature: the \"proxy_socket_keepalive\", \"fastcgi_socket_keepalive\", \"grpc_socket_keepalive\", \"memcached_socket_keepalive\", \"scgi_socket_keepalive\", and \"uwsgi_socket_keepalive\" directives.
* Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL 1.1.1, the TLS 1.3 protocol was always enabled.
* Bugfix: working with gRPC backends might result in excessive memory consumption.
* Tue Oct 02 2018 neutrino8AATTopensuse.org- Update to version 1.15.5
* Bugfix: a segmentation fault might occur in a worker process when using OpenSSL 1.1.0h or newer; the bug had appeared in 1.15.4.
* Bugfix: of minor potential bugs.
* Tue Sep 25 2018 neutrino8AATTopensuse.org- Update to version 1.15.4
* Feature: now the \"ssl_early_data\" directive can be used with OpenSSL.
* Bugfix: in the ngx_http_uwsgi_module. Thanks to Chris Caputo.
* Bugfix: connections with some gRPC backends might not be cached when using the \"keepalive\" directive.
* Bugfix: a socket leak might occur when using the \"error_page\" directive to redirect early request processing errors, notably errors with code 400.
* Bugfix: the \"return\" directive did not change the response code when returning errors if the request was redirected by the \"error_page\" directive.
* Bugfix: standard error pages and responses of the ngx_http_autoindex_module module used the \"bgcolor\" attribute, and might be displayed incorrectly when using custom color settings in browsers. Thanks to Nova DasSarma.
* Change: the logging level of the \"no suitable key share\" and \"no suitable signature algorithm\" SSL errors has been lowered from \"crit\" to \"info\".
* Tue Aug 28 2018 neutrino8AATTopensuse.org- Update to versoion 1.15.3
* Feature: now TLSv1.3 can be used with BoringSSL.
* Feature: the \"ssl_early_data\" directive, currently available with BoringSSL.
* Feature: the \"keepalive_timeout\" and \"keepalive_requests\" directives in the \"upstream\" block.
* Bugfix: the ngx_http_dav_module did not truncate destination file when copying a file over an existing one with the COPY method.
* Bugfix: the ngx_http_dav_module used zero access rights on the destination file and did not preserve file modification time when moving a file between different file systems with the MOVE method.
* Bugfix: the ngx_http_dav_module used default access rights when copying a file with the COPY method.
* Workaround: some clients might not work when using HTTP/2; the bug had appeared in 1.13.5.
* Bugfix: nginx could not be built with LibreSSL 2.8.0.
* Tue Jul 24 2018 neutrino8AATTopensuse.org- Update to version 1.15.2
* Feature: the $ssl_preread_protocol variable in the ngx_stream_ssl_preread_module.
* Feature: now when using the \"reset_timedout_connection\" directive nginx will reset connections being closed with the 444 code.
* Change: a logging level of the \"http request\", \"https proxy request\", \"unsupported protocol\", and \"version too low\" SSL errors has been lowered from \"crit\" to \"info\".
* Bugfix: DNS requests were not resent if initial sending of a request failed.
* Bugfix: the \"reuseport\" parameter of the \"listen\" directive was ignored if the number of worker processes was specified after the \"listen\" directive.
* Bugfix: when using OpenSSL 1.1.0 or newer it was not possible to switch off \"ssl_prefer_server_ciphers\" in a virtual server if it was switched on in the default server.
* Bugfix: SSL session reuse with upstream servers did not work with the TLS 1.3 protocol.
* Tue Jul 03 2018 neutrino8AATTopensuse.org- Update to version 1.15.1
* Feature: the \"random\" directive inside the \"upstream\" block.
* Feature: improved performance when using the \"hash\" and \"ip_hash\" directives with the \"zone\" directive.
* Feature: the \"reuseport\" parameter of the \"listen\" directive now uses SO_REUSEPORT_LB on FreeBSD 12.
* Bugfix: HTTP/2 server push did not work if SSL was terminated by a proxy server in front of nginx.
