Navigation:
Browse pkgsrc
(this page) 2018-03-21 08:52:58 by Adam Ciarcinski | Files touched by this commit (2) |  |
Log message: nginx-devel: updated to 1.13.10 1.13.10: *) Feature: the "set" parameter of the "include" SSI \ directive now allows writing arbitrary responses to a variable; the "subrequest_output_buffer_size" directive defines maximum response size. *) Feature: now nginx uses clock_gettime(CLOCK_MONOTONIC) if available, to avoid timeouts being incorrectly triggered on system time changes. *) Feature: the "escape=none" parameter of the "log_format" \ directive. Thanks to Johannes Baiter and Calin Don. *) Feature: the $ssl_preread_alpn_protocols variable in the ngx_stream_ssl_preread_module. *) Feature: the ngx_http_grpc_module. *) Bugfix: in memory allocation error handling in the "geo" directive. *) Bugfix: when using variables in the "auth_basic_user_file" directive a null character might appear in logs. |
| 2018-02-28 09:53:47 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: nginx-devel: updated to 1.13.9 nginx 1.13.9: *) Feature: HTTP/2 server push support; the "http2_push" and "http2_push_preload" directives. *) Bugfix: "header already sent" alerts might appear in logs when using cache; the bug had appeared in 1.9.13. *) Bugfix: a segmentation fault might occur in a worker process if the "ssl_verify_client" directive was used and no SSL certificate was specified in a virtual server. *) Bugfix: in the ngx_http_v2_module. *) Bugfix: in the ngx_http_dav_module. |
| 2018-02-13 10:26:01 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
nginx-devel: updated to 1.13.8
Changes with nginx 1.13.8:
*) Feature: now nginx automatically preserves the CAP_NET_RAW capability
in worker processes when using the "transparent" parameter of the
"proxy_bind", "fastcgi_bind", "memcached_bind", \
"scgi_bind", and
"uwsgi_bind" directives.
*) Feature: improved CPU cache line size detection.
Thanks to Debayan Ghosh.
*) Feature: new directives in vim syntax highlighting scripts.
Thanks to Gena Makhomed.
*) Bugfix: binary upgrade refused to work if nginx was re-parented to a
process with PID different from 1 after its parent process has
finished.
*) Bugfix: the ngx_http_autoindex_module incorrectly handled requests
with bodies.
*) Bugfix: in the "proxy_limit_rate" directive when used with the
"keepalive" directive.
*) Bugfix: some parts of a response might be buffered when using
"proxy_buffering off" if the client connection used SSL.
Thanks to Patryk Lesiewicz.
*) Bugfix: in the "proxy_cache_background_update" directive.
*) Bugfix: it was not possible to start a parameter with a variable in
the "${name}" form with the name in curly brackets without enclosing
the parameter into single or double quotes.
|
| 2017-11-26 17:48:37 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: nginx-devel: updated to 1.13.7 Changes with nginx 1.13.7: *) Bugfix: in the $upstream_status variable. *) Bugfix: a segmentation fault might occur in a worker process if a backend returned a "101 Switching Protocols" response to a subrequest. *) Bugfix: a segmentation fault occurred in a master process if a shared memory zone size was changed during a reconfiguration and the reconfiguration failed. *) Bugfix: in the ngx_http_fastcgi_module. *) Bugfix: nginx returned the 500 error if parameters without variables were specified in the "xslt_stylesheet" directive. *) Workaround: "gzip filter failed to use preallocated memory" alerts appeared in logs when using a zlib library variant from Intel. *) Bugfix: the "worker_shutdown_timeout" directive did not work when using mail proxy and when proxying WebSocket connections. |
| 2017-10-28 12:57:50 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message:
nginx-devel: updated to 1.13.6
Changes with nginx 1.13.6 10 Oct 2017
*) Bugfix: switching to the next upstream server in the stream module
did not work when using the "ssl_preread" directive.
*) Bugfix: in the ngx_http_v2_module.
Thanks to Piotr Sikora.
