SHA256
1
0
forked from pool/varnish
varnish/varnish.changes

613 lines
26 KiB
Plaintext
Raw Normal View History

Accepting request 1032206 from home:dirkmueller:Factory - update to 7.2.0: * Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``, ``VRT_RemoveVDP()`` and ``VRT_RemoveVFP()`` are deprecated. * Cookie headers generated by vmod_cookie no longer have a spurious trailing semi-colon (``';'``) at the end of the string. This could break VCL relying on the previous incorrect behavior. * The ``SessClose`` and ``BackendClose`` reason ``rx_body``, which previously output ``Failure receiving req.body``, has been rewritten to ``Failure receiving body``. * Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded by the cache process. Unlike VMODs that have the combined lifetime of all the VCLs that reference them, a VEXT has the lifetime of the cache process itself. There are no built-in extensions so far. * The VCC (compilation) process no longer loads VMODs with ``dlopen(3)`` to collect their metadata. * Stevedore initialization via the ``.init()`` callback has been moved to the worker process. * The parameter ``tcp_keepalive_time`` is supported on MacOS. * Duration parameters can optionally take a unit, with the same syntax as duration units in VCL. Example: ``param.set default_grace 1h``. * Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body`` from outside client vcl subs now fail properly instead of triggering an assertion failure (3846_). * New ``"B"`` string for the package branch in ``VCS_String()``. For the 7.2.0 version, it would yield the 7.2 branch. * The Varnish version and branch are available in ``varnishtest`` through the ``${pkg_version}`` and ``${pkg_branch}`` macros. * New ``${topsrc}`` macro in ``varnishtest -i`` mode. * New ``process pNAME -match-text`` command in ``varnishtest`` to expect text matching a regular expression on screen. OBS-URL: https://build.opensuse.org/request/show/1032206 OBS-URL: https://build.opensuse.org/package/show/server:http/varnish?expand=0&rev=117
2022-10-30 21:01:40 +01:00
-------------------------------------------------------------------
Sat Oct 29 13:43:46 UTC 2022 - Dirk Müller <dmueller@suse.com>
- update to 7.2.0:
* Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``, ``VRT_RemoveVDP()`` and
``VRT_RemoveVFP()`` are deprecated.
* Cookie headers generated by vmod_cookie no longer have a
spurious trailing semicolon at the end of the string. This
could break VCL relying on the previous incorrect behavior.
Accepting request 1032206 from home:dirkmueller:Factory - update to 7.2.0: * Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``, ``VRT_RemoveVDP()`` and ``VRT_RemoveVFP()`` are deprecated. * Cookie headers generated by vmod_cookie no longer have a spurious trailing semi-colon (``';'``) at the end of the string. This could break VCL relying on the previous incorrect behavior. * The ``SessClose`` and ``BackendClose`` reason ``rx_body``, which previously output ``Failure receiving req.body``, has been rewritten to ``Failure receiving body``. * Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded by the cache process. Unlike VMODs that have the combined lifetime of all the VCLs that reference them, a VEXT has the lifetime of the cache process itself. There are no built-in extensions so far. * The VCC (compilation) process no longer loads VMODs with ``dlopen(3)`` to collect their metadata. * Stevedore initialization via the ``.init()`` callback has been moved to the worker process. * The parameter ``tcp_keepalive_time`` is supported on MacOS. * Duration parameters can optionally take a unit, with the same syntax as duration units in VCL. Example: ``param.set default_grace 1h``. * Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body`` from outside client vcl subs now fail properly instead of triggering an assertion failure (3846_). * New ``"B"`` string for the package branch in ``VCS_String()``. For the 7.2.0 version, it would yield the 7.2 branch. * The Varnish version and branch are available in ``varnishtest`` through the ``${pkg_version}`` and ``${pkg_branch}`` macros. * New ``${topsrc}`` macro in ``varnishtest -i`` mode. * New ``process pNAME -match-text`` command in ``varnishtest`` to expect text matching a regular expression on screen. OBS-URL: https://build.opensuse.org/request/show/1032206 OBS-URL: https://build.opensuse.org/package/show/server:http/varnish?expand=0&rev=117
2022-10-30 21:01:40 +01:00
* The ``SessClose`` and ``BackendClose`` reason ``rx_body``, which
previously output ``Failure receiving req.body``, has been rewritten
to ``Failure receiving body``.
* Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded
by the cache process. Unlike VMODs that have the combined lifetime of all
the VCLs that reference them, a VEXT has the lifetime of the cache process
itself. There are no built-in extensions so far.
* Duration parameters can optionally take a unit, with the same syntax as
duration units in VCL.
Accepting request 1032206 from home:dirkmueller:Factory - update to 7.2.0: * Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``, ``VRT_RemoveVDP()`` and ``VRT_RemoveVFP()`` are deprecated. * Cookie headers generated by vmod_cookie no longer have a spurious trailing semi-colon (``';'``) at the end of the string. This could break VCL relying on the previous incorrect behavior. * The ``SessClose`` and ``BackendClose`` reason ``rx_body``, which previously output ``Failure receiving req.body``, has been rewritten to ``Failure receiving body``. * Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded by the cache process. Unlike VMODs that have the combined lifetime of all the VCLs that reference them, a VEXT has the lifetime of the cache process itself. There are no built-in extensions so far. * The VCC (compilation) process no longer loads VMODs with ``dlopen(3)`` to collect their metadata. * Stevedore initialization via the ``.init()`` callback has been moved to the worker process. * The parameter ``tcp_keepalive_time`` is supported on MacOS. * Duration parameters can optionally take a unit, with the same syntax as duration units in VCL. Example: ``param.set default_grace 1h``. * Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body`` from outside client vcl subs now fail properly instead of triggering an assertion failure (3846_). * New ``"B"`` string for the package branch in ``VCS_String()``. For the 7.2.0 version, it would yield the 7.2 branch. * The Varnish version and branch are available in ``varnishtest`` through the ``${pkg_version}`` and ``${pkg_branch}`` macros. * New ``${topsrc}`` macro in ``varnishtest -i`` mode. * New ``process pNAME -match-text`` command in ``varnishtest`` to expect text matching a regular expression on screen. OBS-URL: https://build.opensuse.org/request/show/1032206 OBS-URL: https://build.opensuse.org/package/show/server:http/varnish?expand=0&rev=117
2022-10-30 21:01:40 +01:00
* Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body`` from outside
client vcl subs now fail properly instead of triggering an
assertion failure.
* New "B" string for the package branch in ``VCS_String()``. For the 7.2.0
Accepting request 1032206 from home:dirkmueller:Factory - update to 7.2.0: * Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``, ``VRT_RemoveVDP()`` and ``VRT_RemoveVFP()`` are deprecated. * Cookie headers generated by vmod_cookie no longer have a spurious trailing semi-colon (``';'``) at the end of the string. This could break VCL relying on the previous incorrect behavior. * The ``SessClose`` and ``BackendClose`` reason ``rx_body``, which previously output ``Failure receiving req.body``, has been rewritten to ``Failure receiving body``. * Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded by the cache process. Unlike VMODs that have the combined lifetime of all the VCLs that reference them, a VEXT has the lifetime of the cache process itself. There are no built-in extensions so far. * The VCC (compilation) process no longer loads VMODs with ``dlopen(3)`` to collect their metadata. * Stevedore initialization via the ``.init()`` callback has been moved to the worker process. * The parameter ``tcp_keepalive_time`` is supported on MacOS. * Duration parameters can optionally take a unit, with the same syntax as duration units in VCL. Example: ``param.set default_grace 1h``. * Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body`` from outside client vcl subs now fail properly instead of triggering an assertion failure (3846_). * New ``"B"`` string for the package branch in ``VCS_String()``. For the 7.2.0 version, it would yield the 7.2 branch. * The Varnish version and branch are available in ``varnishtest`` through the ``${pkg_version}`` and ``${pkg_branch}`` macros. * New ``${topsrc}`` macro in ``varnishtest -i`` mode. * New ``process pNAME -match-text`` command in ``varnishtest`` to expect text matching a regular expression on screen. OBS-URL: https://build.opensuse.org/request/show/1032206 OBS-URL: https://build.opensuse.org/package/show/server:http/varnish?expand=0&rev=117
2022-10-30 21:01:40 +01:00
version, it would yield the 7.2 branch.
* The new ``vcc_feature`` bits parameter replaces previous ``vcc_*`` boolean
parameters. The latter still exist as deprecated aliases.