* Bugfix: the \"tcp_nopush\" directive was always used on backend connections.
* Bugfix: sending a disk-buffered request body to a gRPC backend might fail.
* Wed Jun 06 2018 neutrino8AATTopensuse.org- Update to version 1.15.0
* Change: the \"ssl\" directive is deprecated; the \"ssl\" parameter of the \"listen\" directive should be used instead.
* Change: now nginx detects missing SSL certificates during configuration testing when using the \"ssl\" parameter of the \"listen\" directive.
* Feature: now the stream module can handle multiple incoming UDP datagrams from a client within a single session.
* Bugfix: it was possible to specify an incorrect response code in the \"proxy_cache_valid\" directive.
* Bugfix: nginx could not be built by gcc 8.1.
* Bugfix: logging to syslog stopped on local IP address changes.
* Bugfix: nginx could not be built by clang with CUDA SDK installed; the bug had appeared in 1.13.8.
* Bugfix: \"getsockopt(TCP_FASTOPEN) ... failed\" messages might appear in logs during binary upgrade when using unix domain listen sockets on FreeBSD.
* Bugfix: nginx could not be built on Fedora 28 Linux.
* Bugfix: request processing rate might exceed configured rate when using the \"limit_req\" directive.
* Bugfix: in handling of client addresses when using unix domain listen sockets to work with datagrams on Linux.
* Bugfix: in memory allocation error handling.
* Tue Apr 10 2018 neutrino8AATTopensuse.org- Update to version 1.13.12
* Bugfix: connections with gRPC backends might be closed unexpectedly when returning a large response.
* Tue Apr 03 2018 neutrino8AATTopensuse.org- Update to version 1.13.11
* Feature: the \"proxy_protocol\" parameter of the \"listen\" directive now supports the PROXY protocol version 2.
* Bugfix: nginx could not be built with OpenSSL 1.1.1 statically on Linux.
* Bugfix: in the \"http_404\", \"http_500\", etc. parameters of the \"proxy_next_upstream\" directive.
* Tue Mar 20 2018 neutrino8AATTopensuse.org- Update to version 1.13.10
* Feature: the \"set\" parameter of the \"include\" SSI directive now allows writing arbitrary responses to a variable; the \"subrequest_output_buffer_size\" directive defines maximum response size.
* Feature: now nginx uses clock_gettime(CLOCK_MONOTONIC) if available, to avoid timeouts being incorrectly triggered on system time changes.
* Feature: the \"escape=none\" parameter of the \"log_format\" directive. Thanks to Johannes Baiter and Calin Don.
* Feature: the $ssl_preread_alpn_protocols variable in the ngx_stream_ssl_preread_module.
* Feature: the ngx_http_grpc_module.
* Bugfix: in memory allocation error handling in the \"geo\" directive.
* Bugfix: when using variables in the \"auth_basic_user_file\" directive a null character might appear in logs. Thanks to Vadim Filimonov.
* Tue Feb 20 2018 neutrino8AATTopensuse.org- Update to version 1.13.9
* Feature: HTTP/2 server push support; the \"http2_push\" and \"http2_push_preload\" directives.
* Bugfix: \"header already sent\" alerts might appear in logs when using cache; the bug had appeared in 1.9.13.
* Bugfix: a segmentation fault might occur in a worker process if the \"ssl_verify_client\" directive was used and no SSL certificate was specified in a virtual server.
* Bugfix: in the ngx_http_v2_module.
* Bugfix: in the ngx_http_dav_module.
* Tue Dec 26 2017 neutrino8AATTopensuse.org- Update to version 1.13.8
* Feature: now nginx automatically preserves the CAP_NET_RAW capability in worker processes when using the \"transparent\" parameter of the \"proxy_bind\", \"fastcgi_bind\", \"memcached_bind\", \"scgi_bind\", and \"uwsgi_bind\" directives.
* Feature: improved CPU cache line size detection. Thanks to Debayan Ghosh.
