------------------------------------------------------------------- Thu Oct 11 14:53:37 UTC 2012 - suse@ammler.ch - remove version from package name - update to 1.2.4 *) Bugfix: in the "limit_req" directive; the bug had appeared in 1.1.14. Thanks to Charles Chen. *) Bugfix: nginx could not be built by gcc 4.7 with -O2 optimization if the --with-ipv6 option was used. *) Bugfix: a segmentation fault might occur in a worker process if the "map" directive was used with variables as values. *) Bugfix: a segmentation fault might occur in a worker process if the "geo" directive was used with the "ranges" parameter but without the "default" parameter; the bug had appeared in 0.8.43. Thanks to Zhen Chen and Weibin Yao. *) Bugfix: in the -p command-line parameter handling. *) Bugfix: in the mail proxy server. *) Bugfix: of minor potential bugs. Thanks to Coverity. - Changes with nginx 1.2.3 *) Feature: the Clang compiler support. *) Bugfix: extra listening sockets might be created. Thanks to Roman Odaisky. *) Bugfix: the "proxy_pass_header", "fastcgi_pass_header", "scgi_pass_header", "uwsgi_pass_header", "proxy_hide_header", "fastcgi_hide_header", "scgi_hide_header", and "uwsgi_hide_header" directives might be inherited incorrectly. *) Bugfix: trailing dot in a source value was not ignored if the "map" directive was used with the "hostnames" parameter. *) Bugfix: incorrect location might be used to process a request if a URI was changed via a "rewrite" directive before an internal redirect to a named location. - update patch perl_vendor_install ------------------------------------------------------------------- Sat Jul 21 02:41:34 UTC 2012 - crrodriguez@opensuse.org - Update to version 1,2,2 - Enable only the epoll event model. ------------------------------------------------------------------- Fri Jun 8 17:57:35 UTC 2012 - crrodriguez@opensuse.org - Update to version 1.2.1; list too long to mention here see http://nginx.org/en/CHANGES-1.2. - Add systemd support. ------------------------------------------------------------------- Tue Jun 5 07:33:42 UTC 2012 - lslezak@suse.cz - added "BuildRequires: ruby" (needed for %rb_ver macro expansion), fixes build at Factory ------------------------------------------------------------------- Mon Apr 16 08:42:51 UTC 2012 - schubi@suse.com - Update to version 1.0.15 Changes with nginx 1.0.15 12 Apr 2012 *) Security: specially crafted mp4 file might allow to overwrite memory locations in a worker process if the ngx_http_mp4_module was used, potentially resulting in arbitrary code execution (CVE-2012-2089). Thanks to Matthew Daley. *) Bugfix: in the ngx_http_mp4_module. ------------------------------------------------------------------- Fri Mar 16 14:16:44 UTC 2012 - schubi@suse.com - Update to Version 1.0.14 Changes with nginx 1.0.14 15 Mar 2012 *) Security: content of previously freed memory might be sent to a client if backend returned specially crafted response. Thanks to Matthew Daley. ------------------------------------------------------------------- Tue Mar 13 09:49:05 UTC 2012 - schubi@suse.com - Update to Version 1.0.13 Changes with nginx 1.0.13 05 Mar 2012 *) Feature: the "return" and "error_page" directives can now be used to return 307 redirections. *) Bugfix: a segmentation fault might occur in a worker process if the "resolver" directive was used and there was no "error_log" directive specified at global level. Thanks to Roman Arutyunyan. *) Bugfix: memory leaks. Thanks to Lanshun Zhou. *) Bugfix: nginx might log incorrect error "upstream prematurely closed connection" instead of correct "upstream sent too big header" one. Thanks to Feibo Li. *) Bugfix: on ZFS filesystem disk cache size might be calculated incorrectly; the bug had appeared in 1.0.1. *) Bugfix: the number of internal redirects to named locations was not limited. *) Bugfix: temporary files might be not removed if the "proxy_store" directive was used with SSI includes. *) Bugfix: in some cases non-cacheable variables (such as the $args variable) returned old empty cached value. *) Bugfix: the "proxy_redirect" directives might be inherited incorrectly. *) Bugfix: nginx could not be built with the ngx_http_perl_module if the --with-openssl option was used. *) Bugfix: nginx could not be built by the icc 12.1 compiler. Changes with nginx 1.0.12 06 Feb 2012 *) Feature: the "TLSv1.1" and "TLSv1.2" parameters of the "ssl_protocols" directive. *) Feature: the "if" SSI command supports captures in regular expressions. *) Bugfix: the "if" SSI command did not work inside the "block" command. *) Bugfix: in AIO error handling on FreeBSD. *) Bugfix: in the OpenSSL library initialization. *) Bugfix: the "worker_cpu_affinity" directive might not work. *) Bugfix: the "limit_conn_log_level" and "limit_req_log_level" directives might not work. *) Bugfix: the "read_ahead" directive might not work combined with "try_files" and "open_file_cache". *) Bugfix: the "proxy_cache_use_stale" directive with "error" parameter did not return answer from cache if there were no live upstreams. *) Bugfix: a segmentation fault might occur in a worker process if small time was used in the "inactive" parameter of the "proxy_cache_path" directive. *) Bugfix: responses from cache might hang. *) Bugfix: in error handling while connecting to a backend. Thanks to Piotr Sikora. *) Bugfix: in the "epoll" event method. Thanks to Yichun Zhang. *) Bugfix: the $sent_http_cache_control variable might contain a wrong value if the "expires" directive was used. Thanks to Yichun Zhang. *) Bugfix: the "limit_rate" directive did not allow to use full throughput, even if limit value was very high. *) Bugfix: the "sendfile_max_chunk" directive did not work, if the "limit_rate" directive was used. *) Bugfix: nginx could not be built on Solaris; the bug had appeared in 1.0.11. *) Bugfix: in the ngx_http_scgi_module. *) Bugfix: in the ngx_http_mp4_module. Changes with nginx 1.0.11 15 Dec 2011 *) Change: now double quotes are encoded in an "echo" SSI-command output. Thanks to Zaur Abasmirzoev. *) Feature: the "image_filter_sharpen" directive. *) Bugfix: a segmentation fault might occur in a worker process if SNI was used; the bug had appeared in 1.0.9. *) Bugfix: SIGWINCH signal did not work after first binary upgrade; the bug had appeared in 1.0.9. *) Bugfix: the "If-Modified-Since", "If-Range", etc. client request header lines might be passed to backend while caching; or not passed without caching if caching was enabled in another part of the configuration. *) Bugfix: in the "scgi_param" directive, if complex parameters were used. *) Bugfix: "add_header" and "expires" directives did not work if a request was proxied and response status code was 206. *) Bugfix: in the "expires @time" directive. *) Bugfix: in the ngx_http_flv_module. Thanks to Piotr Sikora. *) Bugfix: in the ngx_http_mp4_module. *) Bugfix: nginx could not be built on FreeBSD 10. *) Bugfix: nginx could not be built on AIX. ------------------------------------------------------------------- Fri Dec 2 14:48:35 UTC 2011 - schubi@suse.com - 1.0.10 includes a fix for: Fixed VUL-0: CVE-2011-4315: nginx: heap overflow (bnc #731084) ------------------------------------------------------------------- Fri Nov 18 12:56:55 UTC 2011 - schubi@suse.com - Uppstream update to 1.0.10 Changes with nginx 1.0.10 *) Bugfix: a segmentation fault might occur in a worker process if resolver got a big DNS response. Thanks to Ben Hawkes. *) Bugfix: in cache key calculation if internal MD5 implementation was used; the bug had appeared in 1.0.4. *) Bugfix: the module ngx_http_mp4_module sent incorrect "Content-Length" response header line if the "start" argument was used. Thanks to Piotr Sikora. Changes with nginx 1.0.9 *) Change: now the 0x7F-0x1F characters are escaped as \xXX in an access_log. *) Change: now SIGWINCH signal works only in daemon mode. *) Feature: "proxy/fastcgi/scgi/uwsgi_ignore_headers" directives support the following additional values: X-Accel-Limit-Rate, X-Accel-Buffering, X-Accel-Charset. *) Feature: decrease of memory consumption if SSL is used. *) Feature: accept filters are now supported on NetBSD. *) Feature: the "uwsgi_buffering" and "scgi_buffering" directives. Thanks to Peter Smit. *) Bugfix: a segmentation fault occurred on start or while reconfiguration if the "ssl" directive was used at http level and there was no "ssl_certificate" defined. *) Bugfix: some UTF-8 characters were processed incorrectly. Thanks to Alexey Kuts. *) Bugfix: the ngx_http_rewrite_module directives specified at "server" level were executed twice if no matching locations were defined. *) Bugfix: a socket leak might occurred if "aio sendfile" was used. *) Bugfix: connections with fast clients might be closed after send_timeout if file AIO was used. *) Bugfix: in the ngx_http_autoindex_module. *) Bugfix: the module ngx_http_mp4_module did not support seeking on 32-bit platforms. *) Bugfix: non-cacheable responses might be cached if "proxy_cache_bypass" directive was used. Thanks to John Ferlito. *) Bugfix: cached responses with an empty body were returned incorrectly; the bug had appeared in 0.8.31. *) Bugfix: 201 responses of the ngx_http_dav_module were incorrect; the bug had appeared in 0.8.32. *) Bugfix: in the "return" directive. *) Bugfix: the "ssl_verify_client", "ssl_verify_depth", and "ssl_prefer_server_ciphers" directives might work incorrectly if SNI was used. Changes with nginx 1.0.8 *) Bugfix: nginx could not be built --with-http_mp4_module and without --with-debug option. Changes with nginx 1.0.7 *) Change: now if total size of all ranges is greater than source response size, then nginx disables ranges and returns just the source response. *) Feature: the "max_ranges" directive. *) Feature: the module ngx_http_mp4_module. *) Feature: the "worker_aio_requests" directive. *) Bugfix: if nginx was built --with-file-aio it could not be run on Linux kernel which did not support AIO. *) Bugfix: in Linux AIO error processing. Thanks to Hagai Avrahami. *) Bugfix: in Linux AIO combined with open_file_cache. *) Bugfix: open_file_cache did not update file info on retest if file was not atomically changed. *) Bugfix: reduced memory consumption for long-lived requests. *) Bugfix: in the "proxy/fastcgi/scgi/uwsgi_ignore_client_abort" directives. *) Bugfix: nginx could not be built on MacOSX 10.7. *) Bugfix: request body might be processed incorrectly if client used pipelining. *) Bugfix: in the "request_body_in_single_buf" directive. *) Bugfix: in "proxy_set_body" and "proxy_pass_request_body" directives if SSL connection to backend was used. *) Bugfix: nginx hogged CPU if all servers in an upstream were marked as "down". *) Bugfix: a segmentation fault might occur during reconfiguration if ssl_session_cache was defined but not used in previous configuration. *) Bugfix: a segmentation fault might occur in a worker process if many backup servers were used in an upstream. Changes with nginx 1.0.6 *) Feature: cache loader run time decrease. *) Feature: loading time decrease of configuration with large number of HTTPS sites. *) Feature: now nginx supports ECDHE key exchange ciphers. Thanks to Adrian Kotelba. *) Feature: the "lingering_close" directive. *) Feature: now shared zones and caches use POSIX semaphores on Solaris. Thanks to Den Ivanov. *) Bugfix: nginx could not be built on Linux 3.0. *) Bugfix: a segmentation fault might occur in a worker process if "fastcgi/scgi/uwsgi_param" directives were used with values starting with "HTTP_"; the bug had appeared in 0.8.40. *) Bugfix: in closing connection for pipelined requests. *) Bugfix: nginx did not disable gzipping if client sent "gzip;q=0" in "Accept-Encoding" request header line. *) Bugfix: in timeout in unbuffered proxied mode. *) Bugfix: memory leaks when a "proxy_pass" directive contains variables and proxies to an HTTPS backend. *) Bugfix: in parameter validaiton of a "proxy_pass" directive with variables. Thanks to Lanshun Zhou. *) Bugfix: SSL did not work on QNX. *) Bugfix: SSL modules could not be built by gcc 4.6 without --with-debug option. ------------------------------------------------------------------- Mon Oct 24 11:59:37 UTC 2011 - schubi@suse.com - Reduce requirement of rubygem-rack to 1_1 cause 1_3 produces errors. ------------------------------------------------------------------- Tue Aug 16 15:23:23 UTC 2011 - ammler@openttdcoop.org - upstream update 1.0.5 * Change: now default SSL ciphers are "HIGH:!aNULL:!MD5". * Feature: the "referer_hash_max_size" and "referer_hash_bucket_size" directives. * Feature: $uid_reset variable. * Bugfix: a segmentation fault might occur in a worker process, if a caching was used. * Bugfix: worker processes may got caught in an endless loop during reconfiguration, if a caching was used; the bug had appeared in 0.8.48. * Bugfix: "stalled cache updating" alert. - add logrotate * add reopen killsiganl -USR1 to init script * logrotate conf - Backport r4003: Configure: catch up with new Linux version numbering ------------------------------------------------------------------- Fri Jun 24 10:40:30 UTC 2011 - jreidinger@novell.com - fix init script to write use its pid file to allow separate nginx server run independent (bnc#702005) ------------------------------------------------------------------- Thu Jun 9 12:02:59 UTC 2011 - ammler@openttdcoop.org - upstream update 1.0.4 * Change: now regular expressions case sensitivity in the "map" directive is given by prefixes "~" or "~*". * Feature: now shared zones and caches use POSIX semaphores on Linux. Thanks to Denis F. Latypoff. * Bugfix: "stalled" cache updating" alert. * Bugfix: nginx could not be built --without-http_auth_basic_module; the bug had appeared in 1.0.3. - additional changes from 1.0.3 - Feature: the "auth_basic_user_file" directive supports "$apr1", "{PLAIN}", and "{SSHA}" password encryption methods. Thanks to Maxim Dounin. - Feature: the "geoip_org" directive and $geoip_org variable. Thanks to Alexander Uskov, Arnaud Granal, and Denis F. Latypoff. - Feature: ngx_http_geo_module and ngx_http_geoip_module support IPv4 addresses mapped to IPv6 addresses. - Bugfix: a segmentation fault occurred in a worker process during testing IPv4 address mapped to IPv6 address, if access or deny rules were defined only for IPv6; the bug had appeared in 0.8.22. - Bugfix: a cached response may be broken if proxy/fastcgi/scgi/ uwsgi_cache_bypass and proxy/fastcgi/scgi/uwsgi_no_cache directive values were different; the bug had appeared in 0.8.46. - additional changes from 1.0.2 - Feature: now shared zones and caches use POSIX semaphores. - Bugfix: in the "rotate" parameter of the "image_filter" directive. Thanks to Adam Bocim. - Bugfix: nginx could not be built on Solaris; the bug had appeared in 1.0.1. - additional changes from 1.0.1 - Change: now the "split_clients" directive uses MurmurHash2 algorithm because of better distribution. Thanks to Oleg Mamontov. - Change: now long strings starting with zero are not considered as false values. Thanks to Maxim Dounin. - Change: now nginx uses a default listen backlog value 511 on Linux. - Feature: the $upstream_... variables may be used in the SSI and perl modules. - Bugfix: now nginx limits better disk cache size. Thanks to Oleg Mamontov. - Bugfix: a segmentation fault might occur while parsing incorrect IPv4 address; the bug had appeared in 0.9.3. Thanks to Maxim Dounin. - Bugfix: nginx could not be built by gcc 4.6 without --with-debug option. - Bugfix: nginx could not be built on Solaris 9 and earlier; the bug had appeared in 0.9.3. Thanks to Dagobert Michelsen. - Bugfix: $request_time variable had invalid values if subrequests were used; the bug had appeared in 0.8.47. Thanks to Igor A. Valcov. - new config directories included in context http: conf.d/*.conf on top before first server vhosts.d/*.conf on bottom (for servers) ------------------------------------------------------------------- Thu May 26 10:20:30 UTC 2011 - mrueckert@suse.de - more accurate license header: BSD-2-Clause ------------------------------------------------------------------- Thu Apr 14 12:17:01 UTC 2011 - mrueckert@suse.de - move the libatomic usage to sle11/11.1 or newer ------------------------------------------------------------------- Thu Apr 14 10:59:36 UTC 2011 - mrueckert@suse.de - remove /srv/www/htdocs/index.html (bnc#670031). ------------------------------------------------------------------- Thu Apr 14 10:34:52 UTC 2011 - mrueckert@suse.de - build with libatomic_ops ------------------------------------------------------------------- Thu Apr 14 10:28:37 UTC 2011 - mrueckert@suse.de - minor spec file cleanup - use perl instead of dos2unix - remove commented out patches from the preamble - fix ordering in preamble ------------------------------------------------------------------- Wed Apr 13 23:50:04 UTC 2011 - alexandre@exatati.com.br - Add epoll in default events config as recommended in http://www.kegel.com/c10k.html#nb.epoll. ------------------------------------------------------------------- Tue Apr 12 18:42:32 UTC 2011 - mrueckert@suse.de - enable building of the passenger extension ------------------------------------------------------------------- Tue Apr 12 16:10:00 UTC 2011 - mrueckert@suse.de - added more directives to the configure line - specify tmp path for scgi/uwsgi - enabled more modules - geoip lookup - http_degradation - mail ssl support - added build time options to build the profiling/testing stuff - see with_google_perftools and with_cpp_test ------------------------------------------------------------------- Tue Apr 12 15:16:54 UTC 2011 - mrueckert@suse.de - start 1.0 branch package