* The ``-k`` option from ``varnishlog`` is now supported by ``varnishncsa``.
* New functions ``std.now()`` and ``std.timed_call()`` in vmod_std.
* New ``MAIN.shm_bytes`` counter.
* A ``req.http.via`` header is set before entering ``vcl_recv``. Via headers
are generated using the ``server.identity`` value. It defaults to the host
name and can be turned into a pseudonym with the ``varnishd -i`` option.
Via headers are appended in both directions, to work with other hops that
may advertise themselves.
* A ``resp.http.via`` header is no longer overwritten by varnish, but
rather appended to.
* The ``server.identity`` syntax is now limited to a "token" as defined in
the HTTP grammar to be suitable for Via headers.
* In ``varnishtest`` a Varnish instance will use its VTC instance name as its
instance name (``varnishd -i``) by default for predictable Via headers in
test cases.
* VMOD and VEXT authors can use functions from ``vnum.h``.
* Do not filter pseudo-headers as regular headers (VSV00009_ / 3830_).
* The termination rules for ``WRK_BgThread()`` were relaxed to allow VMODs to
use it.
* ``(struct worker).handling`` has been moved to the newly introduced
``struct wrk_vpi`` and replaced by a pointer to it, as well as
``(struct vrt_ctx).handling`` has been replaced by that pointer.
``struct wrk_vpi`` is for state at the interface between VRT and VGC
and, in particular, is not const as ``struct vrt_ctx`` aka
``VRT_CTX``.
* Panics now contain information about VCL source files and lines.
* The ``Begin`` log record has a 4th field for subtasks like ESI sub-requests.
* The ``-E`` option for log utilities now works as documented, with any type
of sub-task based on the ``Begin[4]`` field. This covers ESI like before,
and sub-tasks spawned by VMODs (provided that they log the new field).
* No more ``req.http.transfer-encoding`` for ESI sub-requests.
* The thread pool reserve is now limited to tasks that can be queued. A
backend background fetch is no longer eligible for queueing. It would
otherwise slow a grace hit down significantly when thread pools are
saturated.
* The unused ``fetch_no_thread`` counter was renamed to ``bgfetch_no_thread``
because regular backend fetch tasks are always scheduled.
* The macros ``FEATURE()``, ``EXPERIMENT()``, ``DO_DEBUG()``,
``MGT_FEATURE()``, ``MGT_EXPERIMENT()``, ``MGT_DO_DEBUG()`` and
``MGT_VCC_FEATURE()`` now return a boolean value (``0`` or ``1``)
instead of the (private) flag value.
* A regression in the transport code led MAIN.client_req to be incremented
for requests coming back from the waiting list, it was fixed.
Accepting request 1032206 from home:dirkmueller:Factory - update to 7.2.0: * Functions ``VRT_AddVDP()``, ``VRT_AddVFP()``, ``VRT_RemoveVDP()`` and ``VRT_RemoveVFP()`` are deprecated. * Cookie headers generated by vmod_cookie no longer have a spurious trailing semi-colon (``';'``) at the end of the string. This could break VCL relying on the previous incorrect behavior. * The ``SessClose`` and ``BackendClose`` reason ``rx_body``, which previously output ``Failure receiving req.body``, has been rewritten to ``Failure receiving body``. * Prototypical Varnish Extensions (VEXT). Similar to VMODs, a VEXT is loaded by the cache process. Unlike VMODs that have the combined lifetime of all the VCLs that reference them, a VEXT has the lifetime of the cache process itself. There are no built-in extensions so far. * The VCC (compilation) process no longer loads VMODs with ``dlopen(3)`` to collect their metadata. * Stevedore initialization via the ``.init()`` callback has been moved to the worker process. * The parameter ``tcp_keepalive_time`` is supported on MacOS. * Duration parameters can optionally take a unit, with the same syntax as duration units in VCL. Example: ``param.set default_grace 1h``. * Calls to ``VRT_CacheReqBody()`` and ``std.cache_req_body`` from outside client vcl subs now fail properly instead of triggering an assertion failure (3846_). * New ``"B"`` string for the package branch in ``VCS_String()``. For the 7.2.0 version, it would yield the 7.2 branch. * The Varnish version and branch are available in ``varnishtest`` through the ``${pkg_version}`` and ``${pkg_branch}`` macros. * New ``${topsrc}`` macro in ``varnishtest -i`` mode. * New ``process pNAME -match-text`` command in ``varnishtest`` to expect text matching a regular expression on screen. OBS-URL: https://build.opensuse.org/request/show/1032206 OBS-URL: https://build.opensuse.org/package/show/server:http/varnish?expand=0&rev=117
2022-10-30 21:01:40 +01:00
-------------------------------------------------------------------
Wed Sep 21 08:10:13 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com>
- Make reload fail nicely on vcl syntax error
- Set TasksMax=16384 because default thread_pool_max is 5000
-------------------------------------------------------------------
Mon Sep 19 02:44:04 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com>
- Fix varnish.service stop
-------------------------------------------------------------------
Sun Sep 18 03:26:45 UTC 2022 - Bernhard Wiedemann <bwiedemann@suse.com>
- Fix logrotate
- Add service reload
-------------------------------------------------------------------
Fri Aug 12 10:32:58 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Update to release 7.1.1 [boo#1202350] [CVE-2022-38150]
* Resolve a denial of service attack involving reason phrases.
