non port: www/nginx-devel/distinfo |
Number of commits found: 869 (showing only 100 on this page) |
Friday, 12 Jun 2015
|
01:31 osa
Upgrade from 5.0.9 to 5.0.10:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
|
Friday, 5 Jun 2015
|
03:10 osa
Upgrade from 5.0.8 to 5.0.9:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
|
Tuesday, 2 Jun 2015
|
07:51 peter
Update the optional (defaults to off) ldap authentication module to a more
recent version. Of particular importance is that the old one
connected/disconnected to the ldap server for every single URL being served
while this one has a configurable cache.
PR: 200550
Reviewed by: osa
|
Friday, 29 May 2015
|
14:01 mat
Convert nginx, nginx-devel and tengine to USE_GITHUB.
Sponsored by: Absolight
|
Thursday, 28 May 2015
|
02:38 osa
Make 'make makesum' happy.
|
01:07 osa
Upgrade from 1.9.0 to 1.9.1.
<ChangeLog>
*) Change: now SSLv3 protocol is disabled by default.
*) Change: some long deprecated directives are not supported anymore.
*) Feature: the "reuseport" parameter of the "listen" directive.
Thanks to Sepherosa Ziehau and Yingqi Lu.
*) Feature: the $upstream_connect_time variable.
*) Bugfix: in the "hash" directive on big-endian platforms.
*) Bugfix: nginx might fail to start on some old Linux variants; the bug
had appeared in 1.7.11.
*) Bugfix: in IP address parsing.
Thanks to Sergey Polovko.
</ChangeLog>
|
Tuesday, 26 May 2015
|
23:10 osa
Add third-party postgres module back.
Based on patch from: Alexander Ushakov <alexander@tauruna.ru>
|
Sunday, 24 May 2015
|
16:27 osa
Upgrade from 5.0.7 to 5.0.8:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
|
Wednesday, 29 Apr 2015
|
01:03 osa
Update from 5.0.6 to 5.0.7:
o) www/rubygem-passenger;
o) third-party passenger modules for www/nginx and www/nginx-devel.
|
00:29 osa
Upgrade from 1.8.0 to 1.9.0.
<ChangeLog>
*) Change: obsolete aio and rtsig event methods have been removed.
*) Feature: the "zone" directive inside the "upstream" block.
*) Feature: the stream module.
*) Feature: byte ranges support in the ngx_http_memcached_module.
Thanks to Martin Mlynar.
*) Feature: shared memory can now be used on Windows versions with
address space layout randomization.
Thanks to Sergey Brester.
*) Feature: the "error_log" directive can now be used on mail and server
levels in mail proxy.
*) Bugfix: the "proxy_protocol" parameter of the "listen" directive did
not work if not specified in the first "listen" directive for a
listen socket.
</ChangeLog>
|
Monday, 27 Apr 2015
|
02:16 osa
Remove support for next unsupported third-party modules:
o) http_upload;
o) postgres;
o) supervisord;
o) tcp_proxy;
Add back third-party http_upstream_sticky module's checksums.
|
Tuesday, 21 Apr 2015
|
23:26 osa
Upgrade to latest stable version 1.8.0.
According to vendor's recommendations safely remove NGX_THREADS macro
with some long unused code from some third-party modules.
Merge changes from www/nginx-devel to www/nginx.
Merge third-pary upstream_sticky module from www/nginx to www/nginx-devel.
Remove outdated syslog support.
|
18:03 osa
Upgrade third-party set_misc module from 0.24 to 0.28.
|
00:26 osa
Upgrade third-party modules:
o) echo from 0.51 to 0.57;
o) memc from 0.14 to 0.15;
o) srcache from 0.25 to 0.29.
|
00:08 osa
Upgrade third-party redis2 module from 0.10 to 0.11.
|
Monday, 20 Apr 2015
|
23:58 osa
Upgrade third-pary redis2 module from 0.9.4 to 0.9.15.
|
Friday, 17 Apr 2015
|
21:55 osa
Upgrade third-party headers-more module from 0.25 to 0.26.
Patch from: Denis Denisov <denji0k@gmail.com> (via mail)
|
Wednesday, 8 Apr 2015
|
00:43 osa
Upgrade from 1.7.11 to 1.7.12.
Temporary disable following third-party modules:
o) arrayvar
o) echo
o) headers_more
o) http_mogilefs
o) drizzle
o) encryptsession
o) forminput
o) iconv
o) let
o) lua
o) memc
o) modsecurity
o) rds_csv
o) rds_json
o) redis2
o) set_misc
o) sflow
o) srcache
o) xrid_header
o) xss
<ChangeLog>
*) Feature: now the "tcp_nodelay" directive works with backend SSL
connections.
*) Feature: now thread pools can be used to read cache file headers.
*) Bugfix: in the "proxy_request_buffering" directive.
*) Bugfix: a segmentation fault might occur in a worker process when
using thread pools on Linux.
*) Bugfix: in error handling when using the "ssl_stapling" directive.
Thanks to Filipe da Silva.
*) Bugfix: in the ngx_http_spdy_module.
</ChangeLog>
|
Sunday, 5 Apr 2015
|
16:11 osa
Upgrade from 1.7.10 to 1.7.11.
Temporary disable third-party upload module.
<ChangeLog>
*) Change: the "sendfile" parameter of the "aio" directive is
deprecated; now nginx automatically uses AIO to pre-load data for
sendfile if both "aio" and "sendfile" directives are used.
*) Feature: experimental thread pools support.
*) Feature: the "proxy_request_buffering", "fastcgi_request_buffering",
"scgi_request_buffering", and "uwsgi_request_buffering" directives.
*) Feature: request body filters experimental API.
*) Feature: client SSL certificates support in mail proxy.
Thanks to Sven Peter, Franck Levionnois, and Filipe Da Silva.
*) Feature: startup speedup when using the "hash ... consistent"
directive in the upstream block.
Thanks to Wai Keen Woon.
*) Feature: debug logging into a cyclic memory buffer.
*) Bugfix: in hash table handling.
Thanks to Chris West.
*) Bugfix: in the "proxy_cache_revalidate" directive.
*) Bugfix: SSL connections might hang if deferred accept or the
"proxy_protocol" parameter of the "listen" directive were used.
Thanks to James Hamlin.
*) Bugfix: the $upstream_response_time variable might contain a wrong
value if the "image_filter" directive was used.
*) Bugfix: in integer overflow handling.
Thanks to Regis Leroy.
*) Bugfix: it was not possible to enable SSLv3 with LibreSSL.
*) Bugfix: the "ignoring stale global SSL error ... called a function
you should not call" alerts appeared in logs when using LibreSSL.
*) Bugfix: certificates specified by the "ssl_client_certificate" and
"ssl_trusted_certificate" directives were inadvertently used to
automatically construct certificate chains.
</ChangeLog>
|
16:02 osa
Upgrade third-party rtmp module from 1.1.6 to 1.1.7.
|
Saturday, 4 Apr 2015
|
23:38 osa
Upgrade from 5.0.4 to 5.0.6:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
The passenger now uses its own libev fork, so remove devel/libev dependency.
<ChangeLog>
Release 5.0.6
-------------
* The turbocache no longer caches responses for which the Cache-Control header
contains "no-cache". Please note that "no-cache" does not mean "do not cache
this response". Instead, it means "any caching servers may only serve the
cached response after validating it". Since the turbocache does not support
validation, we've chosen to skip caching instead.
Coincidentally, this change "fixes" problems with applications that
erroneously use "no-cache" as a flag for "do not cache this response". What
these applications should actually use is "no-store". We recommend the
developers of such applications to change their caching headers in this
manner, because even if Passenger doesn't unintentionally cache the response,
any intermediate proxies that visitors are behind may still cache the
response.
* Fixes a number of memory leaks. Memory was leaked upon processing a request
with multiple headers, upon processing a response with multiple headers, and
upon processing a response with Set-Cookie headers. Every time such a request
or response was processed, 512 bytes of memory was leaked due to improperly
dereferencing relevant memory buffers. Closes GH-1455.
* Fixes various bugs related to Union Station data collection.
Union Station is our upcoming application analytics and performance
monitoring SaaS platform. It is opt-in: no data is collected unless you turn
the feature on.
* Fixes a Union Station-related file descriptor leak. Closes GH-1439.
* Fixes some bugs w.r.t. use of uninitialized memory.
* More informative error message if a support binary is not found, including a
resolution hint. Closes GH-1395.
* [Apache] `SetEnv` variables are now passed as Rack/CGI/request variables.
This was also the case in Passenger 4, but not in Passenger 5.0.0-5.0.5.
We've restored the old behavior because the behavior in 5.0.0-5.0.5 breaks
certain Apache modules such as Shibboleth. Closes GH-1446.
* [Standalone] PID and log files now correctly created if user specifies
relative path.
Release 5.0.5
-------------
* Fixes various crashes due to use of uninitialized memory. One such crash is
documented in GH-1431.
* Fixes a connection stall in the Apache module. Closes GH-1425.
* Fixes a potential read-past-buffer bug in string-to-integer conversion
routines. Thanks to dcb314 for spotting this. Closes GH-1441.
* Fixes a compilation problem on Solaris. This problem was caused by the fact
that `tm_gmtoff` is not supported on that platform. Closes GH-1435.
