Version: 1.8.1-5.1
* Thu Jan 28 2016 i@marguerite.su
- update version 1.8.1 stable
* Security: invalid pointer dereference might occur during DNS server
response processing if the "resolver" directive was used, allowing an
attacker who is able to forge UDP packets from the DNS server to
cause segmentation fault in a worker process (CVE-2016-0742). boo#963781
?* Security: use-after-free condition might occur during CNAME response
processing if the "resolver" directive was used, allowing an attacker
who is able to trigger name resolution to cause segmentation fault in
a worker process, or might have potential other impact
(CVE-2016-0746). boo#963778
?* Security: CNAME resolution was insufficiently limited if the
"resolver" directive was used, allowing an attacker who is able to
trigger arbitrary name resolution to cause excessive resource
consumption in worker processes (CVE-2016-0747). boo#963775
?* Bugfix: the "proxy_protocol" parameter of the "listen" directive did
not work if not specified in the first "listen" directive for a
listen socket.
* Bugfix: nginx might fail to start on some old Linux variants; the bug
had appeared in 1.7.11.
* Bugfix: a segmentation fault might occur in a worker process if the
"try_files" and "alias" directives were used inside a location given
by a regular expression; the bug had appeared in 1.7.1.
* Bugfix: the "try_files" directive inside a nested location given by a
regular expression worked incorrectly if the "alias" directive was
used in the outer location.
* Bugfix: "header already sent" alerts might appear in logs when using
cache; the bug had appeared in 1.7.5.
* Bugfix: a segmentation fault might occur in a worker process if
different ssl_session_cache settings were used in different virtual
servers.
* Bugfix: the "expires" directive might not work when using variables.
* Bugfix: if nginx was built with the ngx_http_spdy_module it was
possible to use the SPDY protocol even if the "spdy" parameter of the
"listen" directive was not specified.
* Thu Jun 11 2015 i@marguerite.su
- update version 1.8.0 stable
* refer to http://nginx.org/en/CHANGES-1.8 for 1.7.x changes
- enable thread pools invented in nginx 1.7.11
- refactor nginx-1.4.2-passenger_fix.patch
* rename to nginx-1.4.2-passenger-4.0.18.patch
* remove zero_in_uri usage
- add patch: nginx-1.8.0-passenger-4.0.18.patch
* fix "warning: comparison between pointer and integer"
and "error: invalid type argument of ?->? (have ?int?)"
- drop nginx-1.4.4-passenger-4.0.33_fix.patch
* webyast is dead, we only enable passenger on 13.1 and below,
for compatibility. this patch will never be applied now.
- drop nginx-1.4.4-passenger-3.0.12_fix.patch
* this patch intended to be applied on < 13.1 machines, but
13.1 is the oldest one we still have to build against.
- update fancyindex to version 0.3.5
* Sun Apr 12 2015 mrueckert@suse.de
- disable libatomic-ops on SLE12 for now. the library seems not
available there.
* Sun Apr 12 2015 mrueckert@suse.de
- enable ngx_http_auth_request_module
* Sun Apr 12 2015 mrueckert@suse.de
- update version 1.6.3 stable
- Feature: now the "tcp_nodelay" directive works with SPDY
connections.
- Bugfix: in error handling. Thanks to Yichun Zhang and Daniil
Bondarev.
- Bugfix: alerts "header already sent" appeared in logs if the
"post_action" directive was used; the bug had appeared in
1.5.4.
- Bugfix: alerts "sem_post() failed" might appear in logs.
- Bugfix: in hash table handling. Thanks to Chris West.
- Bugfix: in integer overflow handling. Thanks to Régis Leroy.
- no longer install the init script when using systemd service file
- create rcnginx for systemd case
* Wed Mar 25 2015 vpereirabr@opensuse.org
- On OpenSUSE 13.2, it requires libGeoIP-devel
* Wed Sep 17 2014 i@marguerite.su
- update version 1.6.2 stable
* Security: it was possible to reuse SSL sessions in unrelated
contexts if a shared SSL session cache or the same TLS session
ticket key was used for multiple "server" blocks (CVE-2014-3616).
Thanks to Antoine Delignat-Lavaud.
* Bugfix: requests might hang if resolver was used and a DNS server
returned a malformed response; the bug had appeared in 1.5.8.
* Bugfix: requests might hang if resolver was used and a timeout
occurred during a DNS request.
* Fri Sep 05 2014 i@marguerite.su
- use /run as pid/lock directory on openSUSE Factory (13.2=+)
* Mon Aug 18 2014 i@marguerite.su
- disable passenger for 1320 as rubygem-passenger isn't in Factory
* Mon Aug 18 2014 i@marguerite.su
- update version 1.6.1 stable
* Security: pipelined commands were not discarded after STARTTLS
command in SMTP proxy (CVE-2014-3556)
* Bugfix: the $uri variable might contain garbage when returning
errors with code 400
* Bugfix: in the "none" parameter in the "smtp_auth" directive
- drop nginx-1.0.4_default_config.patch
- add nginx-1.6.1-default_config.patch
* Mon Aug 18 2014 i@marguerite.su
- clean specfile
- fix for x86_64 builds for 11.4-
* can't build with -fPIE
* Fri Jun 06 2014 lars@linux-schulserver.de
- use zip file downloaded from github directly, as requested by
Tomá? Chvátal
* Mon May 05 2014 lars@linux-schulserver.de
- add and include FancyIndex module (with conditional)
- explicit enable http_ssl_module
* Wed Mar 19 2014 aj@ajaissle.de
- Update to nginx 1.4.7
- Changelog nginx 1.4.7
* ) Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr.
Manuel Sadosky, Buenos Aires, Argentina.
* ) Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas.
- Changelog nginx 1.4.6
* ) Bugfix: the "client_max_body_size" directive might not work when
reading a request body using chunked transfer encoding; the bug had
appeared in 1.3.9.
Thanks to Lucas Molas.
* ) Bugfix: a segmentation fault might occur in a worker process when
proxying WebSocket connections.
- Changelog nginx 1.4.5
* ) Bugfix: the $ssl_session_id variable contained full session
serialized instead of just a session id.
Thanks to Ivan Risti?.
* ) Bugfix: client connections might be immediately closed if deferred
accept was used; the bug had appeared in 1.3.15.
* ) Bugfix: alerts "zero size buf in output" might appear in logs while
proxying; the bug had appeared in 1.3.9.
* ) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used.
* ) Bugfix: proxied WebSocket connections might hang right after
handshake if the select, poll, or /dev/poll methods were used.
* ) Bugfix: a timeout might occur while reading client request body in an
SSL connection using chunked transfer encoding.
* ) Bugfix: memory leak in nginx/Windows.
- Updated Url (nginx.org instead of www.nginx.net)
- Added nginx.rpmlintrc as Source100
* Fri Jan 17 2014 aj@ajaissle.de
- Rebased passenger_fix.patch
+ nginx-1.4.4-passenger-3.0.12_fix.patch for openSUSE 12.2 and 12.3
+ nginx-1.4.2-passenger_fix.patch for openSUSE 13.1 and Tumbleweed
+ nginx-1.4.4-passenger-4.0.33_fix.patch for openSUSE Factory
- Always rebuild libpassenger_common on openSUSE < 1310 with -fPIC
* Fri Jan 03 2014 dmueller@suse.com
- update to 1.4.4:
* ) Security: a character following an unescaped space in a request line
was handled incorrectly (CVE-2013-4547); the bug had appeared in
0.8.41.
* ) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used with the "client_body_in_file_only"
directive.
* ) Bugfix: a segmentation fault might occur on start or during
reconfiguration if the "try_files" directive was used with an empty
parameter.
* ) Bugfix: the $request_time variable did not work in nginx/Windows.
* ) Bugfix: in the ngx_http_auth_basic_module when using "$apr1$"
* ) Bugfix: in the ngx_http_autoindex_module.
* ) Bugfix: in the mail proxy server.
* Tue Dec 17 2013 alarrosa@suse.com
- Updated passenger patch to apply correctly, also added rubygem-passenger
as BuildRequires
- modified patches:
* nginx-1.4.2-passenger_fix.patch
* Mon Oct 07 2013 lslezak@suse.cz
- updated passenger patch to apply (Utils/MD5.h patch is not needed
anymore, fixed upstream)
* Wed Aug 14 2013 lslezak@suse.cz
- enable back passenger support (needed by WebYast)
* Mon Jul 22 2013 crrodriguez@opensuse.org
- Fix PIE build and linkage, must use --with-ld-opt
Version: 1.13.9-12.1
* Wed Feb 21 2018 mrueckert@suse.de
- update rmtp module to 1.2.1
- just commenting all places where we fallthrough conditionals
* Wed Feb 21 2018 mrueckert@suse.de
- update headers more to 0.33
- feature: add wildcard match support for
more_clear_input_headers.
* Wed Feb 21 2018 mrueckert@suse.de
- update fancyindex module to 0.4.2
This release contains an important fix which can cause Nginx to
crash when a directory contains zero-sized (empty) files. This
bug has been present in all previous releases, and all users are
strongly encouraged to update to version 0.4.2.
https://github.com/aperezdc/ngx-fancyindex/releases/tag/v0.4.2
* Wed Feb 21 2018 mrueckert@suse.de
- changes from 1.13.9
- Feature: HTTP/2 server push support; the "http2_push" and
"http2_push_preload" directives.
- Bugfix: "header already sent" alerts might appear in logs when
using cache; the bug had appeared in 1.9.13.
- Bugfix: a segmentation fault might occur in a worker process if
the "ssl_verify_client" directive was used and no SSL
certificate was specified in a virtual server.
- Bugfix: in the ngx_http_v2_module.
- Bugfix: in the ngx_http_dav_module.
- updates from 1.13.8
- Feature: now nginx automatically preserves the CAP_NET_RAW
capability in worker processes when using the "transparent"
parameter of the "proxy_bind", "fastcgi_bind",
"memcached_bind", "scgi_bind", and "uwsgi_bind" directives.
- Feature: improved CPU cache line size detection. Thanks to
Debayan Ghosh.
- Feature: new directives in vim syntax highlighting scripts.
Thanks to Gena Makhomed.
- Bugfix: binary upgrade refused to work if nginx was re-parented
to a process with PID different from 1 after its parent process
has finished.
- Bugfix: the ngx_http_autoindex_module incorrectly handled
requests with bodies.
- Bugfix: in the "proxy_limit_rate" directive when used with the
"keepalive" directive.
- Bugfix: some parts of a response might be buffered when using
"proxy_buffering off" if the client connection used SSL.
Thanks to Patryk Lesiewicz.
- Bugfix: in the "proxy_cache_background_update" directive.
- Bugfix: it was not possible to start a parameter with a
variable in the "${name}" form with the name in curly brackets
without enclosing the parameter into single or double quotes.
* Wed Feb 07 2018 achernikov@suse.com
- Install /etc/nginx/conf.d directory for custom user configuration
files
* Wed Feb 07 2018 achernikov@suse.com
- Install /etc/nginx/vhosts.d directory for default installation
to house custom virtual hosts configuration files
* Mon Dec 18 2017 avindra@opensuse.org
- update to version 1.13.7
- Bugfix: in the $upstream_status variable.
- Bugfix: a segmentation fault might occur in a worker process
if a backend returned a "101 Switching Protocols" response to
a subrequest.
- Bugfix: a segmentation fault occurred in a master process if a
shared memory zone size was changed during a reconfiguration
and the reconfiguration failed.
- Bugfix: in the ngx_http_fastcgi_module.
- Bugfix: nginx returned the 500 error if parameters without
variables were specified in the "xslt_stylesheet" directive.
- Workaround: "gzip filter failed to use preallocated memory"
alerts appeared in logs when using a zlib library variant
from Intel.
- Bugfix: the "worker_shutdown_timeout" directive did not work
when using mail proxy and when proxying WebSocket connections.
- partial cleanup with spec-cleaner
* Thu Oct 12 2017 mrueckert@suse.de
- update to 1.13.6
- Bugfix: switching to the next upstream server in the stream
module did not work when using the "ssl_preread" directive.
- Bugfix: in the ngx_http_v2_module. Thanks to Piotr Sikora.
- Bugfix: nginx did not support dates after the year 2038 on
32-bit platforms with 64-bit time_t.
- Bugfix: in handling of dates prior to the year 1970 and after
the year 10000.
- Bugfix: in the stream module timeouts waiting for UDP datagrams
from upstream servers were not logged or logged at the "info"
level instead of "error".
- Bugfix: when using HTTP/2 nginx might return the 400 response
without logging the reason.
- Bugfix: in processing of corrupted cache files.
- Bugfix: cache control headers were ignored when caching errors
intercepted by error_page.
- Bugfix: when using HTTP/2 client request body might be
corrupted.
- Bugfix: in handling of client addresses when using unix domain
sockets.
- Bugfix: nginx hogged CPU when using the "hash ... consistent"
directive in the upstream block if large weights were used and
all or most of the servers were unavailable.