-------------------------------------------------------------------
Mon May 16 20:10:21 UTC 2022 - Jan Engelhardt <jengelh@inai.de>
- Update to release 7.1.0 [boo#1195188] [CVE-2022-23959]
* VCL: It is now possible to assign a BLOB value to a BODY
variable, in addition to STRING as before.
* VMOD: New STRING strftime(TIME time, STRING format) function
for UTC formatting.
-------------------------------------------------------------------
Wed Dec 1 10:27:19 UTC 2021 - Johannes Segitz <jsegitz@suse.com>
- Added hardening to systemd service(s) (bsc#1181400). Modified:
* varnish.service
* varnishlog.service
-------------------------------------------------------------------
Fri Aug 6 10:02:27 UTC 2021 - Jan Engelhardt <jengelh@inai.de>
- Update to release 6.6.1
* Fix an HTTP/2.0 request smuggling vulnerability. [bnc#1188470]
-------------------------------------------------------------------
Sun Jul 4 20:13:29 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 6.6.0:
* The ban_cutoff parameter now refers to the overall length of
the ban list, including completed bans, where before only
non-completed (“active”) bans were counted towards ban_cutoff.
* Body bytes accounting has been fixed to always represent the
number of body bytes moved on the wire, exclusive of
protocol-specific overhead like HTTP/1 chunked encoding or
HTTP/2 framing.
* The connection close reason has been fixed to properly report
SC_RESP_CLOSE where previously only SC_REQ_CLOSE was reported.
* Unless the new validate_headers feature is disabled, all newly
set headers are now validated to contain only characters
allowed by RFC7230.
* The filter_re, keep_re and get_re functions from the bundled
cookie vmod have been changed to take the VCL_REGEX type. This
implies that their regular expression arguments now need to be
literal, not e.g. string.
* The interface for private pointers in VMODs has been changed,
the VRT backend interface has been changed, many filter
(VDP/VFP) related signatures have been changed, and the
stevedore API has been changed. (Details thereto, see online
changelog.)
-------------------------------------------------------------------
Fri Oct 2 12:27:56 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Update to release 6.5.1
* Bump the VRT_MAJOR_VERSION number defined in the vrt.h
-------------------------------------------------------------------
Thu Sep 17 08:34:30 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Update to release 6.5.0
* `PRIV_TOP` is now thread-safe to support parallel ESI
implementations.
* varnishstat's JSON output format (-j option) has been changed.
* Behavior for 304-type responses was changed not to update the
Content-Encoding response header of the stored object.
-------------------------------------------------------------------
Tue Jun 23 07:35:15 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Disable LTO, this randomly fails during link stage.
-------------------------------------------------------------------
Tue Jun 9 19:33:32 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Update Git-Web repository link
- Set CFLAGS+=-fcommon.
-------------------------------------------------------------------
Tue Mar 17 12:59:44 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Update to release 6.4.0
* The MAIN.sess_drop counter is gone.
* backend "none" was added for "no backend".
* The hash algorithm of the hash director was changed, so
backend selection will change once only when upgrading.
* It is now possible for VMOD authors to customize the
connection pooling of a dynamic backend.