* There is now an API endpoint for force disconnecting a client:
`passenger-config admin-command DELETE /server/<client name>.json`.
Closes GH-1246.
* Fixes some file descriptor leaks. These leaks were caused by the fact that
keep-alive connections with application processes were not being closed
properly. Closes GH-1439.
* In order to more easily debug future file descriptor leaks, we've introduced
the `PassengerFileDescriptorLogFile` (Apache) and
`passenger_file_descriptor_log_file` (Nginx) config options. This allows
Passenger to log all file descriptor open/close activity to a specific log
file.
* The `PassengerDebugLogFile` (Apache) and `passenger_debug_log_file` (Nginx)
configuration options have been renamed to `PassengerLogFile` and
`passenger_log_file`, respectively. The old name is support supported for
backward compatibility reasons.
* [Enterprise] Fixes a bug in Flying Passenger's `--instance-registry-dir`
command line parameter. This command line parameter didn't do anything.
* [Enterprise] The Flying Passenger daemon no longer supports the
`--max-preloader-idle-time` config option. This is because the config option
never worked. The correct way to set the max preloader idle time is through
the Nginx config option, but this was wrongly documented, so the
documentation has been fixed.
</ChangeLog>
|
Friday, 13 Mar 2015
|
00:41 osa
Upgrade from 5.0.2 to 5.0.4:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
Release 5.0.3
-------------
* [Standalone] When using the builtin engine, `passenger start` may crash
during
startup due to an initialization race condition. This has been fixed.
* [Enterprise] Fixes a bug in passenger-irb. Running passenger-irb without a
PID
parameter worked, but running it with a PID parameter didn't.
* Fixes an integer overflow that resulted in a file descriptor leak and stalled
client connections. Closes GH-1412.
* Truncates Passenger source code paths in logs (to 3 chars) to reduce
redundant
info. Closes GH-1383.
* Fixes invalid JSON output for non-finite double values (e.g. from the HTTP
JSON
API). Closes GH-1408.
* All hooks now set the `PASSENGER_HOOK_NAME` environment variable. This
variable
is set to the name of the hook that is being called.
* The Ruby handler no longer tries to call #force_encoding on response body
strings, which fixes an incompatibility with apps/libraries that return
frozen
body strings. Closes GH-1414.
* If the Ruby handler crashes while processing a Rack response body, it will
now
no longer stall the connection.
* Fixes env.SERVER_PORT containing 80 instead of 443 when using https on
default
port. Closes GH-1421.
* We now handle errors in the `poll()` system call better. This might fix some
crashes during shutdown which manifest on FreeBSD.
</ChangeLog>
|
00:06 osa
Upgrade from 4.0.59 to 5.0.2:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
Release 5.0.2
-------------
* Fixes a connection freeze that could occur when processing large responses.
This would
manifest itself under the error message "This website is under heavy load" or
"Request
queue is full, returning an error". Closes GH-1404.
* Debian and Ubuntu packages have been reintroduces.
* When `passenger-config restart-app` is run interactively, if Passenger is not
serving
any applications, then the command now prints an error message instead of
showing a
menu with only a "Cancel" option.
* Fixes a compilation problem on FreeBSD 10 (contributed by: clemensg). Closes
GH-1401.
* [Standalone] Fixes a crash that would occur if you use the `--ctl` parameter.
* [Enterprise] The `--max-request-time` option has been added to Passenger
Standalone.
* [Enterprise] The `max_request_time_reached` hook has been introduced. This
hook allows
you to run diagnostics on a process that that took too long to respond to a
request.
Release 5.0.1
-------------
* The `passenger-config restart-app` command is now more user friendly. When
run in a
terminal, it will show an interactive menu, allowing you to select the app to
restart.
Closes GH-1387.
* Fixed a crash bug in the handling of sticky session cookies.
* Log failed program in error message, not its command line (contributed by:
paisleyrob).
Closes GH-1397.
* [Nginx] Fixes cases in which Passenger overrides the Nginx handler function
even when
it shouldn't, for example when Passenger is disabled. Closes GH-1393.
* [Enterprise] The `sticky_sessions` and `envvars` options in
Passengerfile.json is now
also supported in mass deployment mode.
Release 5.0.0 release candidate 2
---------------------------------
* Fixes an installation problem with the Ruby gem due to incorrect Makefile
generation.
Closes GH-1382.
* More helpful message when request queue is full. Closes GH-1375.
Release 5.0.0 release candidate 1
---------------------------------
* Fixed Date headers not being formatted in the GMT timezone. Closes GH-1367.
* Fixed Passengerfile.json/passenger-standalone.json not being properly loaded
in
Passenger Standalone.
* Fixed support for sticky sessions.
* Fixed an infinite loop if the ApplicationPool garbage collector fails due to
an
exception. Closes GH-1360.
* Fixed Passenger Standalone exiting prematurely when the HelperAgent crashes.
Exiting
prematurely is not supposed to happen because the watchdog will restart the
HelperAgent.
Closes GH-1339.
* Fixed a crash that occurs when using a non-standard startup file value.
Closes GH-1378.
* When dumping system metrics during error page generation, the
`passenger-config`
command is now invoked under the same Ruby interpreter as the app, instead of
the
one in PATH. Closes GH-1381.
* When a Ruby process crashes due to an uncaught exception, this fact is now
properly
logged.
* Specifying 0 for the `max_pool_size` config option no longer results in a
crash.
Closes GH-1334.
* The timeouts when downloading Passenger Standalone binaries and source files
are
now customizable. Closes GH-1295.
* The `envvars` option is now supported in Passengerfile.json, for passing
environment
variables to the application. Closes GH-1377.
* Introduced `hook_queue_full_error` for request queue overflows. Closes
GH-1358.
* [Ruby] Fixed handling of "transfer-encoding chunked" response bodies which
contain
zero-sized chunks.
* [Nginx] It is no longer necessary to re-specify `passenger_enabled` in
`location`
contexts. Closes GH-1338.
* [Enterprise] Fixed a bug in mass deployment reloading.
* [Enterprise] Fixed a bug in mass deployment daemonization.
* [Enterprise] The mass deployment mode now supports the `app_type` and
`startup_file`
configuration options in Passengerfile.json/passenger-standalone.json. Closes
GH-1366.
Release 5.0.0 beta 3
--------------------
* The turbocache has received major updates and fixes based on excellent
feedback Chris
Heald and the community. First, several bugs w.r.t. the handling of caching
headers
have been fixed. Second, the turbocache has become slightly more conservative
for
security reasons. In previous versions, default cacheable responses (as
defined by RFC
7234) were cached unless caching headers tell us not to. Now, default
cacheable responses
are only cached if caching headers explicitly tell us to. This change was
introduced
because there are many applications that set incorrect caching headers on
private
responses. This new behavior is currently not configurable, but there are
plans to make
it configurable in 5.0.0 release candidate 1.
* Introduced a new configuration option,
`passenger_response_buffer_high_watermark` (Nginx)
and `PassengerResponseBufferHighWatermark` (Apache), for configuring the
behavior of the
response buffering system. Closes GH-1300.
* Fixed more cookie handling issues. Closes GH-1310.
* Fixed various WebSocket issues. Closes GH-1306.
* Fixed some crashes caused by race conditions. Closes GH-1326.
* Fixed issues with handling POST data. Closes GH-1331.
* Fixed some issues on Heroku. Closes GH-1329.
* Fixed some integer overflows. Fix contributed by Go Maeda. Closes GH-1357.
* Fixed the `passenger-status --show=union_station` command. Closes GH-1336.
* Nginx versions earlier than 1.6 are no longer supported.
* Improved state introspection.
Release 5.0.0 beta 2
--------------------
* Fixed handling of multiple Set-Cookie headers. Closes GH-1296.
* `passenger-config system-metrics` now works properly if the agent is
installed in
~/.passenger. Closes GH-1304.
* Documentation enhancements by Igor Vuk. Closes GH-1318.
* Fixed some crasher bugs.
* [Standalone] User switching is now correctly disabled.
* [Standalone] Fixed the `--thread-count` parameter.
* [Apache] IPs set by mod_remoteip are now respected. Closes GH-1284.
* [Apache] Fixed support for gzipped chunked responses. Closes GH-1309.
Release 5.0.0 beta 1
--------------------
Version 5.0.0 beta 1 contains major changes. It's mostly compatible with version
4, but there
are a few minor breakages, which are described below. Major changes and notable
breakages are:
* Performance has been much improved. This is thanks to months of optimization
work. You can
learn more at www.rubyraptor.org.
* We've published a [server optimization guide]
(https://www.phusionpassenger.com/documentation/ServerOptimizationGuide.html)
for those who
are interested in tuning Phusion Passenger.
* Support for Rails 1.2 - 2.2 has been removed, for performance reasons. Rails
2.3 is still
supported.
* Phusion Passenger now supports integrated HTTP caching, which we call
turbocaching. If your
app sets the right HTTP headers then Phusion Passenger can tremendously
accelerate your app.
It is enabled by default, but you can disable it with
`--disable-turbocaching` (Standalone),
`PassengerTurbocaching off` (Apache), or 'passenger_turbocaching off'
(Nginx).