* Fri Oct 06 2017 mrueckert@suse.de
- extra modules were enabled on sles due to a typo
* Thu Oct 05 2017 achernikov@suse.com
- Submit nginx to SLES to become a http server for RMT(Repository
mirroring tool) [fate#323994, bsc#1059685, boo#1057831]
* Fri Sep 22 2017 mrueckert@suse.de
- disable extra modules on sle
* Sat Sep 16 2017 mrueckert@suse.de
- update to 1.13.5
- Feature: the $ssl_client_escaped_cert variable.
- Bugfix: the "ssl_session_ticket_key" directive and the
"include" parameter of the "geo" directive did not work on
Windows.
- Bugfix: incorrect response length was returned on 32-bit
platforms when requesting more than 4 gigabytes with multiple
ranges.
- Bugfix: the "expires modified" directive and processing of the
"If-Range" request header line did not use the response last
modification time if proxying without caching was used.
- changes from 1.13.4
- Feature: the ngx_http_mirror_module.
- Bugfix: client connections might be dropped during
configuration testing when using the "reuseport" parameter of
the "listen" directive on Linux.
- Bugfix: request body might not be available in subrequests if
it was saved to a file and proxying was used.
- Bugfix: cleaning cache based on the "max_size" parameter did
not work on Windows.
- Bugfix: any shared memory allocation required 4096 bytes on
Windows.
- Bugfix: nginx worker might be terminated abnormally when using
the "zone" directive inside the "upstream" block on Windows.
* Fri Sep 08 2017 astieger@suse.com
- add upstream signing key and verify source tarball signature
* Mon Jul 17 2017 mrueckert@suse.de
- update to 1.13.3 (boo#1048265)
- Security: a specially crafted request might result in an
integer overflow and incorrect processing of ranges in the
range filter, potentially resulting in sensitive information
leak (CVE-2017-7529).
- changes from 1.13.2
- Change: nginx now returns 200 instead of 416 when a range
starting with 0 is requested from an empty file.
- Feature: the "add_trailer" directive. Thanks to Piotr Sikora.
- Bugfix: nginx could not be built on Cygwin and NetBSD; the bug
had appeared in 1.13.0.
- Bugfix: nginx could not be built under MSYS2 / MinGW 64-bit.
Thanks to Orgad Shaneh.
- Bugfix: a segmentation fault might occur in a worker process
when using SSI with many includes and proxy_pass with
variables.
- Bugfix: in the ngx_http_v2_module. Thanks to Piotr Sikora.
- update nginx-rtmp-module to 1.2.0:
- DASH improvements
- OpenSSL 1.1 compatibility
* Thu Jun 01 2017 mrueckert@suse.de
- update to 1.13.1
- Feature: now a hostname can be used as the "set_real_ip_from"
directive parameter.
- Feature: vim syntax highlighting scripts improvements.
- Feature: the "worker_cpu_affinity" directive now works on
DragonFly BSD. Thanks to Sepherosa Ziehau.
- Bugfix: SSL renegotiation on backend connections did not work
when using OpenSSL before 1.1.0.
- Workaround: nginx could not be built with Oracle Developer
Studio 12.5.
- Workaround: now cache manager ignores long locked cache entries
when cleaning cache based on the "max_size" parameter.
- Bugfix: client SSL connections were immediately closed if
deferred accept and the "proxy_protocol" parameter of the
"listen" directive were used.
- Bugfix: in the "proxy_cache_background_update" directive.
- Workaround: now the "tcp_nodelay" directive sets the
TCP_NODELAY option before an SSL handshake.
- changes from 1.13.0
- Change: SSL renegotiation is now allowed on backend
connections.
- Feature: the "rcvbuf" and "sndbuf" parameters of the "listen"
directives of the mail proxy and stream modules.
- Feature: the "return" and "error_page" directives can now be
used to return 308 redirections. Thanks to Simon Leblanc.
- Feature: the "TLSv1.3" parameter of the "ssl_protocols"
directive.
- Feature: when logging signals nginx now logs PID of the process
which sent the signal.
- Bugfix: in memory allocation error handling.
- Bugfix: if a server in the stream module listened on a wildcard
address, the source address of a response UDP datagram could
differ from the original datagram destination address.
* Sun Apr 09 2017 michael@stroeder.com
- update to 1.12.0
- Feature: the "http_429" parameter of the "proxy_next_upstream",
"fastcgi_next_upstream", "scgi_next_upstream", and
"uwsgi_next_upstream" directives.