*) Bugfix: nginx did not support dates after the year 2038 on 32-bit
platforms with 64-bit time_t.
*) Bugfix: in handling of dates prior to the year 1970 and after the
year 10000.
*) Bugfix: in the stream module timeouts waiting for UDP datagrams from
upstream servers were not logged or logged at the "info" level
instead of "error".
*) Bugfix: when using HTTP/2 nginx might return the 400 response without
logging the reason.
*) Bugfix: in processing of corrupted cache files.
*) Bugfix: cache control headers were ignored when caching errors
intercepted by error_page.
*) Bugfix: when using HTTP/2 client request body might be corrupted.
*) Bugfix: in handling of client addresses when using unix domain
sockets.
*) Bugfix: nginx hogged CPU when using the "hash ... consistent"
directive in the upstream block if large weights were used and all or
most of the servers were unavailable.
|
| 2017-07-23 23:31:09 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: Changes with nginx 1.13.3: *) Security: a specially crafted request might result in an integer overflow and incorrect processing of ranges in the range filter, potentially resulting in sensitive information leak (CVE-2017-7529). Changes with nginx 1.13.2: *) Change: nginx now returns 200 instead of 416 when a range starting with 0 is requested from an empty file. *) Feature: the "add_trailer" directive. *) Bugfix: nginx could not be built on Cygwin and NetBSD; the bug had appeared in 1.13.0. *) Bugfix: nginx could not be built under MSYS2 / MinGW 64-bit. *) Bugfix: a segmentation fault might occur in a worker process when using SSI with many includes and proxy_pass with variables. *) Bugfix: in the ngx_http_v2_module. Changes with nginx 1.13.1: *) Feature: now a hostname can be used as the "set_real_ip_from" directive parameter. *) Feature: vim syntax highlighting scripts improvements. *) Feature: the "worker_cpu_affinity" directive now works on DragonFly BSD. *) Bugfix: SSL renegotiation on backend connections did not work when using OpenSSL before 1.1.0. *) Workaround: nginx could not be built with Oracle Developer Studio 12.5. *) Workaround: now cache manager ignores long locked cache entries when cleaning cache based on the "max_size" parameter. *) Bugfix: client SSL connections were immediately closed if deferred accept and the "proxy_protocol" parameter of the "listen" \ directive were used. *) Bugfix: in the "proxy_cache_background_update" directive. *) Workaround: now the "tcp_nodelay" directive sets the TCP_NODELAY option before an SSL handshake. |
| 2017-06-29 14:20:06 by Filip Hajny | Files touched by this commit (3) |
Log message: Install processed rather than template nginx man page. PKGREVISION++ Fixes joyent/pkgsrc/issues/515 |
| 2017-06-17 21:54:47 by Joerg Sonnenberger | Files touched by this commit (2) |
Log message: Fix build on NetBSD. |
| 2017-05-02 14:31:43 by Filip Hajny | Files touched by this commit (2) | |
Log message: * Update www/nginx-devel to 1.13.0. * Update naxsi to 0.55.3 Changes with nginx 1.13.0 25 Apr 2017 - Change: SSL renegotiation is now allowed on backend connections. - Feature: the "rcvbuf" and "sndbuf" parameters of the \ "listen" directives of the mail proxy and stream modules. - Feature: the "return" and "error_page" directives can now \ be used to return 308 redirections. Thanks to Simon Leblanc. - Feature: the "TLSv1.3" parameter of the "ssl_protocols" \ directive. - Feature: when logging signals nginx now logs PID of the process which sent the signal. - Bugfix: in memory allocation error handling. - Bugfix: if a server in the stream module listened on a wildcard address, the source address of a response UDP datagram could differ from the original datagram destination address. Changes with nginx 1.11.13 04 Apr 2017 - Feature: the "http_429" parameter of the "proxy_next_upstream", "fastcgi_next_upstream", "scgi_next_upstream", and "uwsgi_next_upstream" directives. Thanks to Piotr Sikora. - Bugfix: in memory allocation error handling. - Bugfix: requests might hang when using the "sendfile" and "timer_resolution" directives on Linux. - Bugfix: requests might hang when using the "sendfile" and \ "aio_write" directives with subrequests. - Bugfix: in the ngx_http_v2_module. Thanks to Piotr Sikora. - Bugfix: a segmentation fault might occur in a worker process when using HTTP/2. - Bugfix: requests might hang when using the "limit_rate", "sendfile_max_chunk", "limit_req" directives, or the \ $r->sleep() embedded perl method with subrequests. - Bugfix: in the ngx_http_slice_module. Changes with nginx 1.11.12 24 Mar 2017 - Bugfix: nginx might hog CPU; the bug had appeared in 1.11.11. Changes with nginx 1.11.11 21 Mar 2017 - Feature: the "worker_shutdown_timeout" directive. - Feature: vim syntax highlighting scripts improvements. Thanks to Wei-Ko Kao. - Bugfix: a segmentation fault might occur in a worker process if the $limit_rate variable was set to an empty string. - Bugfix: the "proxy_cache_background_update", "fastcgi_cache_background_update", \ "scgi_cache_background_update", and "uwsgi_cache_background_update" directives might work incorrectly if the "if" directive was used. - Bugfix: a segmentation fault might occur in a worker process if number of large_client_header_buffers in a virtual server was different from the one in the default server. - Bugfix: in the mail proxy server. Changes with nginx 1.11.10 14 Feb 2017 - Change: cache header format has been changed, previously cached responses will be invalidated. - Feature: support of "stale-while-revalidate" and \ "stale-if-error" extensions in the "Cache-Control" backend response header line. - Feature: the "proxy_cache_background_update", "fastcgi_cache_background_update", \ "scgi_cache_background_update", and "uwsgi_cache_background_update" directives. - Feature: nginx is now able to cache responses with the "Vary" header line up to 128 characters long (instead of 42 characters in previous versions). - Feature: the "build" parameter of the "server_tokens" \ directive. Thanks to Tom Thorogood. - Bugfix: "[crit] SSL_write() failed" messages might appear in logs when handling requests with the "Expect: 100-continue" request header line. - Bugfix: the ngx_http_slice_module did not work in named locations. - Bugfix: a segmentation fault might occur in a worker process when using AIO after an "X-Accel-Redirect" redirection. - Bugfix: reduced memory consumption for long-lived requests using gzipping. |
| 2017-02-14 11:14:36 by Filip Hajny | Files touched by this commit (2) |
Log message:
Update www/nginx-devel to 1.11.9.
Changes with nginx 1.11.9 24 Jan 2017
*) Bugfix: nginx might hog CPU when using the stream module; the bug had
appeared in 1.11.5.
*) Bugfix: EXTERNAL authentication mechanism in mail proxy was accepted
even if it was not enabled in the configuration.
*) Bugfix: a segmentation fault might occur in a worker process if the
"ssl_verify_client" directive of the stream module was used.
*) Bugfix: the "ssl_verify_client" directive of the stream module might
not work.
*) Bugfix: closing keepalive connections due to no free worker
connections might be too aggressive.
Thanks to Joel Cunningham.
*) Bugfix: an incorrect response might be returned when using the
"sendfile" directive on FreeBSD and macOS; the bug had appeared in
1.7.8.
*) Bugfix: a truncated response might be stored in cache when using the
"aio_write" directive.
*) Bugfix: a socket leak might occur when using the "aio_write"
directive.
Changes with nginx 1.11.8 27 Dec 2016
*) Feature: the "absolute_redirect" directive.
*) Feature: the "escape" parameter of the "log_format" \
directive.
*) Feature: client SSL certificates verification in the stream module.
*) Feature: the "ssl_session_ticket_key" directive supports AES256
encryption of TLS session tickets when used with 80-byte keys.
*) Feature: vim-commentary support in vim scripts.
Thanks to Armin Grodon.
*) Bugfix: recursion when evaluating variables was not limited.
*) Bugfix: in the ngx_stream_ssl_preread_module.