* Feature: new directives in vim syntax highlighting scripts. Thanks to Gena Makhomed.
* Bugfix: binary upgrade refused to work if nginx was re-parented to a process with PID different from 1 after its parent process has finished.
* Bugfix: the ngx_http_autoindex_module incorrectly handled requests with bodies.
* Bugfix: in the \"proxy_limit_rate\" directive when used with the \"keepalive\" directive.
* Bugfix: some parts of a response might be buffered when using \"proxy_buffering off\" if the client connection used SSL. Thanks to Patryk Lesiewicz.
* Bugfix: in the \"proxy_cache_background_update\" directive.
* Bugfix: it was not possible to start a parameter with a variable in the \"${name}\" form with the name in curly brackets without enclosing the parameter into single or double quotes.
* Tue Nov 21 2017 neutrino8AATTopensuse.org- Update to version 1.13.7
* Bugfix: in the $upstream_status variable.
* Bugfix: a segmentation fault might occur in a worker process if a backend returned a \"101 Switching Protocols\" response to a subrequest.
* Bugfix: a segmentation fault occurred in a master process if a shared memory zone size was changed during a reconfiguration and the reconfiguration failed.
* Bugfix: in the ngx_http_fastcgi_module.
* Bugfix: nginx returned the 500 error if parameters without variables were specified in the \"xslt_stylesheet\" directive.
* Workaround: \"gzip filter failed to use preallocated memory\" alerts appeared in logs when using a zlib library variant from Intel.
* Bugfix: the \"worker_shutdown_timeout\" directive did not work when using mail proxy and when proxying WebSocket connections.
* Tue Oct 10 2017 neutrino8AATTopensuse.org- Update to version 1.13.6
* Bugfix: switching to the next upstream server in the stream module did not work when using the \"ssl_preread\" directive.
* Bugfix: in the ngx_http_v2_module. Thanks to Piotr Sikora.
* Bugfix: nginx did not support dates after the year 2038 on 32-bit platforms with 64-bit time_t.
* Bugfix: in handling of dates prior to the year 1970 and after the year 10000.
* Bugfix: in the stream module timeouts waiting for UDP datagrams from upstream servers were not logged or logged at the \"info\" level instead of \"error\".
* Bugfix: when using HTTP/2 nginx might return the 400 response without logging the reason.
* Bugfix: in processing of corrupted cache files.
* Bugfix: cache control headers were ignored when caching errors intercepted by error_page.
* Bugfix: when using HTTP/2 client request body might be corrupted.
* Bugfix: in handling of client addresses when using unix domain sockets.
* Bugfix: nginx hogged CPU when using the \"hash ... consistent\" directive in the upstream block if large weights were used and all or most of the servers were unavailable.
* Tue Sep 05 2017 neutrino8AATTopensuse.org- Update to version 1.13.5
* Feature: the $ssl_client_escaped_cert variable.
* Bugfix: the \"ssl_session_ticket_key\" directive and the \"include\" parameter of the \"geo\" directive did not work on Windows.
* Bugfix: incorrect response length was returned on 32-bit platforms when requesting more than 4 gigabytes with multiple ranges.
* Bugfix: the \"expires modified\" directive and processing of the \"If-Range\" request header line did not use the response last modification time if proxying without caching was used.
* Tue Aug 08 2017 neutrino8AATTopensuse.org- Update to version 1.13.4
* Feature: the ngx_http_mirror_module.
* Bugfix: client connections might be dropped during configuration testing when using the \"reuseport\" parameter of the \"listen\" directive on Linux.
* Bugfix: request body might not be available in subrequests if it was saved to a file and proxying was used.
* Bugfix: cleaning cache based on the \"max_size\" parameter did not work on Windows.
* Bugfix: any shared memory allocation required 4096 bytes on Windows.
* Bugfix: nginx worker might be terminated abnormally when using the \"zone\" directive inside the \"upstream\" block on Windows.
