Tags

Tags give the ability to mark specific points in history as being important

  • v1.7.7

    9a11306b · Changes with nginx 1.7.7 28 Oct 2014 · 
    Changes with nginx 1.7.7                                         28 Oct 2014

    *) Change: now nginx takes into account the "Vary" header line in a
       backend response while caching.

    *) Feature: the "proxy_force_ranges", "fastcgi_force_ranges",
       "scgi_force_ranges", and "uwsgi_force_ranges" directives.

    *) Feature: the "proxy_limit_rate", "fastcgi_limit_rate",
       "scgi_limit_rate", and "uwsgi_limit_rate" directives.

    *) Feature: the "Vary" parameter of the "proxy_ignore_headers",
       "fastcgi_ignore_headers", "scgi_ignore_headers", and
       "uwsgi_ignore_headers" directives.

    *) Bugfix: the last part of a response received from a backend with
       unbufferred proxy might not be sent to a client if "gzip" or "gunzip"
       directives were used.

    *) Bugfix: in the "proxy_cache_revalidate" directive.
       Thanks to Piotr Sikora.

    *) Bugfix: in error handling.
       Thanks to Yichun Zhang and Daniil Bondarev.

    *) Bugfix: in the "proxy_next_upstream_tries" and
       "proxy_next_upstream_timeout" directives.
       Thanks to Feng Gu.

    *) Bugfix: nginx/Windows could not be built with MinGW-w64 gcc.
       Thanks to Kouhei Sutou.

  • v1.7.6

    4aeefe1f · Changes with nginx 1.7.6 30 Sep 2014 · 
    Changes with nginx 1.7.6                                         30 Sep 2014

    *) Change: the deprecated "limit_zone" directive is not supported
       anymore.

    *) Feature: the "limit_conn_zone" and "limit_req_zone" directives now
       can be used with combinations of multiple variables.

    *) Bugfix: request body might be transmitted incorrectly when retrying a
       FastCGI request to the next upstream server.

    *) Bugfix: in logging to syslog.

  • v1.6.2

    ab9c4cd3 · Changes with nginx 1.6.2 16 Sep 2014 · 
    Changes with nginx 1.6.2                                         16 Sep 2014

    *) Security: it was possible to reuse SSL sessions in unrelated contexts
       if a shared SSL session cache or the same TLS session ticket key was
       used for multiple "server" blocks (CVE-2014-3616).
       Thanks to Antoine Delignat-Lavaud.

    *) Bugfix: requests might hang if resolver was used and a DNS server
       returned a malformed response; the bug had appeared in 1.5.8.

    *) Bugfix: requests might hang if resolver was used and a timeout
       occurred during a DNS request.

  • v1.7.5

    bb8c0683 · Changes with nginx 1.7.5 16 Sep 2014 · 
    Changes with nginx 1.7.5                                         16 Sep 2014

    *) Security: it was possible to reuse SSL sessions in unrelated contexts
       if a shared SSL session cache or the same TLS session ticket key was
       used for multiple "server" blocks (CVE-2014-3616).
       Thanks to Antoine Delignat-Lavaud.

    *) Change: now the "stub_status" directive does not require a parameter.

    *) Feature: the "always" parameter of the "add_header" directive.

    *) Feature: the "proxy_next_upstream_tries",
       "proxy_next_upstream_timeout", "fastcgi_next_upstream_tries",
       "fastcgi_next_upstream_timeout", "memcached_next_upstream_tries",
       "memcached_next_upstream_timeout", "scgi_next_upstream_tries",
       "scgi_next_upstream_timeout", "uwsgi_next_upstream_tries", and
       "uwsgi_next_upstream_timeout" directives.

    *) Bugfix: in the "if" parameter of the "access_log" directive.

    *) Bugfix: in the ngx_http_perl_module.
       Thanks to Piotr Sikora.

    *) Bugfix: the "listen" directive of the mail proxy module did not allow
       to specify more than two parameters.

    *) Bugfix: the "sub_filter" directive did not work with a string to
       replace consisting of a single character.

    *) Bugfix: requests might hang if resolver was used and a timeout
       occurred during a DNS request.

    *) Bugfix: in the ngx_http_spdy_module when using with AIO.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "set" directive was used to change the "$http_...", "$sent_http_...",
       or "$upstream_http_..." variables.

    *) Bugfix: in memory allocation error handling.
       Thanks to Markus Linnala and Feng Gu.