* For more, see changes.rst.
-------------------------------------------------------------------
Tue Feb 25 08:39:21 UTC 2020 - Jan Engelhardt <jengelh@inai.de>
- Update to release 6.3.2
* Fix a denial of service vulnerability when using the proxy
protocol version 2.
-------------------------------------------------------------------
Tue Sep 17 11:23:27 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update to release 6.3.0
* The Host: header is folded to lower-case in the builtin_vcl.
* Improved performance of shared memory statistics counters.
* Synthetic objects created from vcl_backend_error {} now
replace existing stale objects as ordinary backend fetches
would (for details see changes.rst)
-------------------------------------------------------------------
Wed Sep 4 10:27:37 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Update to release 6.2.1
* Bugfix for CVE-2019-15892 [boo#1149382]
-------------------------------------------------------------------
Mon Aug 26 10:52:05 UTC 2019 - Jan Engelhardt <jengelh@inai.de>
- Add uninit.patch.
-------------------------------------------------------------------
Wed Mar 27 10:01:08 UTC 2019 - Samu Voutilainen <smar@smar.fi>
- Updated to 6.2.0
* Added a thread pool watchdog which will restart the worker
process if scheduling tasks onto worker threads appears
stuck. The new parameter "thread_pool_watchdog" configures
it.
- Disabled error for clobbering, which caused bogus
error in varnishtest
-------------------------------------------------------------------
Wed May 2 06:47:32 UTC 2018 - jengelh@inai.de
- Put %fillup back into %post
-------------------------------------------------------------------
Mon Mar 19 22:22:35 UTC 2018 - jengelh@inai.de
- Update to new upstream release 6.0.0
* Added support for Unix Domain Sockets, both for clients and
for backend servers. This brings a new level of the VCL
language, version 4.1.
* Always use HTTP/1.1 on backend connections for pass fetch.
-------------------------------------------------------------------
Thu Nov 23 13:50:41 UTC 2017 - rbrown@suse.com
- Replace references to /var/adm/fillup-templates with new
%_fillupdir macro (boo#1069468)
-------------------------------------------------------------------
Fri Jun 23 19:42:07 UTC 2017 - antoine.belvire@opensuse.org
- Update to version 5.1.2:
* Fix an endless loop in Backend Polling (#2295)
* Fix a Chunked bug in tight workspaces (#2207, #2275)
* Fix a bug relating to req.body when on waitinglist (#2266)
* Handle EPIPE on broken TCP connections (#2267)
* Work around the x86 arch's turbo-double FP format in parameter
setup code. (#1875)
* Fix race related to backend probe with proxy header (#2278)
* Keep VCL temperature consistent between mgt/worker also when
worker protests.
* A lot of HTTP/2 fixes.
- Changes introduced by version 5.1.1:
* Fix bug introduced by stubborn old bugger right before release
5.1.0 was cut.
- Changes introduced by version 5.1.0:
* Added varnishd command-line options -I, -x and -?, and
tightened restrictions on permitted combinations of options.
* More progress on support for HTTP/2.
* Add ``return(fail)`` to almost all VCL subroutines.
* Restored the old hit-for-pass, invoked with
``return(pass(DURATION))`` from
``vcl_backend_response``. hit-for-miss remains the default.
Added the cache_hitmiss stat, and cache_hitpass only counts the
new/old hit-for-pass cases. Restored HitPass to the Varnish
log, and added HitMiss. Added the HFP prefix to TTL log entries
to log a hit-for-pass duration.
* Rolled back the fix for #1206. Client delivery decides solely
whether to send a 304 client response, based on client request
and response headers.
* Added vtest.sh.
* Added vxid as a lefthand side for VSL queries.
* Added the setenv and write_body commands for Varnish test cases
(VTCs). err_shell is deprecated. Also added the operators
-cliexpect, -match and -hdrlen, and -reason replaces -msg.
Added the ${bad_backend} macro.
* varnishtest can be stopped with the TERM, INT and KILL signals,
but not with HUP.
* The fallback director has now an extra, optional parameter to
keep using the current backend until it falls sick.
* VMOD shared libraries are now copied to the workdir, to avoid
problems when VMODs are updated via packaging systems.
* Bump the VRT version to 6.0.
* Export more symbols from libvarnishapi.so.