* Tue Jul 11 2017 neutrino8AATTopensuse.org- Update to version 1.13.3
* Security: a specially crafted request might result in an integer overflow and incorrect processing of ranges in the range filter, potentially resulting in sensitive information leak (CVE-2017-7529).
* Tue Jun 27 2017 neutrino8AATTopensuse.org- Update to version 1.13.2
* Change: nginx now returns 200 instead of 416 when a range starting with 0 is requested from an empty file.
* Feature: the \"add_trailer\" directive. Thanks to Piotr Sikora.
* Bugfix: nginx could not be built on Cygwin and NetBSD; the bug had appeared in 1.13.0.
* Bugfix: nginx could not be built under MSYS2 / MinGW 64-bit. Thanks to Orgad Shaneh.
* Bugfix: a segmentation fault might occur in a worker process when using SSI with many includes and proxy_pass with variables.
* Bugfix: in the ngx_http_v2_module. Thanks to Piotr Sikora.
* Tue May 30 2017 neutrino8AATTopensuse.org- Update to version 1.13.1
* Feature: now a hostname can be used as the \"set_real_ip_from\" directive parameter.
* Feature: vim syntax highlighting scripts improvements.
* Feature: the \"worker_cpu_affinity\" directive now works on DragonFly BSD. Thanks to Sepherosa Ziehau.
* Bugfix: SSL renegotiation on backend connections did not work when using OpenSSL before 1.1.0.
* Workaround: nginx could not be built with Oracle Developer Studio 12.5.
* Workaround: now cache manager ignores long locked cache entries when cleaning cache based on the \"max_size\" parameter.
* Bugfix: client SSL connections were immediately closed if deferred accept and the \"proxy_protocol\" parameter of the \"listen\" directive were used.
* Bugfix: in the \"proxy_cache_background_update\" directive.
* Workaround: now the \"tcp_nodelay\" directive sets the TCP_NODELAY option before an SSL handshake.
* Tue Apr 25 2017 neutrino8AATTopensuse.org- Update to version 1.13.0
* Change: SSL renegotiation is now allowed on backend connections.
* Feature: the \"rcvbuf\" and \"sndbuf\" parameters of the \"listen\" directives of the mail proxy and stream modules.
* Feature: the \"return\" and \"error_page\" directives can now be used to return 308 redirections. Thanks to Simon Leblanc.
* Feature: the \"TLSv1.3\" parameter of the \"ssl_protocols\" directive.
* Feature: when logging signals nginx now logs PID of the process which sent the signal.
* Bugfix: in memory allocation error handling.
* Bugfix: if a server in the stream module listened on a wildcard address, the source address of a response UDP datagram could differ from the original datagram destination address.
* Wed Apr 12 2017 neutrino8AATTopensuse.org- Update to version 1.12.0
* Tue Apr 04 2017 neutrino8AATTopensuse.org- Update to version 1.11.13
* Feature: the \"http_429\" parameter of the \"proxy_next_upstream\", \"fastcgi_next_upstream\", \"scgi_next_upstream\", and \"uwsgi_next_upstream\" directives. Thanks to Piotr Sikora.
* Bugfix: in memory allocation error handling.
* Bugfix: requests might hang when using the \"sendfile\" and \"timer_resolution\" directives on Linux.
* Bugfix: requests might hang when using the \"sendfile\" and \"aio_write\" directives with subrequests.
* Bugfix: in the ngx_http_v2_module. Thanks to Piotr Sikora.
* Bugfix: a segmentation fault might occur in a worker process when using HTTP/2.
* Bugfix: requests might hang when using the \"limit_rate\", \"sendfile_max_chunk\", \"limit_req\" directives, or the $r->sleep() embedded perl method with subrequests.
* Bugfix: in the ngx_http_slice_module.
* Fri Mar 24 2017 neutrino8AATTopensuse.org- Update to version 1.11.12
* Bugfix: nginx might hog CPU; the bug had appeared in 1.11.11.
* Tue Mar 21 2017 neutrino8AATTopensuse.org- Update to version 1.11.11
* Feature: the \"worker_shutdown_timeout\" directive.