  • v1.6.1

    1fdff008 · Changes with nginx 1.6.1 05 Aug 2014 · 
    Changes with nginx 1.6.1                                         05 Aug 2014

    *) Security: pipelined commands were not discarded after STARTTLS
       command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
       Thanks to Chris Boulton.

    *) Bugfix: the $uri variable might contain garbage when returning errors
       with code 400.
       Thanks to Sergey Bobrov.

    *) Bugfix: in the "none" parameter in the "smtp_auth" directive; the bug
       had appeared in 1.5.6.
       Thanks to Svyatoslav Nikolsky.

  • v1.7.4

    11769521 · Changes with nginx 1.7.4 05 Aug 2014 · 
    Changes with nginx 1.7.4                                         05 Aug 2014

    *) Security: pipelined commands were not discarded after STARTTLS
       command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
       Thanks to Chris Boulton.

    *) Change: URI escaping now uses uppercase hexadecimal digits.
       Thanks to Piotr Sikora.

    *) Feature: now nginx can be build with BoringSSL and LibreSSL.
       Thanks to Piotr Sikora.

    *) Bugfix: requests might hang if resolver was used and a DNS server
       returned a malformed response; the bug had appeared in 1.5.8.

    *) Bugfix: in the ngx_http_spdy_module.
       Thanks to Piotr Sikora.

    *) Bugfix: the $uri variable might contain garbage when returning errors
       with code 400.
       Thanks to Sergey Bobrov.

    *) Bugfix: in error handling in the "proxy_store" directive and the
       ngx_http_dav_module.
       Thanks to Feng Gu.

    *) Bugfix: a segmentation fault might occur if logging of errors to
       syslog was used; the bug had appeared in 1.7.1.

    *) Bugfix: the $geoip_latitude, $geoip_longitude, $geoip_dma_code, and
       $geoip_area_code variables might not work.
       Thanks to Yichun Zhang.

    *) Bugfix: in memory allocation error handling.
       Thanks to Tatsuhiko Kubo and Piotr Sikora.

  • v1.7.3

    251331cd · Changes with nginx 1.7.3 08 Jul 2014 · 
    Changes with nginx 1.7.3                                         08 Jul 2014

    *) Feature: weak entity tags are now preserved on response
       modifications, and strong ones are changed to weak.

    *) Feature: cache revalidation now uses If-None-Match header if
       possible.

    *) Feature: the "ssl_password_file" directive.

    *) Bugfix: the If-None-Match request header line was ignored if there
       was no Last-Modified header in a response returned from cache.

    *) Bugfix: "peer closed connection in SSL handshake" messages were
       logged at "info" level instead of "error" while connecting to
       backends.

    *) Bugfix: in the ngx_http_dav_module module in nginx/Windows.

    *) Bugfix: SPDY connections might be closed prematurely if caching was
       used.

  • v1.7.2

    a995714b · Changes with nginx 1.7.2 17 Jun 2014 · 
    Changes with nginx 1.7.2                                         17 Jun 2014

    *) Feature: the "hash" directive inside the "upstream" block.

    *) Feature: defragmentation of free shared memory blocks.
       Thanks to Wandenberg Peixoto and Yichun Zhang.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       default value of the "access_log" directive was used; the bug had
       appeared in 1.7.0.
       Thanks to Piotr Sikora.

    *) Bugfix: trailing slash was mistakenly removed from the last parameter
       of the "try_files" directive.

    *) Bugfix: nginx could not be built on OS X in some cases.

    *) Bugfix: in the ngx_http_spdy_module.

  • v1.7.1

    b72398c9 · Changes with nginx 1.7.1 27 May 2014 · 
    Changes with nginx 1.7.1                                         27 May 2014

    *) Feature: the "$upstream_cookie_..." variables.

    *) Feature: the $ssl_client_fingerprint variable.

    *) Feature: the "error_log" and "access_log" directives now support
       logging to syslog.

    *) Feature: the mail proxy now logs client port on connect.

    *) Bugfix: memory leak if the "ssl_stapling" directive was used.
       Thanks to Filipe da Silva.

    *) Bugfix: the "alias" directive used inside a location given by a
       regular expression worked incorrectly if the "if" or "limit_except"
       directives were used.

    *) Bugfix: the "charset" directive did not set a charset to encoded
       backend responses.

    *) Bugfix: a "proxy_pass" directive without URI part might use original
       request after the $args variable was set.
       Thanks to Yichun Zhang.

    *) Bugfix: in the "none" parameter in the "smtp_auth" directive; the bug
       had appeared in 1.5.6.
       Thanks to Svyatoslav Nikolsky.