* Touching restart.txt will no longer restart your app immediately. This is
because, for
performance reasons, the stat throttle rate now defaults to 10. You can still
get back the
old behavior by setting `PassengerStatThrottleRate 0` (Apache) or
`passenger_stat_throttle_rate 0` (Nginx), but this is not encouraged.
Instead, we encourage
you to use the `passenger-config restart-app` tool to initiate restarts,
which has immediate
effect.
* Websockets are now properly disconnected on application restarts.
* The Phusion Passneger log levels have been completely revamped. If you were
setting a log
level before (e.g. through `passenger_log_level`), please read the latest
documentation to
learn about the new log levels.
* If you use out-of-band garbage collection, beware that the
`X-Passenger-Request-OOB-Work`
header has now been renamed to `!~Request-OOB-Work`.
* When using Rack's full socket hijacking, you must now output an HTTP status
line.
* [Nginx] The `passenger_set_cgi_param` option has been removed and replaced by
`passenger_set_header` and `passenger_env_var`.
* [Nginx] `passenger_show_version_in_header` is now only valid in the `http`
context.
* [Apache] The `PassengerStatThrottleRate` option is now global.
Minor changes:
* The minimum required Nginx version is now 1.6.0.
* The instance directory is now touched every hour instead of every 6 hours.
This should
hopefully prevent more problems with /tmp cleaner daemons.
* Applications are not grouped not only on the application root path, but also
on the
environment. For example, this allows you to run the same app in both
production and staging
mode, with only a single directory, without further configuration. Closes
GH-664.
* The `passenger_temp_dir` option (Nginx) and the `PassengerTempDir` option
(Apache) have been
replaced by two config options. On Nginx they are
`passenger_instance_registry_dir` and
`passenger_data_buffer_dir`. On Apache they are
`PassengerInstanceRegistryDir` and
`PassengerDataBufferDir`. On Apache, `PassengerUploadBufferDir` has been
replaced by
`PassengerDataBufferDir`.
* Command line tools no longer respect the `PASSENGER_TEMP_DIR` environment
variable.
Use `PASSENGER_INSTANCE_REGISTRY_DIR` instead.
* `passenger-status --show=requests` has been deprecated in favor of
`passenger-status --show=connections`.
* Using the SIGUSR1 signal to restart a Ruby app without dropping connections,
is no longer
supported. Instead, use `passenger-config detach-process`.
* Introduced the `passenger-config reopen-logs` command, which instructs all
Phusion Passenger
agent processes to reopen their log files. You should call this after having
rotated the web
server logs.
* [Standalone] The Phusion Passenger Standalone config template has changed.
Users are
encouraged to update it.
* [Standalone] `passenger-standalone.json` has been renamed to
`Passengerfile.json`.
* [Standalone] `passenger-standalone.json`/`Passengerfile.json` no longer
overrides command
line options. Instead, command line options now have the highest priority.
Release 4.0.60
--------------
* Fixed the password protection of internal Phusion Passenger processes.
For security reasons, Phusion Passenger limits access to internal processes,
by using Unix
file permissions and randomly generated passwords that only authorized
internal processes
know. It turns out that this password wasn't set correctly, which has now
been fixed.
There was no security vulnerability, because the file permissions already
provide
sufficient security. The password only serves as an extra layer of security
just in case
there is a problem with the former.
This issue is not at all related to any application-level security or
application-level
passwords. Any database passwords, keys, or secrets used and generated by
applications
have got nothing to do with the nature of this issue. This issue only relates
to some
randomly generated passwords that Passenger uses internally, for its internal
operations.
</ChangeLog>
|
Friday, 13 Feb 2015
|
12:49 osa
Update third-party modsecurity module from 2.8.0 to 2.9.0.
<ChangeLog>
12 Feb 2015 - 2.9.0
-------------------
* Fix apr_crypto.h include, now checking if apr_crypto.h is available by
checking the definition WITH_APU_CRYPTO.
[martinjina and ModSecurity team]
15 Dez 2014 - 2.9.0-RC2
-----------------------
* OpenSSL dependency was removed on MS Windows builds. ModSecurity is now using
the Windows certificate storage.
[Gregg Smith, Steffen and ModSecurity team]
* Informs about external resources loaded/failed while reloading Apache.
[ModSecurity team]
* Adds missing 'ModSecurity:' prefix in some warnings messages.
[Walter Hop and ModSecurity team]
* Refactoring external resources download warn messages. Holding the message
to be displayed when Apache is ready to write on the error_log.
[ModSecurity team]
* Remote resources loading process is now failing in case of HTTP error.
[Walter Hop and ModSecurity team]
* Fixed start up crash on Apache with mod_ssl configured. Crash was happening
during the download of remote resources.
[Christian Folini, Walter Hop and ModSecurity team]
* Curl is not a mandatory dependency to ModSecurity core anymore.
[Rainer Jung and ModSecurity team]
18 Nov 2014 - 2.9.0-RC1
-----------------------
* `pmFromFile' and `ipMatchFromFile' operators are now accepting HTTPS served
files as parameter.
* `SecRemoteRules' directive - allows you to specify a HTTPS served file that
may contain rules in the SecRule format to be loaded into your ModSecurity
instance.
* `SecRemoteRulesFailAction' directive - allows you to control whenever the
user wants to Abort or just Warn when there is a problem while downloading
rules specified with the directive: `SecRemoteRules'.
* `fuzzyHash' operator - allows to match contents using fuzzy hashes.
* `FILES_TMP_CONTENT' collection - make available the content of uploaded
files.
* InsecureNoCheckCert - option to validate or not a chain of SSL certificates
on mlogc connections.
* ModSecurityIIS: ModSecurity event ID was changed from 0 to 0x1.
[Issue #676 - Kris Kater and ModSecurity team]
* Fixed signature on "status call": ModSecurity is now using the original
server signature.
[Issues #702 - Linas and ModSecurity team]
* YAJL version is printed while ModSecurity initialization.
[Issue #703 - Steffen (Apache Lounge) and Mauro Faccenda]
* Fixed subnet representation using slash notation on the @ipMatch operator.
[Issue #706 - Walter Hop and ModSecurity team]
* Limited the length of a status call.
[Issue #714 - 'cpanelkurt' and ModSecurity team]
* Added the missing -P option to nginx regression tests.
[Issue #720 - Paul Yang]
* Fixed automake scripts to do not use features which will be deprecated in
the upcoming releases of automake.
[Issue #760 - ModSecurity team]
* apr-utils's LDFALGS is now considered while building ModSecurity.
[Issue #782 - Daniel J. Luke]
* IIS installer is not considering IIS 6 as compatible anymore.
[Issue #790 - ModSecurity team]
* Fixed yajl build script: now looking for the correct header file.
[Issue #804 - 'rpfilomeno' and ModSecurity team]
* mlgoc is now forced to use TLS 1.x.
[Issue #806 - Josh Amishav-Zlatin and ModSecurity team]
</ChangeLog>
|
Wednesday, 11 Feb 2015
|
03:23 osa
Upgrade from 4.0.58 to 4.0.59:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
Release 4.0.59
--------------
* [Enterprise] Fixed support for free-style Node.js apps.
</ChangeLog>
|
03:07 osa
Upgrade from 1.7.9 to 1.7.10.
<ChangeLog>
Changes with nginx 1.7.10 10 Feb 2015
*) Feature: the "use_temp_path" parameter of the "proxy_cache_path",
"fastcgi_cache_path", "scgi_cache_path", and "uwsgi_cache_path"
directives.
*) Feature: the $upstream_header_time variable.
*) Workaround: now on disk overflow nginx tries to write error logs once
a second only.
*) Bugfix: the "try_files" directive did not ignore normal files while
testing directories.
Thanks to Damien Tournoud.
*) Bugfix: alerts "sendfile() failed" if the "sendfile" directive was
used on OS X; the bug had appeared in 1.7.8.
*) Bugfix: alerts "sem_post() failed" might appear in logs.
*) Bugfix: nginx could not be built with musl libc.
Thanks to James Taylor.
*) Bugfix: nginx could not be built on Tru64 UNIX.
Thanks to Goetz T. Fischer.
</ChangeLog>
|
Friday, 23 Jan 2015
|
23:28 osa
Upgrade from 4.0.57 to 4.0.58:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
Release 4.0.58
--------------
* [Enterprise] Fixed a bug in the Debian packages which caused Flying Passenger
to break when used with non-system Rubies.
* The Debian packages no longer require Ruby 1.9. Closes GH-1353.
</ChangeLog>
|
Sunday, 4 Jan 2015
|
16:54 osa
Upgrade third-party dav_ext module from 0.0.2 to 0.0.3.
|
16:38 osa
Upgrade third-party drizzle module from 0.1.7 to 0.1.8.
Rename extra patch for the module.
|
16:03 osa
Upgrade third-party rtmp module from 1.1.5 to 1.1.6.
Remove necessary patch for the module.
|
03:27 osa
Update third-party ngx_fancyindex module from 0.3.1 to 0.3.4.
Submitted by: Miguel Clara <miguelmclara@gmail.com>
<ChangeLog>
v0.3.4
======
- Viewport is now defined in the generated HTML, which works better
for mobile devices.
- Even-odd row styling moved to the CSS using :nth-child(). This
makes the HTML served to clients smaller.
v0.3.3
======
- New feature: table headers in the default template are now clickable
to set the sorting criteria and direction of the index entries.