* Feature: vim syntax highlighting scripts improvements. Thanks to Wei-Ko Kao.
* Bugfix: a segmentation fault might occur in a worker process if the $limit_rate variable was set to an empty string.
* Bugfix: the \"proxy_cache_background_update\", \"fastcgi_cache_background_update\", \"scgi_cache_background_update\", and \"uwsgi_cache_background_update\" directives might work incorrectly if the \"if\" directive was used.
* Bugfix: a segmentation fault might occur in a worker process if number of large_client_header_buffers in a virtual server was different from the one in the default server.
* Bugfix: in the mail proxy server.
* Tue Feb 14 2017 neutrino8AATTopensuse.org- Update to version 1.11.10
* Change: cache header format has been changed, previously cached responses will be invalidated.
* Feature: support of \"stale-while-revalidate\" and \"stale-if-error\" extensions in the \"Cache-Control\" backend response header line.
* Feature: the \"proxy_cache_background_update\", \"fastcgi_cache_background_update\", \"scgi_cache_background_update\", and \"uwsgi_cache_background_update\" directives.
* Feature: nginx is now able to cache responses with the \"Vary\" header line up to 128 characters long (instead of 42 characters in previous versions).
* Feature: the \"build\" parameter of the \"server_tokens\" directive. Thanks to Tom Thorogood.
* Bugfix: \"[crit] SSL_write() failed\" messages might appear in logs when handling requests with the \"Expect: 100-continue\" request header line.
* Bugfix: the ngx_http_slice_module did not work in named locations.
* Bugfix: a segmentation fault might occur in a worker process when using AIO after an \"X-Accel-Redirect\" redirection.
* Bugfix: reduced memory consumption for long-lived requests using gzipping.
* Tue Jan 24 2017 neutrino8AATTopensuse.org- Update to version 1.11.9
* Bugfix: nginx might hog CPU when using the stream module; the bug had appeared in 1.11.5.
* Bugfix: EXTERNAL authentication mechanism in mail proxy was accepted even if it was not enabled in the configuration.
* Bugfix: a segmentation fault might occur in a worker process if the \"ssl_verify_client\" directive of the stream module was used.
* Bugfix: the \"ssl_verify_client\" directive of the stream module might not work.
* Bugfix: closing keepalive connections due to no free worker connections might be too aggressive. Thanks to Joel Cunningham.
* Bugfix: an incorrect response might be returned when using the \"sendfile\" directive on FreeBSD and macOS; the bug had appeared in 1.7.8.
* Bugfix: a truncated response might be stored in cache when using the \"aio_write\" directive.
* Bugfix: a socket leak might occur when using the \"aio_write\" directive.
* Tue Dec 27 2016 neutrino8AATTopensuse.org- Update to version 1.11.8
* Feature: the \"absolute_redirect\" directive.
* Feature: the \"escape\" parameter of the \"log_format\" directive.
* Feature: client SSL certificates verification in the stream module.
* Feature: the \"ssl_session_ticket_key\" directive supports AES256 encryption of TLS session tickets when used with 80-byte keys.
* Feature: vim-commentary support in vim scripts. Thanks to Armin Grodon.
* Bugfix: recursion when evaluating variables was not limited.
* Bugfix: in the ngx_stream_ssl_preread_module.
* Bugfix: if a server in an upstream in the stream module failed, it was considered alive only when a test connection sent to it after fail_timeout was closed; now a successfully established connection is enough.
* Bugfix: nginx/Windows could not be built with 64-bit Visual Studio.
* Bugfix: nginx/Windows could not be built with OpenSSL 1.1.0.
* Tue Dec 13 2016 neutrino8AATTopensuse.org- Update to version 1.11.7
* Change: now in case of a client certificate verification error the $ssl_client_verify variable contains a string with the failure reason, for example, \"FAILED:certificate has expired\".
* Feature: the $ssl_ciphers, $ssl_curves, $ssl_client_v_start, $ssl_client_v_end, and $ssl_client_v_remain variables.