* The size of the VSL log is limited to 4G-1b, placing upper
bounds on the -l option and the vsl_space and vsm_space
parameters.
* Added parameters clock_step, thread_pool_reserve and
ban_cutoff.
* Parameters vcl_dir and vmod_dir are deprecated, use vcl_path
and vmod_path instead.
* All parameters are defined, even on platforms that don't
support them. An unsupported parameter is documented as such in
param.show. Setting such a parameter is not an error, but has
no effect.
* Clarified the interpretations of the + and - operators in VCL
with operands of the various data types.
* DURATION types may be used in boolean contexts.
* INT, DURATION and REAL values can now be negative.
* Response codes 1000 or greater may now be set in VCL
internally. resp.status is delivered modulo 1000 in client
responses.
* IP addresses can be compared for equality in VCL.
* Introduce the STEVEDORE data type, and the objects
storage.SNAME in VCL. Added req.storage and beresp.storage;
beresp.storage_hint is deprecated.
* Retired the umem stevedore.
* req.ttl is deprecated.
* Added std.getenv() and std.late_100_continue().
* The fetch_failed stat is incremented for any kind of fetch
failure.
* Added the stats n_test_gunzip and
bans_lurker_obj_killed_cutoff.
* Clarified the meanings of the %r, %{X}i and %{X}o formatters in
varnishncsa.
- Add varnish-5.1.2-add-fallthrough-comments.patch to fix build
with GCC 7 (boo#1041259).
-------------------------------------------------------------------
Tue May 16 20:14:01 UTC 2017 - dimstar@opensuse.org
- BuildRequire python3-docutils instead of python-docutils.
-------------------------------------------------------------------
Sun Sep 25 13:44:37 UTC 2016 - jengelh@inai.de
- Update to new upstream release 5.0.0
- The varnishd "-u NNN" option, which may be remaining in
/etc/sysconfig/varnish, has been replaced with "-j unix,user=NNN".
* Varnish 5.0 changes some (mostly) internal APIs and adds some
major new features over Varnish 4.1.
* 5.0 supports jumping from the active VCL's vcl_recv{} to another
VCL via a VCL label.
* Very Experimental HTTP/2 support
* We have added to the "directors" VMOD — an overhauled version of
a director which was available as an out-of-tree VMOD under the
name VSLP for a couple of years. It is basically a better hash
director which uses consistent hashing to provide improved
stability of backend node selection when the configuration and/or
health state of backends changes.
* Hit-For-Pass is now actually Hit-For-Miss
* We have made the ban lurker even more efficient by example of
some real live situations with tens of thousands of bans using
inefficient regular expressions.
* The waitinglist logic for ESI subrequests now uses condition
variables to trigger immediate continuation of ESI processing
when an object being waited for becomes available.
* Backend PROXY protocol requests are now supported through the
.proxy_header attribute of the backend definition.
* VCL files are now also being searched for in
/usr/share/varnish/vcl if not found in /etc/varnish.
* The basic device detection vcl is now bundled with varnish.
-------------------------------------------------------------------
Thu Aug 18 07:08:52 UTC 2016 - dimstar@opensuse.org
- Add "-ffloat-store -fexcess-precision=standard" to CFLAGS when
building for ix86, working around bug gcc#323. See also
gh#varnish/Varnish-Cache#88.
-------------------------------------------------------------------
Fri Apr 22 14:15:43 UTC 2016 - jengelh@inai.de
- Update to new upstream release 4.1.2
* vmods: Passing VCL ACL to a vmod is now possible.
* vmods: VRT_MINOR_VERSION increase due to new function:
VRT_acl_match()
* Be stricter when parsing a HTTP request to avoid potential HTTP
smuggling attacks against vulnerable backends.
-------------------------------------------------------------------
Tue Mar 8 08:47:30 UTC 2016 - jengelh@inai.de
- Report testsuite failure to build log and make testsuite nonfatal
as there seems to be one swaying test, tests/r01478.vtc.
-------------------------------------------------------------------
Tue Feb 16 12:52:51 UTC 2016 - eshmarnev@suse.com
- disable silent rules in spec file.
- enable testsuite for varnish.
-------------------------------------------------------------------
Tue Feb 16 12:16:47 UTC 2016 - eshmarnev@suse.com
- Update to new upstream release 4.1.1
* Improved security features (jails).