(https://github.com/aperezdc/ngx-fancyindex/issues/7)
v0.3.2
======
- Solved a bug that would leave certain clients stalled forever.
- Improved handling of subrequests for non-builtin headers/footers.
</ChangeLog>
|
Saturday, 3 Jan 2015
|
17:13 osa
Upgrade from 1.7.8 to 1.7.9.
<ChangeLog>
Changes with nginx 1.7.9 23 Dec 2014
*) Feature: variables support in the "proxy_cache", "fastcgi_cache",
"scgi_cache", and "uwsgi_cache" directives.
*) Feature: variables support in the "expires" directive.
*) Feature: loading of secret keys from hardware tokens with OpenSSL
engines.
Thanks to Dmitrii Pichulin.
*) Feature: the "autoindex_format" directive.
*) Bugfix: cache revalidation is now only used for responses with 200
and 206 status codes.
Thanks to Piotr Sikora.
*) Bugfix: the "TE" client request header line was passed to backends
while proxying.
*) Bugfix: the "proxy_pass", "fastcgi_pass", "scgi_pass", and
"uwsgi_pass" directives might not work correctly inside the "if" and
"limit_except" blocks.
*) Bugfix: the "proxy_store" directive with the "on" parameter was
ignored if the "proxy_store" directive with an explicitly specified
file path was used on a previous level.
*) Bugfix: nginx could not be built with BoringSSL.
Thanks to Lukas Tribus.
</ChangeLog>
|
17:08 osa
Update third-party ngx_cache_purge module from 2.1 to 2.3 (as preparation to
upgrade the www/nginx-devel to 1.7.9).
<ChangeLog>
2014-12-23 VERSION 2.3
* Fix compatibility with nginx-1.7.9+.
2014-12-02 VERSION 2.2
* Fix compatibility with nginx-1.7.8+.
2014-05-19
* Fix build on Solaris with SunCC (Solaris Studio).
Reported by Jussi Sallinen.
</ChangeLog>
|
16:58 osa
Upgrade from 4.0.53 to 4.0.57 (as preparation to upgrade the www/nginx-devel to
1.7.9):
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
Release 4.0.57
--------------
* Fixed a native extension compatibility problem with Ruby 2.2.
Closes [ruby-core:67152](https://bugs.ruby-lang.org/issues/10656).
* Fixed compatibility with Nginx 1.7.9. Closes GH-1335.
Release 4.0.56
--------------
* Fixed a file descriptor leak that manifests when an error page is shown.
Contributed by
Paul Bonaud, closes GH-1325.
* Improved Node.js request load balancing. Closes GH-1322. Thanks to Charles
Vallieres for
the analysis.
Release 4.0.55
--------------
* Supports Ruby 2.2. Closes GH-1314.
* Fixed Linux OS name detection.
Release 4.0.54
--------------
* Contains a licensing-related hot fix for Enterprise customers.
</ChangeLog>
|
Wednesday, 10 Dec 2014
|
23:12 osa
Upgrade from 1.7.7 to 1.7.8.
<ChangeLog>
*) Change: now the "If-Modified-Since", "If-Range", etc. client request
header lines are passed to a backend while caching if nginx knows in
advance that the response will not be cached (e.g., when using
proxy_cache_min_uses).
*) Change: now after proxy_cache_lock_timeout nginx sends a request to a
backend with caching disabled; the new directives
"proxy_cache_lock_age", "fastcgi_cache_lock_age",
"scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
after which the lock will be released and another attempt to cache a
response will be made.
*) Change: the "log_format" directive can now be used only at http
level.
*) Feature: the "proxy_ssl_certificate", "proxy_ssl_certificate_key",
"proxy_ssl_password_file", "uwsgi_ssl_certificate",
"uwsgi_ssl_certificate_key", and "uwsgi_ssl_password_file"
directives.
Thanks to Piotr Sikora.
*) Feature: it is now possible to switch to a named location using
"X-Accel-Redirect".
Thanks to Toshikuni Fukaya.
*) Feature: now the "tcp_nodelay" directive works with SPDY connections.
*) Feature: new directives in vim syntax highliting scripts.
Thanks to Peter Wu.
*) Bugfix: nginx ignored the "s-maxage" value in the "Cache-Control"
backend response header line.
Thanks to Piotr Sikora.
*) Bugfix: in the ngx_http_spdy_module.
Thanks to Piotr Sikora.
*) Bugfix: in the "ssl_password_file" directive when using OpenSSL
0.9.8zc, 1.0.0o, 1.0.1j.
*) Bugfix: alerts "header already sent" appeared in logs if the
"post_action" directive was used; the bug had appeared in 1.5.4.
*) Bugfix: alerts "the http output chain is empty" might appear in logs
if the "postpone_output 0" directive was used with SSI includes.
*) Bugfix: in the "proxy_cache_lock" directive with SSI subrequests.
Thanks to Yichun Zhang.
</ChangeLog>
|
Wednesday, 29 Oct 2014
|
11:37 osa
Upgrade from 1.7.6 to 1.7.7.
<ChangeLog>
*) Change: now nginx takes into account the "Vary" header line in a
backend response while caching.
*) Feature: the "proxy_force_ranges", "fastcgi_force_ranges",
"scgi_force_ranges", and "uwsgi_force_ranges" directives.
*) Feature: the "proxy_limit_rate", "fastcgi_limit_rate",
"scgi_limit_rate", and "uwsgi_limit_rate" directives.
*) Feature: the "Vary" parameter of the "proxy_ignore_headers",
"fastcgi_ignore_headers", "scgi_ignore_headers", and
"uwsgi_ignore_headers" directives.
*) Bugfix: the last part of a response received from a backend with
unbufferred proxy might not be sent to a client if "gzip" or "gunzip"
directives were used.
*) Bugfix: in the "proxy_cache_revalidate" directive.
Thanks to Piotr Sikora.
*) Bugfix: in error handling.
Thanks to Yichun Zhang and Daniil Bondarev.
*) Bugfix: in the "proxy_next_upstream_tries" and
"proxy_next_upstream_timeout" directives.
Thanks to Feng Gu.
*) Bugfix: nginx/Windows could not be built with MinGW-w64 gcc.
Thanks to Kouhei Sutou.
</ChangeLog>
|
Saturday, 4 Oct 2014
|
14:16 osa
Update from 4.0.52 to 4.0.53:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
* Upgraded the preferred Nginx version to 1.6.2.
* Improved RVM gemset autodetection.
* Fixed some Ruby 2.2 compatibility issues.
</ChangeLog>
|
Wednesday, 1 Oct 2014
|
01:18 osa
Update from 4.0.50 to 4.0.52:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
* Fixed a null termination bug when autodetecting application types.
* Node.js apps can now also trigger the inverse port binding mechanism by
passing `'/passenger'`
as argument. This was introduced in order to be able to support the Hapi.js
framework.
Please read
http://stackoverflow.com/questions/20645231/phusion-passenger-error-http-server-listen-was-called-more-than-once/20645549
for more information regarding Hapi.js support.
* It is now possible to abort Node.js WebSocket connections upon application
restart.
Please refer to
https://github.com/phusion/passenger/wiki/Phusion-Passenger:-Node.js-tutorial#restarting_apps_that_serve_long_running_connections
for more information. Closes GH-1200.
* Passenger Standalone no longer automatically resolves symlinks in its paths.
* `passenger-config system-metrics` no longer crashes when the system clock is
set to a time
in the past. Closes GH-1276.
* `passenger-status`, `passenger-memory-stats`,
`passenger-install-apache2-module` and
`passenger-install-nginx-module` no longer output ANSI color codes by default
when
STDOUT is not a TTY. Closes GH-487.
* `passenger-install-nginx-module --auto` is now all that's necessary to make it
fully
non-interactive. It is no longer necessary to provide all the answers through
command line parameters. Closes GH-852.
* Minor contribution by Alessandro Lenzen.
</ChangeLog>
|
Tuesday, 30 Sep 2014
|
17:08 osa
Update from 1.7.5 to 1.7.6.
<ChangeLog>
*) Change: the deprecated "limit_zone" directive is not supported
anymore.
*) Feature: the "limit_conn_zone" and "limit_req_zone" directives now
can be used with combinations of multiple variables.
*) Bugfix: request body might be transmitted incorrectly when retrying a
FastCGI request to the next upstream server.
*) Bugfix: in logging to syslog.
</ChangeLog>
|
Friday, 19 Sep 2014
|
01:27 osa
Update third-party rtmp module from 1.1.4 to 1.1.5.
Fix compilation issue (1).
Do not bump PORTREVISION.
Obtained
from: https://github.com/arut/nginx-rtmp-module/commit/dd5f2aa117c617e1f0fde26f8fd58903be2d85e8.patch (1)
|
00:56 osa
Security update from 1.7.4 to 1.7.5.
Temporary disable two third-party modules: supervisord and rtmp.
<ChangeLog>
*) Security: it was possible to reuse SSL sessions in unrelated contexts
if a shared SSL session cache or the same TLS session ticket key was
used for multiple "server" blocks (CVE-2014-3616).
Thanks to Antoine Delignat-Lavaud.
*) Change: now the "stub_status" directive does not require a parameter.