Thanks to Piotr Sikora.
- Bugfix: in memory allocation error handling.
- Bugfix: requests might hang when using the "sendfile" and
"timer_resolution" directives on Linux.
- Bugfix: requests might hang when using the "sendfile" and "aio_write"
directives with subrequests.
- Bugfix: in the ngx_http_v2_module.
Thanks to Piotr Sikora.
- Bugfix: a segmentation fault might occur in a worker process when
using HTTP/2.
- Bugfix: requests might hang when using the "limit_rate",
"sendfile_max_chunk", "limit_req" directives, or the $r->sleep()
embedded perl method with subrequests.
- Bugfix: in the ngx_http_slice_module.
* Wed Mar 29 2017 mrueckert@suse.de
- update to 1.11.12
- Bugfix: nginx might hog CPU; the bug had appeared in 1.11.11.
- update to 1.11.11
- Feature: the "worker_shutdown_timeout" directive.
- Feature: vim syntax highlighting scripts improvements. Thanks
to Wei-Ko Kao.
- Bugfix: a segmentation fault might occur in a worker process if
the $limit_rate variable was set to an empty string.
- Bugfix: the "proxy_cache_background_update",
"fastcgi_cache_background_update",
"scgi_cache_background_update", and
"uwsgi_cache_background_update" directives might work
incorrectly if the "if" directive was used.
- Bugfix: a segmentation fault might occur in a worker process if
number of large_client_header_buffers in a virtual server was
different from the one in the default server.
- Bugfix: in the mail proxy server.
* Tue Feb 28 2017 mrueckert@suse.de
- update to 1.11.10
- Change: cache header format has been changed, previously cached
responses will be invalidated.
- Feature: support of "stale-while-revalidate" and
"stale-if-error" extensions in the "Cache-Control" backend
response header line.
- Feature: the "proxy_cache_background_update",
"fastcgi_cache_background_update",
"scgi_cache_background_update", and
"uwsgi_cache_background_update" directives.
- Feature: nginx is now able to cache responses with the "Vary"
header line up to 128 characters long (instead of 42 characters
in previous versions).
- Feature: the "build" parameter of the "server_tokens"
directive. Thanks to Tom Thorogood.
- Bugfix: "[crit] SSL_write() failed" messages might appear in
logs when handling requests with the "Expect: 100-continue"
request header line.
- Bugfix: the ngx_http_slice_module did not work in named
locations.
- Bugfix: a segmentation fault might occur in a worker process
when using AIO after an "X-Accel-Redirect" redirection.
- Bugfix: reduced memory consumption for long-lived requests
using gzipping.
* Mon Jan 30 2017 mrueckert@suse.de
- update to 1.11.9
- Bugfix: nginx might hog CPU when using the stream module; the
bug had appeared in 1.11.5.
- Bugfix: EXTERNAL authentication mechanism in mail proxy was
accepted even if it was not enabled in the configuration.
- Bugfix: a segmentation fault might occur in a worker process if
the "ssl_verify_client" directive of the stream module was
used.
- Bugfix: the "ssl_verify_client" directive of the stream module
might not work.
- Bugfix: closing keepalive connections due to no free worker
connections might be too aggressive. Thanks to Joel
Cunningham.
- Bugfix: an incorrect response might be returned when using the
"sendfile" directive on FreeBSD and macOS; the bug had appeared
in 1.7.8.
- Bugfix: a truncated response might be stored in cache when
using the "aio_write" directive.
- Bugfix: a socket leak might occur when using the "aio_write"
directive.
* Sat Jan 07 2017 mrueckert@suse.de
- update to 1.11.8
- Feature: the "absolute_redirect" directive.
- Feature: the "escape" parameter of the "log_format" directive.
- Feature: client SSL certificates verification in the stream
module.
- Feature: the "ssl_session_ticket_key" directive supports AES256
encryption of TLS session tickets when used with 80-byte keys.
- Feature: vim-commentary support in vim scripts. Thanks to
Armin Grodon.
- Bugfix: recursion when evaluating variables was not limited.
- Bugfix: in the ngx_stream_ssl_preread_module.
- Bugfix: if a server in an upstream in the stream module failed,
it was considered alive only when a test connection sent to it
after fail_timeout was closed; now a successfully established
connection is enough.
- Bugfix: nginx/Windows could not be built with 64-bit Visual
Studio.
- Bugfix: nginx/Windows could not be built with OpenSSL 1.1.0.
- changes in 1.11.7
- Change: now in case of a client certificate verification error
the $ssl_client_verify variable contains a string with the
failure reason, for example, "FAILED:certificate has expired".
- Feature: the $ssl_ciphers, $ssl_curves, $ssl_client_v_start,
$ssl_client_v_end, and $ssl_client_v_remain variables.
- Feature: the "volatile" parameter of the "map" directive.
- Bugfix: dependencies specified for a module were ignored while
building dynamic modules.
- Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
directives client request body might be corrupted; the bug had
appeared in 1.11.0.
- Bugfix: a segmentation fault might occur in a worker process
when using HTTP/2; the bug had appeared in 1.11.3.
- Bugfix: in the ngx_http_mp4_module. Thanks to Congcong Hu.
- Bugfix: in the ngx_http_perl_module.
- changes in 1.11.6
- Change: format of the $ssl_client_s_dn and $ssl_client_i_dn
variables has been changed to follow RFC 2253 (RFC 4514);
values in the old format are available in the
$ssl_client_s_dn_legacy and $ssl_client_i_dn_legacy variables.
- Change: when storing temporary files in a cache directory they
will be stored in the same subdirectories as corresponding
cache files instead of a separate subdirectory for temporary
files.
- Feature: EXTERNAL authentication mechanism support in mail
proxy. Thanks to Robert Norris.
- Feature: WebP support in the ngx_http_image_filter_module.
- Feature: variables support in the "proxy_method" directive.
Thanks to Dmitry Lazurkin.
- Feature: the "http2_max_requests" directive in the
ngx_http_v2_module.
- Feature: the "proxy_cache_max_range_offset",
"fastcgi_cache_max_range_offset",
"scgi_cache_max_range_offset", and
"uwsgi_cache_max_range_offset" directives.
- Bugfix: graceful shutdown of old worker processes might require
infinite time when using HTTP/2.
- Bugfix: in the ngx_http_mp4_module.
- Bugfix: "ignore long locked inactive cache entry" alerts might
appear in logs when proxying WebSocket connections with caching
enabled.
- Bugfix: nginx did not write anything to log and returned a
response with code 502 instead of 504 when a timeout occurred
during an SSL handshake to a backend.
- changes in 1.11.5
- Change: the --with-ipv6 configure option was removed, now IPv6
support is configured automatically.
- Change: now if there are no available servers in an upstream,
nginx will not reset number of failures of all servers as it
previously did, but will wait for fail_timeout to expire.
- Feature: the ngx_stream_ssl_preread_module.
- Feature: the "server" directive in the "upstream" context
supports the "max_conns" parameter.
- Feature: the --with-compat configure option.
- Feature: "manager_files", "manager_threshold", and
"manager_sleep" parameters of the "proxy_cache_path",
"fastcgi_cache_path", "scgi_cache_path", and "uwsgi_cache_path"
directives.
- Bugfix: flags passed by the --with-ld-opt configure option were
not used while building perl module.
- Bugfix: in the "add_after_body" directive when used with the
"sub_filter" directive.
- Bugfix: in the $realip_remote_addr variable.
- Bugfix: the "dav_access", "proxy_store_access",
"fastcgi_store_access", "scgi_store_access", and
"uwsgi_store_access" directives ignored permissions specified
for user.
- Bugfix: unix domain listen sockets might not be inherited
during binary upgrade on Linux.
- Bugfix: nginx returned the 400 response on requests with the
"-" character in the HTTP method.
- update headers-more-nginx-module 0.32
- tests: skipped the newly added test case that cannot run in
check leak test mode.
- bugfix: more_set_input_headers: skips setting multi-value
headers for bad requests to avoid segfaults.
- skipped check leak mode for two test cases using malformed
requests.
- doc: claims that we work with 1.10.x since it is essentially
the same as 1.9.x.
- bugfix: fixed a typo in an error message.
- bugfix: when the nginx core does not properly initialize
r->headers_in.headers (due to 400 bad requests and etc),
more_set_input_headers might lead to crashes. thanks Marcin
Teodorczyk for the report.
- update nginx-rtmp-module 1.1.10
- support for nginx 1.11.5-style cache-manager
- update patches to apply cleanly again
check_1.9.2+.patch
nginx-1.6.1-default_config.patch