* Support for PROXY protocol.
* Warm and cold VCL states.
* Backends defined through VMODs.
* A lot of bugs were fixed.
- Delete 0001-Fail-fetch-on-malformed-Content-Length-header.patch,
this issue was fixed in upstream.
- Add 'su varnish varnish' line to varnish.logrotate file.
- Cleanup with spec-cleaner.
-------------------------------------------------------------------
Fri Mar 27 10:34:15 UTC 2015 - jengelh@inai.de
- Update to new upstream release 4.0.3
* Full support for streaming objects through from the backend on a
cache miss. Bytes will be sent to 1..n requesting clients as they
come in from the backend server.
* Background (re)fetch of expired objects. On a cache miss where a
stale copy is available, serve the client the stale copy while
fetching an updated copy from the backend in the background.
* New varnishlog query language, allowing automatic grouping of
requests when debugging ESI or a failed backend request.
* Comprehensive request timestamp and byte counters.
- Add 0001-Fail-fetch-on-malformed-Content-Length-header.patch
[bnc#921316]
-------------------------------------------------------------------
Fri Jan 3 10:57:19 UTC 2014 - danimo@owncloud.com
- Updated to 3.0.5, contains fix for CVE-2013-4484
* A bad interaction between -b, -c and -m in the varnishlog tool
has been fixed.
* A malformed request could in some configurations lead to Varnish
crashing has been corrected. (CVE-2013-4484)
* Duplicate Content-Length headers were in some cases sent to
clients when streaming is enabled, this has been fixed.
* ESI parse errors are no longer printed to standard output.
* Stop segfaulting if the first part of a synthetic page is NULL.
- Remove 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch
and varnish-disable-pcrejit.diff (merged upstream)
-------------------------------------------------------------------
Fri Nov 1 18:52:49 UTC 2013 - jengelh@inai.de
- Add 0001-Make-up-our-mind-Any-req.-we-receive-from-the-client.patch
(CVE-2013-4484, bnc#48451)
-------------------------------------------------------------------
Fri Oct 4 21:48:01 UTC 2013 - jengelh@inai.de
- Deactivate libpcre JIT (bnc#839358), add varnish-disable-pcrejit.diff
-------------------------------------------------------------------
Sun Sep 23 21:30:35 UTC 2012 - nmo.marques@gmail.com
- Update to version 3.0.3
* Fixed excessive session workspace allocations.
* Fixed some crashes in the case of out of memory
* Fixed an infinite loop in the regex parser.
* DNS director now uses port 80 by default if not specified.
* Introduce idle_send_timeout and increase default value for
send_timeout to 600s. This allows a long send timeout for slow
clients while still being able to disconnect idle clients.
* Fixed a crash when passing with streaming on.
* Fixed a crash in the idle session timeout code.
* Fixed an issue where the poll waiter did not timeout clients if
all clients were idle.
* Log regex errors instead of crashing.
* Introduce pcre_match_limit, and pcre_match_limit_recursion
parameters.
* Add CLI commands to manually control health state of a
backend.
-------------------------------------------------------------------
Wed Feb 8 23:26:10 UTC 2012 - jengelh@medozas.de
- Update to new upstream release 3.0.2
* Add support for ESI and gzip
* Handle objects larger than 2G
* HTTP Range support is now enabled by default
* "307 Temporary redirect" is now considered cacheable
* see ChangeLog (packaged) or
http://varnish-cache.org/trac/browser/doc/changes.rst
for details
- Note that the -s file,/var/cache/varnish,524288 argument (check
/etc/sysconfig/varnish) needs at least "1M" instead of 524288
or the daemon will not start anymore.
- Add systemd unit files
-------------------------------------------------------------------
Thu Dec 8 13:51:14 UTC 2011 - coolo@suse.com
- fix license to be in spdx.org format
-------------------------------------------------------------------
Tue May 10 14:01:13 UTC 2011 - crrodriguez@opensuse.org
- Varnish Requires a C compiler, the vcl scripts are compiled
and loaded as DSO.
-------------------------------------------------------------------
Sat Apr 16 17:26:10 UTC 2011 - crrodriguez@opensuse.org
- remove configure option --enable-debugging-symbols
it overrides buildsystem optimization levels.