*) Feature: the "always" parameter of the "add_header" directive.
*) Feature: the "proxy_next_upstream_tries",
"proxy_next_upstream_timeout", "fastcgi_next_upstream_tries",
"fastcgi_next_upstream_timeout", "memcached_next_upstream_tries",
"memcached_next_upstream_timeout", "scgi_next_upstream_tries",
"scgi_next_upstream_timeout", "uwsgi_next_upstream_tries", and
"uwsgi_next_upstream_timeout" directives.
*) Bugfix: in the "if" parameter of the "access_log" directive.
*) Bugfix: in the ngx_http_perl_module.
Thanks to Piotr Sikora.
*) Bugfix: the "listen" directive of the mail proxy module did not allow
to specify more than two parameters.
*) Bugfix: the "sub_filter" directive did not work with a string to
replace consisting of a single character.
*) Bugfix: requests might hang if resolver was used and a timeout
occurred during a DNS request.
*) Bugfix: in the ngx_http_spdy_module when using with AIO.
*) Bugfix: a segmentation fault might occur in a worker process if the
"set" directive was used to change the "$http_...", "$sent_http_...",
or "$upstream_http_..." variables.
*) Bugfix: in memory allocation error handling.
Thanks to Markus Linnala and Feng Gu.
</ChangeLog>
|
Friday, 29 Aug 2014
|
11:09 osa
Update from 4.0.49 to 4.0.50:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
* Fixed a potential heap corruption bug.
* Added Union Station support for Rails 4.1.
</ChangeLog>
|
Friday, 22 Aug 2014
|
22:06 osa
Update from 4.0.48 to 4.0.49:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
* Upgraded the preferred Nginx version to 1.6.1.
* Fixed a crash that may be triggered by the `passenger_max_requests` feature.
* Introduced the `spawn_failed` hook, which is called when an application
process fails to spawn. You could use this hook to setup an error
notification system. Closes GH-1252.
* Fonts, RSS and XML are now gzip-compressed by default in Phusion Passenger
Standalone. Thanks to Jacob Elder. Closes GH-1254.
* Fixed some user and group information lookup issues. Closes GH-1253.
* Fixed some request handling crashes. Closes GH-1250.
* Fixed some compilation problems on Gentoo. Closes GH-1261.
* Fixed some compilation problems on Solaris. Closes GH-1260.
</ChangeLog>
|
Sunday, 10 Aug 2014
|
17:47 osa
Update third-party modsecurity module from 2.7.5 to latest version 2.8.0.
|
15:21 osa
Update from 4.0.45 to 4.0.48:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
Add CPE information.
<ChangeLog>
Release 4.0.48
--------------
* Fixed a race condition while determining what user an application should
be executed as. This bug could lead to applications being run as the wrong
user. Closes GH-1241.
* [Standalone] Improved autodetection of Rails asset pipeline files. This
prevents Standalone from incorrectly setting caching headers on non-asset
pipeline files. Closes GH-1225.
* Fixed compilation problems on CentOS 5. Thanks to J. Smith. Closes GH-1247.
* Fixed compilation problems on OpenBSD.
* Fixed compatibility with Ruby 1.8.5.
Release 4.0.47
--------------
* [Enterprise] Fixed a bug in Flying Passenger's `--max-preloader-idle-time`
option.
Release 4.0.46
--------------
* Further improved Node.js and Socket.io compatibility.
* Sticky session cookies have been made more reliable.
* Fixed WebSocket upgrade issues on Firefox. Closes GH-1232.
* The Python application loader now inserts the application root into
`sys.path`.
The fact that this was not done previously caused a lot of confusion amongst
Python users, who wondered why their `passenger_wsgi.py` could not import any
modules from the same directory.
* Fixed a compatibility problem with Django, which could cause Django apps to
freeze indefinitely. Closes GH-1215.
* Logging of application spawning errors has been much improved. Full details
about the error, such as environment variables, are saved to a private log
file.
In the past, these details were only viewable in the browser. This change
also
fixes a bug on Phusion Passenger Enterprise, where enabling Deployment Error
Resistance causes error messages to get lost. Closes GH-1021 and GH-1175.
* Fixed a regression in Node.js support. When a Node.js app is deployed on
a HTTPS host, the `X-Forwarded-Proto` header wasn't set in 4.0.45.
Closes GH-1231.
* Passenger Standalone no longer, by default, loads shell startup files before
loading the application. This is because Passenger Standalone is often
invoked
from the shell anyway. Indeed, loading shell startup files again can
interfere
with any environment variables already set in the invoking shell. You can
still tell Passenger Standalone to load shell startup files by passing
`--load-shell-envvars`. Passenger for Apache and Passenger for Nginx still
load shell startup files by default.
* Passenger Standalone now works properly when the HOME environment variable
isn't set. Closes GH-713.
* Passenger Standalone's `package-runtime` command has been removed. It has
been broken for a while and has nowadays been obsolete by our automatic
[binary generation system](https://github.com/phusion/passenger_autobuilder).
Closes GH-1133.
* The `passenger_startup_file` option now also works on Python apps. Closes
GH-1233.
* If you are a [Union Station](https://www.unionstationapp.com) customer, then
Phusion Passenger will now also log application spawning errors to Union
Station.
This data isn't shown in the Union Station interface yet, but it will be
implemented in the future.
* Fixed compilation problems on OmniOS and OpenIndiana. Closes GH-1212.
* Fixed compilation problems when Nginx is configured with OpenResty.
Thanks to Yichun Zhang. Closes GH-1226.
* Fixed Nginx HTTP POST failures on ARM platforms. Thanks to nocelic for the
fix.
Closes GH-1151.
* Documentation contributions by Tim Bishop and Tugdual de Kerviler.
* Minor Nginx bug fix by Feng Gu. Closes GH-1235.
</ChangeLog>
|
Saturday, 9 Aug 2014
|
18:29 osa
Update from 1.7.3 to 1.7.4.
<ChangeLog>
*) Security: pipelined commands were not discarded after STARTTLS
command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
Thanks to Chris Boulton.
*) Change: URI escaping now uses uppercase hexadecimal digits.
Thanks to Piotr Sikora.
*) Feature: now nginx can be build with BoringSSL and LibreSSL.
Thanks to Piotr Sikora.
*) Bugfix: requests might hang if resolver was used and a DNS server
returned a malformed response; the bug had appeared in 1.5.8.
*) Bugfix: in the ngx_http_spdy_module.
Thanks to Piotr Sikora.
*) Bugfix: the $uri variable might contain garbage when returning errors
with code 400.
Thanks to Sergey Bobrov.
*) Bugfix: in error handling in the "proxy_store" directive and the
ngx_http_dav_module.
Thanks to Feng Gu.
*) Bugfix: a segmentation fault might occur if logging of errors to
syslog was used; the bug had appeared in 1.7.1.
*) Bugfix: the $geoip_latitude, $geoip_longitude, $geoip_dma_code, and
$geoip_area_code variables might not work.
Thanks to Yichun Zhang.
*) Bugfix: in memory allocation error handling.
Thanks to Tatsuhiko Kubo and Piotr Sikora.
</ChangeLog>
|
Sunday, 13 Jul 2014
|
23:13 osa
Update from 1.7.2 to 1.7.3.
<ChangeLog>
*) Feature: weak entity tags are now preserved on response
modifications, and strong ones are changed to weak.
*) Feature: cache revalidation now uses If-None-Match header if
possible.
*) Feature: the "ssl_password_file" directive.
*) Bugfix: the If-None-Match request header line was ignored if there
was no Last-Modified header in a response returned from cache.
*) Bugfix: "peer closed connection in SSL handshake" messages were
logged at "info" level instead of "error" while connecting to
backends.
*) Bugfix: in the ngx_http_dav_module module in nginx/Windows.
*) Bugfix: SPDY connections might be closed prematurely if caching was
used.
</ChangeLog>
|
Friday, 20 Jun 2014
|
09:50 osa
Update from 4.0.44 to 4.0.45:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
|
Thursday, 19 Jun 2014
|
23:42 osa
Update from 1.7.1 to 1.7.2.
Remove nginx_upstream_hash third-party module support, please use
http_upstream_hash_module instead.
<ChangeLog>
*) Feature: the "hash" directive inside the "upstream" block.
*) Feature: defragmentation of free shared memory blocks.
Thanks to Wandenberg Peixoto and Yichun Zhang.
*) Bugfix: a segmentation fault might occur in a worker process if the
default value of the "access_log" directive was used; the bug had
appeared in 1.7.0.
Thanks to Piotr Sikora.
*) Bugfix: trailing slash was mistakenly removed from the last parameter
of the "try_files" directive.
*) Bugfix: nginx could not be built on OS X in some cases.
*) Bugfix: in the ngx_http_spdy_module.
</ChangeLog>
|
Monday, 2 Jun 2014
|
10:57 osa
Multiple third-party modules as well as repos have been moved from agentzh and
chaoslawful
to openresty and renamed accordingly.
Do not dump PORTREVISION.
PR: 190074
|
09:49 osa
Update third-party rtmp module from 1.1.2 to 1.1.4.
Remove whitespaces.
|
02:14 osa
Update from 4.0.41 to 4.0.44:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
Release 4.0.44
--------------
* The issue tracker has now been moved from Google Code to Github.
Before version 4.0.44 (May 29 2014, commit 3dd0964c9f4), all
issue numbers referred to Google Code. From now on, all issue
numbers will refer to Github Issues.
* Fixed compilation problems on OS X Lion and OS X Mountain Lion.
* On Ruby, fixed `nil` being frozen on accident in some cases.
See issue #1192.
Release 4.0.43
--------------
* Introduced a new command `passenger-config list-instances`, which prints all
running Phusion Passenger instances.
* Introduced a new command `passenger-config system-metrics, which displays
metrics about the system such as the total CPU and memory usage.
* Fixed some compilation problems caused by the compiler capability
autodetector.
* System metrics such as total CPU usage and memory usage, are now sent to
[Union Station](https://www.unionstationapp.com) in preparation for future
features.
Release 4.0.42
--------------
* [Nginx] Upgraded the preferred Nginx version to 1.6.0.
* [Nginx] Fixed compatibility with Nginx 1.7.0.
* [Standalone] The MIME type for .woff files has been changed to
application/font-woff.
Fixes issue #1071.
* There are now APT packages for Ubuntu 14.04. At the same time, packages for
Ubuntu 13.10 have been abandoned.
* Introduced a new command, `passenger-config build-native-support`, for
ensuring
that the native_support library for the current Ruby interpreter is built.
This
is useful in system provisioning scripts.
* For security reasons, friendly error pages (those black/purple pages that
shows
the error message, backtrace and environment variable dump when an
application
fails to start) are now disabled by default when the application environment
is
set to 'staging' or 'production'. Fixes issue #1063.
* Fixed some compilation warnings on Ubuntu 14.04.
* Fixed some compatibility problems with Rake 10.2.0 and later.
See [Rake issue 274](https://github.com/jimweirich/rake/issues/274).
* Improved error handling in [Union Station](https://www.unionstationapp.com)
support.
* Data is now sent to Union Station on a more frequent basis, in order to make
new
data show up more quickly.
* Information about the code revision is now sent to Union Station, which will
be
used in the upcoming deployment tracking feature in Union Station 2.
</ChangeLog>
|
Sunday, 1 Jun 2014
|
20:12 osa
Update from 1.7.0 to 1.7.1.
<ChangeLog>
*) Feature: the "$upstream_cookie_..." variables.
*) Feature: the $ssl_client_fingerprint variable.
*) Feature: the "error_log" and "access_log" directives now support
logging to syslog.
*) Feature: the mail proxy now logs client port on connect.
*) Bugfix: memory leak if the "ssl_stapling" directive was used.
Thanks to Filipe da Silva.
*) Bugfix: the "alias" directive used inside a location given by a
regular expression worked incorrectly if the "if" or "limit_except"
directives were used.
*) Bugfix: the "charset" directive did not set a charset to encoded
backend responses.
*) Bugfix: a "proxy_pass" directive without URI part might use original
request after the $args variable was set.
Thanks to Yichun Zhang.
*) Bugfix: in the "none" parameter in the "smtp_auth" directive; the bug
had appeared in 1.5.6.
Thanks to Svyatoslav Nikolsky.
*) Bugfix: if sub_filter and SSI were used together, then responses
might be transferred incorrectly.
*) Bugfix: nginx could not be built with the --with-file-aio option on
Linux/aarch64.
</ChangeLog>
|
Sunday, 4 May 2014
|
15:54 osa
Update from 1.5.13 to 1.7.0.
Temporary disable passenger support, patching require.
<ChangeLog>
*) Feature: backend SSL certificate verification.
*) Feature: support for SNI while working with SSL backends.
*) Feature: the $ssl_server_name variable.
*) Feature: the "if" parameter of the "access_log" directive.
</ChangeLog>
|
Wednesday, 9 Apr 2014
|
02:36 osa
Update from 4.0.35 to 4.0.41:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
STAGEfy www/rubygem-passenger.
|
01:19 osa
Update from 1.5.12 to 1.5.13.
<ChangeLog>
*) Change: improved hash table handling; the default values of the
"variables_hash_max_size" and "types_hash_bucket_size" were changed
to 1024 and 64 respectively.
*) Feature: the ngx_http_mp4_module now supports the "end" argument.
*) Feature: byte ranges support in the ngx_http_mp4_module and while
saving responses to cache.
*) Bugfix: alerts "ngx_slab_alloc() failed: no memory" no longer logged
when using shared memory in the "ssl_session_cache" directive and in
the ngx_http_limit_req_module.
*) Bugfix: the "underscores_in_headers" directive did not allow
underscore as a first character of a header.
Thanks to Piotr Sikora.
*) Bugfix: cache manager might hog CPU on exit in nginx/Windows.
*) Bugfix: nginx/Windows terminated abnormally if the
"ssl_session_cache" directive was used with the "shared" parameter.
*) Bugfix: in the ngx_http_spdy_module.
</ChangeLog>
|
Monday, 24 Mar 2014
|
17:46 az
- fix typo (wrong distfile name in SIZE section)
|
Sunday, 23 Mar 2014
|
02:35 osa
Security update from 1.5.11 to 1.5.12.
<ChangeLog>
*) Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, Fundacion Dr.
Manuel Sadosky, Buenos Aires, Argentina.
*) Feature: the "proxy_protocol" parameters of the "listen" and
"real_ip_header" directives, the $proxy_protocol_addr variable.
*) Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas.
</ChangeLog>
|
Thursday, 6 Mar 2014
|
00:07 osa
Update from 1.5.10 to 1.5.11.
<ChangeLog>
*) Security: memory corruption might occur in a worker process on 32-bit
platforms while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0088); the bug had appeared in 1.5.10.
Thanks to Lucas Molas, researcher at Programa STIC, Fundacion Dr.
Manuel Sadosky, Buenos Aires, Argentina.
*) Feature: the $ssl_session_reused variable.
*) Bugfix: the "client_max_body_size" directive might not work when
reading a request body using chunked transfer encoding; the bug had
appeared in 1.3.9.
Thanks to Lucas Molas.
*) Bugfix: a segmentation fault might occur in a worker process when
proxying WebSocket connections.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used on 32-bit platforms; the bug had
appeared in 1.5.10.
*) Bugfix: the $upstream_status variable might contain wrong data if the
"proxy_cache_use_stale" or "proxy_cache_revalidate" directives were
used.
Thanks to Piotr Sikora.
*) Bugfix: a segmentation fault might occur in a worker process if
errors with code 400 were redirected to a named location using the
"error_page" directive.
*) Bugfix: nginx/Windows could not be built with Visual Studio 2013.
</ChangeLog>
|
Wednesday, 5 Feb 2014
|
12:56 osa
Update from 1.5.8 to 1.5.10.
Disable third-party ctpp2 module.
<ChangeLog>
Changes with nginx 1.5.10 04 Feb 2014
*) Feature: the ngx_http_spdy_module now uses SPDY 3.1 protocol.
Thanks to Automattic and MaxCDN for sponsoring this work.
*) Feature: the ngx_http_mp4_module now skips tracks too short for a
seek requested.
*) Bugfix: a segmentation fault might occur in a worker process if the
$ssl_session_id variable was used in logs; the bug had appeared in
1.5.9.
*) Bugfix: the $date_local and $date_gmt variables used wrong format
outside of the ngx_http_ssi_filter_module.
*) Bugfix: client connections might be immediately closed if deferred
accept was used; the bug had appeared in 1.3.15.
*) Bugfix: alerts "getsockopt(TCP_FASTOPEN) ... failed" appeared in logs
during binary upgrade on Linux; the bug had appeared in 1.5.8.
Thanks to Piotr Sikora.
Changes with nginx 1.5.9 22 Jan 2014
*) Change: now nginx expects escaped URIs in "X-Accel-Redirect" headers.
*) Feature: the "ssl_buffer_size" directive.
*) Feature: the "limit_rate" directive can now be used to rate limit
responses sent in SPDY connections.
*) Feature: the "spdy_chunk_size" directive.
*) Feature: the "ssl_session_tickets" directive.
Thanks to Dirkjan Bussink.
*) Bugfix: the $ssl_session_id variable contained full session
serialized instead of just a session id.
Thanks to Ivan Ristic.
*) Bugfix: nginx incorrectly handled escaped "?" character in the
"include" SSI command.
*) Bugfix: the ngx_http_dav_module did not unescape destination URI of
the COPY and MOVE methods.
*) Bugfix: resolver did not understand domain names with a trailing dot.
Thanks to Yichun Zhang.
*) Bugfix: alerts "zero size buf in output" might appear in logs while
proxying; the bug had appeared in 1.3.9.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used.
*) Bugfix: proxied WebSocket connections might hang right after
handshake if the select, poll, or /dev/poll methods were used.
*) Bugfix: the "xclient" directive of the mail proxy module incorrectly
handled IPv6 client addresses.
</ChangeLog>
|
Friday, 17 Jan 2014
|
01:27 osa
Update from 4.0.33 to 4.0.35:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
|
Thursday, 16 Jan 2014
|
01:49 vanilla
Upgrade 3rd party modules to latest version.
echo 0.50 => 0.51
headers_more 0.24 => 0.25
drizzle 0.1.6 => 0.1.7
rtmp 1.0.8 => 1.1.2
set_misc 0.23 => 0.24
srcache 0.24 => 0.25
Approved by: osa@
|
Tuesday, 14 Jan 2014
|
10:52 osa
Update from 1.5.7 to 1.5.8.