    *) Bugfix: if sub_filter and SSI were used together, then responses
       might be transferred incorrectly.

    *) Bugfix: nginx could not be built with the --with-file-aio option on
       Linux/aarch64.

  • v1.6.0

    ea2dabd8 · Changes with nginx 1.6.0 24 Apr 2014 · 
    Changes with nginx 1.6.0                                         24 Apr 2014

    *) 1.6.x stable branch.

  • v1.7.0

    7a8cd938 · Changes with nginx 1.7.0 24 Apr 2014 · 
    Changes with nginx 1.7.0                                         24 Apr 2014

  • v1.5.13

    d2ce3a1f · Changes with nginx 1.5.13 08 Apr 2014 · 
    Changes with nginx 1.5.13                                        08 Apr 2014

    *) Change: improved hash table handling; the default values of the
       "variables_hash_max_size" and "types_hash_bucket_size" were changed
       to 1024 and 64 respectively.

    *) Feature: the ngx_http_mp4_module now supports the "end" argument.

    *) Feature: byte ranges support in the ngx_http_mp4_module and while
       saving responses to cache.

    *) Bugfix: alerts "ngx_slab_alloc() failed: no memory" no longer logged
       when using shared memory in the "ssl_session_cache" directive and in
       the ngx_http_limit_req_module.

    *) Bugfix: the "underscores_in_headers" directive did not allow
       underscore as a first character of a header.
       Thanks to Piotr Sikora.

    *) Bugfix: cache manager might hog CPU on exit in nginx/Windows.

    *) Bugfix: nginx/Windows terminated abnormally if the
       "ssl_session_cache" directive was used with the "shared" parameter.

    *) Bugfix: in the ngx_http_spdy_module.

  • v1.4.7

    47c4fba8 · Changes with nginx 1.4.7 18 Mar 2014 · 
    Changes with nginx 1.4.7                                         18 Mar 2014

    *) Security: a heap memory buffer overflow might occur in a worker
       process while handling a specially crafted request by
       ngx_http_spdy_module, potentially resulting in arbitrary code
       execution (CVE-2014-0133).
       Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr.
       Manuel Sadosky, Buenos Aires, Argentina.

    *) Bugfix: in the "fastcgi_next_upstream" directive.
       Thanks to Lucas Molas.

  • v1.5.12

    c6e7bb24 · Changes with nginx 1.5.12 18 Mar 2014 · 
    Changes with nginx 1.5.12                                        18 Mar 2014

    *) Security: a heap memory buffer overflow might occur in a worker
       process while handling a specially crafted request by
       ngx_http_spdy_module, potentially resulting in arbitrary code
       execution (CVE-2014-0133).
       Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr.
       Manuel Sadosky, Buenos Aires, Argentina.

    *) Feature: the "proxy_protocol" parameters of the "listen" and
       "real_ip_header" directives, the $proxy_protocol_addr variable.

    *) Bugfix: in the "fastcgi_next_upstream" directive.
       Thanks to Lucas Molas.

  • v1.4.6

    483f0cd5 · Changes with nginx 1.4.6 04 Mar 2014 · 
    Changes with nginx 1.4.6                                         04 Mar 2014

*) Bugfix: the "client_max_body_size" directive might not work when
reading a request body using chunked transfer encoding; the bug had
appeared in 1.3.9.
Thanks to Lucas Molas.

*) Bugfix: a segmentation fault might occur in a worker process when
proxying WebSocket connections.

  • v1.5.11

    433c60ea · Changes with nginx 1.5.11 04 Mar 2014 · 
    Changes with nginx 1.5.11                                        04 Mar 2014

    *) Security: memory corruption might occur in a worker process on 32-bit
       platforms while handling a specially crafted request by
       ngx_http_spdy_module, potentially resulting in arbitrary code
       execution (CVE-2014-0088); the bug had appeared in 1.5.10.
       Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr.
       Manuel Sadosky, Buenos Aires, Argentina.

    *) Feature: the $ssl_session_reused variable.

    *) Bugfix: the "client_max_body_size" directive might not work when
       reading a request body using chunked transfer encoding; the bug had
       appeared in 1.3.9.
       Thanks to Lucas Molas.

    *) Bugfix: a segmentation fault might occur in a worker process when
       proxying WebSocket connections.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_spdy_module was used on 32-bit platforms; the bug had
       appeared in 1.5.10.