-------------------------------------------------------------------
Sat Apr 16 17:12:11 UTC 2011 - crrodriguez@opensuse.org
- Update to version 2.1.5
* Two bugs relating to Content-Length and possible duplication
of Content-Length headers have been resolved.
* Fixed an issue with re-using connections after Chunked-Encoding.
* Use the time of cache-insertion for "If-Modified-Since" requests
if a "Last-Modified" header isn't provided by the backend.
* Merge multi-line Vary and Cache-Control headers from clients,
which Google Chromium seem to split up.
-------------------------------------------------------------------
Fri Apr 15 22:36:02 UTC 2011 - mrueckert@suse.de
- use pkgconfig instead of pkg-config on SLES 9
-------------------------------------------------------------------
Sun Apr 3 23:38:24 UTC 2011 - jengelh@medozas.de
- Fix security-problematic ownership of /etc/varnish files
(bnc#678811)
- Run spec-beautifier over it
- Replace default shipped vcl.conf by something working
- Run as varnish user
- Start varnishlog together with varnishd
- Properly use PID files in init script
-------------------------------------------------------------------
Sat Oct 9 04:31:06 UTC 2010 - jengelh@medozas.de
- Create and package /var/log/varnish
-------------------------------------------------------------------
Thu Aug 5 22:11:24 UTC 2010 - jengelh@medozas.de
- Update to new upstream release: 2.1.3
* fixed an off-by-one error in the ESI handling causing includes to
fail a large part of the time.
* Avoid triggering an assert if the other end closes the connection
while we are lingering and waiting for another request from them.
* Make it possible to specify the per-thread stack size. This might
be useful on 32 bit systems with their limited address space.
* Persistent storage is now experimentally supported using the
persistent stevedore. It has the same command line arguments as
the file stevedore.
* The regular expression engine is now PCRE instead of POSIX
regular expressions.
* Add a new hashing method called critbit. This autoscales and
should work better on large object workloads than the classic
hash. Critbit has been made the default hash algorithm.
* Add support for authenticating CLI connections.
* Add hash director that chooses which backend to use depending on
req.hash.
* Add client director that chooses which backend to use depending
on the client's IP address. Note that this ignores the
X-Forwarded-For header.
* Add a timestamp to bans, so you can know how old they are.
* Varnish can now connect its CLI to a remote instance when
starting up, rather than just being connected to.
* It is no longer needed to specify the maximum number of HTTP
headers to allow from backends. This is now a run-time parameter.
* HEAD requests would be converted to GET requests too early, which
affected pass and pipe. This has been fixed.
* Add experimental support for the Range header. This has to be
enabled using the parameter http_range_support.
- Add PreReqs for %post
- Run %setup quietly
- Remove unneeded .la files from installation - libraries are in
a standard directory already
- Avoid use of bash-specific &>/dev/null during %post
- Refine file lists
- Remove old changelog from .spec - changelog is in .changes
-------------------------------------------------------------------
Tue Dec 15 15:03.01 CEST 2009 - jg@internetx.de
- update 2.0.5
-------------------------------------------------------------------
Fri Apr 3 13:48:01 CEST 2009 - mrueckert@suse.de
- update to 2.0.4
-------------------------------------------------------------------
Tue Mar 10 17:47:23 CET 2009 - mrueckert@suse.de
- update to 2.0.3
-------------------------------------------------------------------
Wed Jul 25 22:16:29 CEST 2007 - mrueckert@suse.de
- updated to 1.1
-------------------------------------------------------------------
Tue Feb 20 18:28:29 CET 2007 - mrueckert@suse.de
- update to version 1.0.3
Consistency issues with statistics and backend parameters were
fixed. Parsing of -w command-line options was fixed. A
short-lived DNS cache was added to avoid thrashing DNS servers
when the backend fails.
-------------------------------------------------------------------
Sat Dec 2 17:14:16 CET 2006 - mrueckert@suse.de
- fixing build on sles9
- added files from the official rh4 rpm:
o init scripts for non suse distros
o the default configs for all distros
- added init/sysconfig script for suse.
- we create a user now. Remaining TODO item: how to run varnish as
non root user on port 80?
-------------------------------------------------------------------
Sun Nov 19 03:37:50 CET 2006 - mrueckert@suse.de
- update to 1.0.2