<ChangeLog>
*) Feature: IPv6 support in resolver.
*) Feature: the "listen" directive supports the "fastopen" parameter.
Thanks to Mathew Rodley.
*) Feature: SSL support in the ngx_http_uwsgi_module.
Thanks to Roberto De Ioris.
*) Feature: vim syntax highlighting scripts were added to contrib.
Thanks to Evan Miller.
*) Bugfix: a timeout might occur while reading client request body in an
SSL connection using chunked transfer encoding.
*) Bugfix: the "master_process" directive did not work correctly in
nginx/Windows.
*) Bugfix: the "setfib" parameter of the "listen" directive might not
work.
*) Bugfix: in the ngx_http_spdy_module.
</ChangeLog>
|
10:45 osa
Upgrade third-party lua module from 0.9.3 to 0.9.4.
|
Saturday, 4 Jan 2014
|
05:01 osa
Update from 4.0.30 to 4.0.33:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
Release 4.0.33
--------------
* Fixed a compatibility problem in passenger-install-apache2-module with Ruby
1.8.
The language selection menu didn't work properly.
Release 4.0.32
--------------
* Fixed compatibility problems with old Ruby versions that didn't include
RubyGems.
Release 4.0.31
--------------
* Introduced a new tool: `passenger-config restart-app`. With this command you
can initiate an application restart without touching restart.txt.
Unlike touching restart.txt, this tool initiates the restart immediately
instead of on the next request.
* Fixed some problems in process spawning and request handling.
* Fixed some problems with the handling of HTTP chunked transfer encoding
bodies. These problems only occurred in Ruby.
* Fixed the HelperAgent, upon shutdown, not correctly waiting 5 seconds until
all clients have disconnected. Fixes issue #884.
* Fixed compilation problems on FreeBSD.
* Fixed some C++ strict aliasing problems.
* Fixed some problems with spawning applications that print messages without
newline during startup. Fixes issue #1039.
* Fixed potential hangs on JRuby when Ctrl-C is used to shutdown the server.
Fixes issue #1035.
* When Phusion Passenger is installed through the Debian package,
passenger-install-apache2-module now checks whether the Apache
module package (libapache2-mod-passenger) is properly installed,
and installs it using apt-get if it's not installed. Fixes
issue #1031.
* The `passenger-status --show=xml` command no longer prints the non-XML
preamble, such as the version number and the time. Fixes issue #1037.
* The Ruby native extension check whether it's loaded against the right Ruby
version, to prevent problems when people upgrade Ruby without recompiling
their native extensions.
* Various other minor Debian packaging improvements.
</ChangeLog>
|
Tuesday, 31 Dec 2013
|
15:24 osa
Update from 4.0.29 to 4.0.30:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
* Fixed wrong autogeneration of HTTP Date header. If the web app does
not supply a Date header, then Passenger will add one. Unfortunately
due to the use of the wrong format string, December 30 2013 is
formatted as December 30 2014. As a result, cookies that expire before
2014 would expire on December 30 2013 and December 31 2013. Details can
be found at [Github pull request
93](https://github.com/phusion/passenger/pull/93).
This issue only affects Phusion Passenger for Nginx and Phusion Passenger
Standalone, and does not affect Phusion Passenger for Apache.
You can work around this problem in your application by setting a
Date header. For example, in Rails you can do:
before_filter { response.date = Time.now.utc }
Many thanks to Jeff Michael Dean (zilkey) and many others for bringing this
to our attention and for providing workarounds and feedback.
</ChangeLog>
|
Sunday, 22 Dec 2013
|
08:58 vanilla
1: Upgrade 3rd party modules to latest version.
echo 0.49 => 0.50
headers_more 0.22 => 0.24
drizzle 0.1.5 => 0.1.6
ndk 0.2.18 => 0.2.19
memc 0.13rc3 => 0.14
rds_csv 0.5rc2 => 0.5
rds_json 0.12rc10 => 0.13
rtmp 1.0.6 => 1.0.8
set_misc 0.22rc8 => 0.23
sflow 0.9.6 => 0.9.7
srcache 0.22 => 0.24
xss 0.3rc9 => 0.4
arrayvar 0.03rc1 => 0.03
2: add http_footer module.
Approved by: osa@ (maintainer)
|
Thursday, 19 Dec 2013
|
17:46 osa
Update third-party lua module from 0.9.2 to 0.9.3.
|
Saturday, 14 Dec 2013
|
15:59 osa
Update from 4.0.27 to 4.0.29:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
Release 4.0.29
--------------
* Fixed a compilation problem on OS X Mavericks.
Release 4.0.28
--------------
* Introduced a workaround for a GCC 4.6 bug. This bug could cause Phusion
Passsenger to crash during startup. Affected operating systems include
Ubuntu 12.04 and Amazon Linux 2013.09.01, though not every machine with
this OS installed exhibits the problem. See issue #902.
* Improved Node.js support: the Sails framework is now supported.
* Improved Node.js support: the streams2 API is now supported.
* Introduced support for hooks, allowing users to easily extend Phusion
Passenger's behavior.
* Fixed a bug in the `passenger start -R` option. It was broken because of a
change introduced in 4.0.25.
* Fixed a bug in PassengerMaxInstancesPerApp. Fixes issue #1016.
* Fixed compilation problems on Solaris.
* Fixed an encoding problem in the Apache autodetection code. Fixes
issue #1026.
* The Debian packages no longer depend on libruby.
* Application stdout and stderr are now printed without normal
Phusion Passenger debugging information, making them easier to read.
</ChangeLog>
|
Friday, 6 Dec 2013
|
02:28 osa
Update from 4.0.26 to 4.0.27:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
* [Apache] Fixed a bug in the Apache module which could lock up the Apache
process or thread. This is a regression introduced in version 4.0.24.
* Node.js application processes now have friendly process titles.
</ChangeLog>
|
Wednesday, 4 Dec 2013
|
05:06 osa
Make third-party accept_language module fetchable by update to latest version.
PR: ports/184153
|
Tuesday, 3 Dec 2013
|
02:37 vanilla
Upgrade lua module to 0.9.2, echo module to 0.49.
Approved by: maintainer (osa@)
|
Sunday, 1 Dec 2013
|
16:11 osa
Upgrade third-party ngx_http_redis module from 0.3.6 to 0.3.7.
<ChangeLog>
*) Bugfix: ngx_http_redis_module might issue the error message
"redis sent invalid trailer" for nginx >= 1.5.3.
Thanks to Maxim Dounin.
</ChangeLog>
|
Saturday, 30 Nov 2013
|
10:29 osa
Update from 4.0.25 to 4.0.26:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
<ChangeLog>
* Introduced the `PassengerBufferUpload` option for Apache. This option allows
one
to disable upload buffering, e.g. in order to be able to track upload
progress.
* [Nginx] The `HTTPS` variable is now set correctly for HTTPS connections, even
without setting `ssl on`. Fixes issue #401.
* [Standalone] It is now possible to listen on both a normal HTTP and an HTTPS
port.
* [Enterprise] The `passenger-status` tool now displays rolling restart status.
</ChangeLog>
|
Sunday, 24 Nov 2013
|
14:21 vanilla
Update rtmp module to 1.0.6.
Approved by: osa@ (maintainer)
|
Wednesday, 20 Nov 2013
|
18:13 osa
Update from 4.0.24 to 4.0.25:
o) www/rubygem-passenger;
o) third-party passenger modules for www/nginx and www/nginx-devel.
|
Tuesday, 19 Nov 2013
|
18:30 osa
Update from 4.0.23 to 4.0.24:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
Try to fix build www/rubygem-passenger with upcoming FreeBSD 10.
|
18:00 osa
Security update from 1.5.6 to 1.5.7.
<ChangeLog>
*) Security: a character following an unescaped space in a request line
was handled incorrectly (CVE-2013-4547); the bug had appeared in
0.8.41.
Thanks to Ivan Fratric of the Google Security Team.
*) Change: a logging level of auth_basic errors about no user/password
provided has been lowered from "error" to "info".
*) Feature: the "proxy_cache_revalidate", "fastcgi_cache_revalidate",
"scgi_cache_revalidate", and "uwsgi_cache_revalidate" directives.
*) Feature: the "ssl_session_ticket_key" directive.
Thanks to Piotr Sikora.
*) Bugfix: the directive "add_header Cache-Control ''" added a
"Cache-Control" response header line with an empty value.
*) Bugfix: the "satisfy any" directive might return 403 error instead of
401 if auth_request and auth_basic directives were used.
Thanks to Jan Marc Hoffmann.
*) Bugfix: the "accept_filter" and "deferred" parameters of the "listen"
directive were ignored for listen sockets created during binary
upgrade.
Thanks to Piotr Sikora.
*) Bugfix: some data received from a backend with unbufferred proxy
might not be sent to a client immediately if "gzip" or "gunzip"
directives were used.
Thanks to Yichun Zhang.
*) Bugfix: in error handling in ngx_http_gunzip_filter_module.
*) Bugfix: responses might hang if the ngx_http_spdy_module was used
with the "auth_request" directive.
*) Bugfix: memory leak in nginx/Windows.
</ChangeLog>
|
Saturday, 2 Nov 2013
|
11:56 osa
Update from 4.0.21 to 4.0.23:
o) www/rubygem-passenger;
o) third-party passenger modules for www/nginx and www/nginx-devel.
|
Saturday, 26 Oct 2013
|
13:39 osa
Update from 4.0.20 to 4.0.21:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
|
Saturday, 12 Oct 2013
|
07:20 osa
Update from 4.0.19 to 4.0.20:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
|
Tuesday, 1 Oct 2013
|
17:39 osa
Update from 1.5.5 to 1.5.6.
<ChangeLog>
*) Feature: the "fastcgi_buffering" directive.
*) Feature: the "proxy_ssl_protocols" and "proxy_ssl_ciphers"
directives.
Thanks to Piotr Sikora.
*) Feature: optimization of SSL handshakes when using long certificate
chains.
*) Feature: the mail proxy supports SMTP pipelining.
*) Bugfix: in the ngx_http_auth_basic_module when using "$apr1$"
password encryption method.
Thanks to Markus Linnala.
*) Bugfix: in MacOSX, Cygwin, and nginx/Windows incorrect location might
be used to process a request if locations were given using characters
in different cases.
*) Bugfix: automatic redirect with appended trailing slash for proxied
locations might not work.
*) Bugfix: in the mail proxy server.
*) Bugfix: in the ngx_http_spdy_module.
</ChangeLog>
|
Sunday, 29 Sep 2013
|
15:34 osa
Update from 4.0.17 to 4.0.19:
o) www/rubygem-passenger;
o) third-party passenger modules for www/nginx and www/nginx-devel.
|
Saturday, 28 Sep 2013
|
20:36 osa
Update from 1.5.4 to 1.5.5.
Remove needless entries for ngx_http_auth_request_module from distinfo, the
module is the part of main distro.
<ChangeLog>
*) Change: now nginx assumes HTTP/1.0 by default if it is not able to
detect protocol reliably.
*) Feature: the "disable_symlinks" directive now uses O_PATH on Linux.
*) Feature: now nginx uses EPOLLRDHUP events to detect premature
connection close by clients if the "epoll" method is used.
*) Bugfix: in the "valid_referers" directive if the "server_names"
parameter was used.
*) Bugfix: the $request_time variable did not work in nginx/Windows.
*) Bugfix: in the "image_filter" directive.
Thanks to Lanshun Zhou.
*) Bugfix: OpenSSL 1.0.1f compatibility.
Thanks to Piotr Sikora.
</ChangeLog>
|
Wednesday, 11 Sep 2013
|
15:17 osa
Update from 4.0.16 to 4.0.17:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
|
Saturday, 7 Sep 2013
|
10:31 osa
Update from 4.0.14 to 4.0.16:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
Also, convert to perl framework nginx ports.
|
Tuesday, 27 Aug 2013
|
16:25 osa
Update from 1.5.3 to 1.5.4.
<ChangeLog>
*) Change: the "js" extension MIME type has been changed to
"application/javascript"; default value of the "charset_types"
directive was changed accordingly.
*) Change: now the "image_filter" directive with the "size" parameter
returns responses with the "application/json" MIME type.
*) Feature: the ngx_http_auth_request_module.
*) Bugfix: a segmentation fault might occur on start or during
reconfiguration if the "try_files" directive was used with an empty
parameter.
*) Bugfix: memory leak if relative paths were specified using variables
in the "root" or "auth_basic_user_file" directives.
*) Bugfix: the "valid_referers" directive incorrectly executed regular
expressions if a "Referer" header started with "https://".
Thanks to Liangbin Li.
*) Bugfix: responses might hang if subrequests were used and an SSL
handshake error happened during subrequest processing.
Thanks to Aviram Cohen.
*) Bugfix: in the ngx_http_autoindex_module.
*) Bugfix: in the ngx_http_spdy_module.
</ChangeLog>
|
Tuesday, 20 Aug 2013
|
18:07 osa
Update third-party modules:
o) echo from 0.45 to 0.46;
o) headers-more from 0.20 to 0.22;
o) lua from 0.8.2 to 0.8.6;
o) rtmp from 1.0.2 to 1.0.3;
o) srcache from 0.21 to 0.22.
|
04:45 osa
Update from 4.0.13 to 4.0.14:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
|
Saturday, 17 Aug 2013
|
10:57 osa
Update third-party modsecurity module from 2.7.4 to 2.7.5.
<ChangeLog>
23 Jul 2013 - 2.7.5
-------------------
Improvements:
* SecUnicodeCodePage is deprecated. SecUnicodeMapFile now accepts the code page
as
a second parameter.
* Updated Libinjection to version 3.4.1. Many improvements were made.
* Severity action now supports strings (emergency, alert, critical, error,
warning,
notice, info, debug).
Bug Fixes:
* Fixed utf8toUnicode tfn null byte conversion.
* Fixed NGINX crash when issue reload command.
* Fixed flush output buffer before inject modified hashed response body.
* Fixed url normalization for Hash Engine.
* Fixed NGINX ap_unixd_set_global_perms_mutex compilation error with apache 2.4
devel files.
</ChangeLog>
|
Friday, 16 Aug 2013
|
19:35 osa
Update third-party rtmp module from 1.0.1 to 1.0.2.
Enable it for www/nginx-devel.
|
19:14 osa
Update from 4.0.10 to 4.0.13:
o) www/rubygem-passenger;
o) third-party modules for www/nginx and www/nginx-devel.
|
18:52 osa
Update from 1.5.2 to 1.5.3.
Temporary ignore following third-party modules support:
o) HTTP_UPSTREAM_STICKY
o) DRIZZLE
o) POSTGRES
o) RTMP
o) SYSLOG
o) TCP_PROXY
<ChangeLog>
*) Change in internal API: now u->length defaults to -1 if working with
backends in unbuffered mode.
*) Change: now after receiving an incomplete response from a backend
server nginx tries to send an available part of the response to a
client, and then closes client connection.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used with the "client_body_in_file_only"
directive.
*) Bugfix: the "so_keepalive" parameter of the "listen" directive might
be handled incorrectly on DragonFlyBSD.
Thanks to Sepherosa Ziehau.
*) Bugfix: in the ngx_http_xslt_filter_module.
*) Bugfix: in the ngx_http_sub_filter_module.
</ChangeLog>
|
Monday, 22 Jul 2013
|
14:38 osa
Update from 4.0.8 to 4.0.10:
o) www/rubygem-passenger;
o) third-party passenger module for www/nginx and www/nginx-devel.
|
Wednesday, 10 Jul 2013
|
17:48 osa
Update from 1.5.1 to 1.5.2.
Temporary ignore third-party syslog support.
<ChangeLog>
*) Feature: now several "error_log" directives can be used.
*) Bugfix: the $r->header_in() embedded perl method did not return value
of the "Cookie" and "X-Forwarded-For" request header lines; the bug
had appeared in 1.3.14.
*) Bugfix: in the ngx_http_spdy_module.
Thanks to Jim Radford.
*) Bugfix: nginx could not be built on Linux with x32 ABI.
Thanks to Serguei Ivantsov.
</ChangeLog>
|
17:19 osa
Update:
o) third-party passenger module from 4.0.5 to 4.0.8;
o) rubygem-passenger from 4.0.5 to 4.0.8;
o) third-party rtmp module from 1.0.0 to 1.0.1.
|
Tuesday, 4 Jun 2013
|
14:05 osa
Update from 1.5.0 to 1.5.1.
<ChangeLog>
*) Feature: the "ssi_last_modified", "sub_filter_last_modified", and
"xslt_last_modified" directives.
Thanks to Alexey Kolpakov.
*) Feature: the "http_403" parameter of the "proxy_next_upstream",
"fastcgi_next_upstream", "scgi_next_upstream", and
"uwsgi_next_upstream" directives.
*) Feature: the "allow" and "deny" directives now support unix domain
sockets.
*) Bugfix: nginx could not be built with the ngx_mail_ssl_module, but
without ngx_http_ssl_module; the bug had appeared in 1.3.14.
*) Bugfix: in the "proxy_set_body" directive.
Thanks to Lanshun Zhou.
*) Bugfix: in the "lingering_time" directive.
Thanks to Lanshun Zhou.
*) Bugfix: the "fail_timeout" parameter of the "server" directive in the
"upstream" context might not work if "max_fails" parameter was used;
the bug had appeared in 1.3.0.
*) Bugfix: a segmentation fault might occur in a worker process if the
"ssl_stapling" directive was used.
Thanks to Piotr Sikora.
*) Bugfix: in the mail proxy server.
Thanks to Filipe Da Silva.
*) Bugfix: nginx/Windows might stop accepting connections if several
worker processes were used.
</ChangeLog>
|
06:58 osa
Add third-party modsecurity module support, version 2.7.4.
|
06:46 osa
Third-party rtmp module's tarball has been re-rolled without changes in source
code.
So, update checksum and size.
Reported by: vanilla
|
Wednesday, 29 May 2013
|
16:52 osa
Update from 4.0.4 to 4.0.5:
o) www/rubygem-passenger;
o) third-party passenger module for www/nginx and www/nginx-devel.
|
Number of commits found: 869 (showing only 100 on this page) |