    *) Bugfix: the $upstream_status variable might contain wrong data if the
       "proxy_cache_use_stale" or "proxy_cache_revalidate" directives were
       used.
       Thanks to Piotr Sikora.

    *) Bugfix: a segmentation fault might occur in a worker process if
       errors with code 400 were redirected to a named location using the
       "error_page" directive.

    *) Bugfix: nginx/Windows could not be built with Visual Studio 2013.

  • v1.4.5

    a4c36cb2 · Changes with nginx 1.4.5 11 Feb 2014 · 
    Changes with nginx 1.4.5                                         11 Feb 2014

    *) Bugfix: the $ssl_session_id variable contained full session
       serialized instead of just a session id.
       Thanks to Ivan Ristić.

    *) Bugfix: client connections might be immediately closed if deferred
       accept was used; the bug had appeared in 1.3.15.

    *) Bugfix: alerts "zero size buf in output" might appear in logs while
       proxying; the bug had appeared in 1.3.9.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_spdy_module was used.

    *) Bugfix: proxied WebSocket connections might hang right after
       handshake if the select, poll, or /dev/poll methods were used.

    *) Bugfix: a timeout might occur while reading client request body in an
       SSL connection using chunked transfer encoding.

    *) Bugfix: memory leak in nginx/Windows.

  • v1.5.10

    7906d14d · Changes with nginx 1.5.10 04 Feb 2014 · 
    Changes with nginx 1.5.10                                        04 Feb 2014

*) Feature: the ngx_http_spdy_module now uses SPDY 3.1 protocol.
Thanks to Automattic and MaxCDN for sponsoring this work.

*) Feature: the ngx_http_mp4_module now skips tracks too short for a
seek requested.

*) Bugfix: a segmentation fault might occur in a worker process if the
$ssl_session_id variable was used in logs; the bug had appeared in
1.5.9.

*) Bugfix: the $date_local and $date_gmt variables used wrong format
outside of the ngx_http_ssi_filter_module.

*) Bugfix: client connections might be immediately closed if deferred
accept was used; the bug had appeared in 1.3.15.

*) Bugfix: alerts "getsockopt(TCP_FASTOPEN) ... failed" appeared in logs
during binary upgrade on Linux; the bug had appeared in 1.5.8.
Thanks to Piotr Sikora.

  • v1.5.9

    498c331c · Changes with nginx 1.5.9 22 Jan 2014 · 
    Changes with nginx 1.5.9                                         22 Jan 2014

    *) Change: now nginx expects escaped URIs in "X-Accel-Redirect" headers.

    *) Feature: the "ssl_buffer_size" directive.

    *) Feature: the "limit_rate" directive can now be used to rate limit
       responses sent in SPDY connections.

    *) Feature: the "spdy_chunk_size" directive.

    *) Feature: the "ssl_session_tickets" directive.
       Thanks to Dirkjan Bussink.

    *) Bugfix: the $ssl_session_id variable contained full session
       serialized instead of just a session id.
       Thanks to Ivan Ristić.

    *) Bugfix: nginx incorrectly handled escaped "?" character in the
       "include" SSI command.

    *) Bugfix: the ngx_http_dav_module did not unescape destination URI of
       the COPY and MOVE methods.

    *) Bugfix: resolver did not understand domain names with a trailing dot.
       Thanks to Yichun Zhang.

    *) Bugfix: alerts "zero size buf in output" might appear in logs while
       proxying; the bug had appeared in 1.3.9.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_spdy_module was used.

    *) Bugfix: proxied WebSocket connections might hang right after
       handshake if the select, poll, or /dev/poll methods were used.

    *) Bugfix: the "xclient" directive of the mail proxy module incorrectly
       handled IPv6 client addresses.

  • v1.5.8

    80816f36 · Changes with nginx 1.5.8 17 Dec 2013 · 
    Changes with nginx 1.5.8                                         17 Dec 2013

*) Feature: IPv6 support in resolver.

*) Feature: the "listen" directive supports the "fastopen" parameter.
Thanks to Mathew Rodley.

*) Feature: SSL support in the ngx_http_uwsgi_module.
Thanks to Roberto De Ioris.

*) Feature: vim syntax highlighting scripts were added to contrib.
Thanks to Evan Miller.

*) Bugfix: a timeout might occur while reading client request body in an
SSL connection using chunked transfer encoding.

*) Bugfix: the "master_process" directive did not work correctly in
nginx/Windows.

*) Bugfix: the "setfib" parameter of the "listen" directive might not
work.

*) Bugfix: in the ngx_http_spdy_module.