* Feature: the \"volatile\" parameter of the \"map\" directive.
* Bugfix: dependencies specified for a module were ignored while building dynamic modules.
* Bugfix: when using HTTP/2 and the \"limit_req\" or \"auth_request\" directives client request body might be corrupted; the bug had appeared in 1.11.0.
* Bugfix: a segmentation fault might occur in a worker process when using HTTP/2; the bug had appeared in 1.11.3.
* Bugfix: in the ngx_http_mp4_module. Thanks to Congcong Hu.
* Bugfix: in the ngx_http_perl_module.
* Tue Nov 15 2016 neutrino8AATTopensuse.org- Update to version 1.11.6
* Change: format of the $ssl_client_s_dn and $ssl_client_i_dn variables has been changed to follow RFC 2253 (RFC 4514); values in the old format are available in the $ssl_client_s_dn_legacy and $ssl_client_i_dn_legacy variables.
* Change: when storing temporary files in a cache directory they will be stored in the same subdirectories as corresponding cache files instead of a separate subdirectory for temporary files.
* Feature: EXTERNAL authentication mechanism support in mail proxy. Thanks to Robert Norris.
* Feature: WebP support in the ngx_http_image_filter_module.
* Feature: variables support in the \"proxy_method\" directive. Thanks to Dmitry Lazurkin.
* Feature: the \"http2_max_requests\" directive in the ngx_http_v2_module.
* Feature: the \"proxy_cache_max_range_offset\", \"fastcgi_cache_max_range_offset\", \"scgi_cache_max_range_offset\", and \"uwsgi_cache_max_range_offset\" directives.
* Bugfix: graceful shutdown of old worker processes might require infinite time when using HTTP/2.
* Bugfix: in the ngx_http_mp4_module.
* Bugfix: \"ignore long locked inactive cache entry\" alerts might appear in logs when proxying WebSocket connections with caching enabled.
* Bugfix: nginx did not write anything to log and returned a response with code 502 instead of 504 when a timeout occurred during an SSL handshake to a backend.
* Mon Oct 31 2016 neutrino8AATTgmail.com- Clean ups to spec file- Add sign keys
* Thu Oct 27 2016 neutrino8AATTgmail.com- Optimize the %files section of the spec file
* Wed Oct 26 2016 neutrino8AATTgmail.com- Don\'t overwrite logrotate file
* Tue Oct 18 2016 neutrino8AATTgmail.com- Add man page
* Tue Oct 18 2016 neutrino8AATTgmail.com- Update logrotate file
* Tue Oct 18 2016 neutrino8AATTgmail.com- Don\'t put config files in doc dir
* Tue Oct 18 2016 neutrino8AATTgmail.com- Update to version 1.11.5
* Change: the --with-ipv6 configure option was removed, now IPv6 support is configured automatically.
* Change: now if there are no available servers in an upstream, nginx will not reset number of failures of all servers as it previously did, but will wait for fail_timeout to expire.
* Feature: the ngx_stream_ssl_preread_module.
* Feature: the --with-compat configure option.
* Feature: \"manager_files\", \"manager_threshold\", and \"manager_sleep\" parameters of the \"proxy_cache_path\", \"fastcgi_cache_path\", \"scgi_cache_path\", and \"uwsgi_cache_path\" directives.
* Bugfix: flags passed by the --with-ld-opt configure option were not used while building perl module.
* Bugfix: in the \"add_after_body\" directive when used with the \"sub_filter\" directive.
* Bugfix: in the $realip_remote_addr variable.
* Bugfix: the \"dav_access\", \"proxy_store_access\", \"fastcgi_store_access\", \"scgi_store_access\", and \"uwsgi_store_access\" directives ignored permissions specified for user.
* Bugfix: unix domain listen sockets might not be inherited during binary upgrade on Linux.
* Bugfix: nginx returned the 400 response on requests with the \"-\" character in the HTTP method.
  
ICM