*) Bugfix: if a server in an upstream in the stream module failed, it
was considered alive only when a test connection sent to it after
fail_timeout was closed; now a successfully established connection is
enough.
*) Bugfix: nginx/Windows could not be built with 64-bit Visual Studio.
*) Bugfix: nginx/Windows could not be built with OpenSSL 1.1.0.
Changes with nginx 1.11.7 13 Dec 2016
*) Change: now in case of a client certificate verification error the
$ssl_client_verify variable contains a string with the failure
reason, for example, "FAILED:certificate has expired".
*) Feature: the $ssl_ciphers, $ssl_curves, $ssl_client_v_start,
$ssl_client_v_end, and $ssl_client_v_remain variables.
*) Feature: the "volatile" parameter of the "map" directive.
*) Bugfix: dependencies specified for a module were ignored while
building dynamic modules.
*) Bugfix: when using HTTP/2 and the "limit_req" or \
"auth_request"
directives client request body might be corrupted; the bug had
appeared in 1.11.0.
*) Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2; the bug had appeared in 1.11.3.
*) Bugfix: in the ngx_http_mp4_module.
Thanks to Congcong Hu.
*) Bugfix: in the ngx_http_perl_module.
Changes with nginx 1.11.6 15 Nov 2016
*) Change: format of the $ssl_client_s_dn and $ssl_client_i_dn variables
has been changed to follow RFC 2253 (RFC 4514); values in the old
format are available in the $ssl_client_s_dn_legacy and
$ssl_client_i_dn_legacy variables.
*) Change: when storing temporary files in a cache directory they will
be stored in the same subdirectories as corresponding cache files
instead of a separate subdirectory for temporary files.
*) Feature: EXTERNAL authentication mechanism support in mail proxy.
Thanks to Robert Norris.
*) Feature: WebP support in the ngx_http_image_filter_module.
*) Feature: variables support in the "proxy_method" directive.
Thanks to Dmitry Lazurkin.
*) Feature: the "http2_max_requests" directive in the
ngx_http_v2_module.
*) Feature: the "proxy_cache_max_range_offset",
"fastcgi_cache_max_range_offset", \
"scgi_cache_max_range_offset", and
"uwsgi_cache_max_range_offset" directives.
*) Bugfix: graceful shutdown of old worker processes might require
infinite time when using HTTP/2.
*) Bugfix: in the ngx_http_mp4_module.
*) Bugfix: "ignore long locked inactive cache entry" alerts might \
appear
in logs when proxying WebSocket connections with caching enabled.
*) Bugfix: nginx did not write anything to log and returned a response
with code 502 instead of 504 when a timeout occurred during an SSL
handshake to a backend.
Changes with nginx 1.11.5 11 Oct 2016
*) Change: the --with-ipv6 configure option was removed, now IPv6
support is configured automatically.
*) Change: now if there are no available servers in an upstream, nginx
will not reset number of failures of all servers as it previously
did, but will wait for fail_timeout to expire.
*) Feature: the ngx_stream_ssl_preread_module.
*) Feature: the "server" directive in the "upstream" \
context supports
the "max_conns" parameter.
*) Feature: the --with-compat configure option.
*) Feature: "manager_files", "manager_threshold", and \
"manager_sleep"
parameters of the "proxy_cache_path", \
"fastcgi_cache_path",
"scgi_cache_path", and "uwsgi_cache_path" directives.
*) Bugfix: flags passed by the --with-ld-opt configure option were not
used while building perl module.
*) Bugfix: in the "add_after_body" directive when used with the
"sub_filter" directive.
*) Bugfix: in the $realip_remote_addr variable.
*) Bugfix: the "dav_access", "proxy_store_access",
"fastcgi_store_access", "scgi_store_access", and \
"uwsgi_store_access"
directives ignored permissions specified for user.
*) Bugfix: unix domain listen sockets might not be inherited during
binary upgrade on Linux.
*) Bugfix: nginx returned the 400 response on requests with the "-"
character in the HTTP method.
|
New packages: