ALT Linux repositórios
S: | 1.24.0-alt3 |
5.0: | 0.8.15-alt1 |
4.1: | 0.6.29-alt1.M41.2 |
4.0: | 0.5.38-alt0.M40.1 |
+backports: | 0.5.33-alt1.M40.1 |
3.0: | 0.1.45-alt1 |
Group :: Sistema/Servidores
RPM: nginx
Main Changelog Spec Patches Sources Download Gear Bugs e FR Repocop
16 setembro 2009 Michael Shigorin <mike at altlinux.org> 0.6.29-alt1.M41.2
- fixed package intersection
- major security fix for CVE-2009-2629, buffer overflow triggered by
HTTP request with non-zero (low for sites with high request rate)
arbitrary code execution probability (author's patch)
- Update to 0.6.29
- rebuild
- re-added kludge from 0.5.34-alt1.1: the more insightful fix didn't
account for the case of i586 (which is our default x86 buildarch)
while my dirty hack doesnn't account at all, it just has a hammer :) - so "could not build the types_hash, you should increase types_hash_bucket_size: 32
error with our default configuration (considerably larger mime.types)
should go away again
- replaced ugly kludge introduced by me in 0.5.34-alt1.1
with an insightful one by Gena Makhomed (#13407)
- added Provides: webserver (#13546)
- Change: now the ngx_http_userid_module adds start time microseconds
to the cookie field contains a pid value. - Change: now the uname(2) is used on Linux instead of procfs.
Thanks to Ilya Novikov. - Feature: the "If-Range" request header line support.
Thanks to Alexander V. Inyukhin. - Bugfix: in HTTPS mode requests might fail with the "bad write retry"
error; bug appeared in 0.5.13. - Bugfix: the STARTTLS in SMTP mode did not work.
Thanks to Oleg Motienko. - Bugfix: large_client_header_buffers did not freed before going to
keep-alive state.
Thanks to Olexander Shtepa. - Bugfix: the "limit_rate" directive did not allow to use full
throughput, even if limit value was very high. - Bugfix: the $status variable was equal to 0 if a proxied server
returned response in HTTP/0.9 version. - Bugfix: if the "?" character was in a "error_page" directive, then
it was escaped in a proxied request; bug appeared in 0.5.32.
- got fed up with "could not build the types_hash, you should
increase types_hash_bucket_size: 32" and did increase the default
to empirically tested (Linux/i586) value of 64
- rebuild
- Change: now the full request line instead of URI only is written to
error_log. - Feature: the "merge_slashes" directive.
- Feature: the "gzip_vary" directive.
- Feature: the "server_tokens" directive.
- Feature: the "access_log" directive may be used inside the "limit_except" block.
- Bugfix: if the $server_protocol was used in FastCGI parameters and a
request line length was near to the "client_header_buffer_size" directive
value, then nginx issued an alert "fastcgi: the request record is too big". - Bugfix: if a plain text HTTP/0.9 version request was made to HTTPS server,
then nginx returned usual response. - Bugfix: URL double escaping in a redirect of the "msie_refresh"
directive; bug appeared in 0.5.28. - Bugfix: a segmentation fault might occur in worker process if
subrequests were used. - Bugfix: the big responses may be transferred truncated if SSL and gzip were
used. - Bugfix: compatibility with mget.
- Bugfix: nginx did not unescape URI in the "include" SSI command.
- Bugfix: the segmentation fault was occurred on start or while
reconfiguration if variable was used in the "charset" or
"source_charset" directives. - Bugfix: nginx returned the 400 response on requests like
"GET http://www.domain.com HTTP/1.0". Thanks to James Oakley. - Bugfix: a segmentation fault occurred in worker process if
$date_local and $date_gmt were used outside the
ngx_http_ssi_filter_module. - Bugfix: a segmentation fault might occur in worker process if debug
log was enabled. Thanks to Andrei Nigmatulin. - Bugfix: ngx_http_memcached_module did not set $upstream_response_time.
Thanks to Maxim Dounin. - Bugfix: a worker process may got caught in an endless loop, if the
memcached was used.
- Fix default nginx.conf:
+ first server_name with wildcards is a fatal error now
+ add two more somewhat unobvious tips on reverse proxying
+ link to http://nginx.net for info/docs
- Auto fix types_hash_bucket_size in config
- Change: now by default the "echo" SSI command uses entity encoding.
- Feature: the "encoding" parameter in the "echo" SSI command.
- Change: mail proxy was split on three modules: pop3, imap and smtp.
- Feature: the "smtp_greeting_delay" and "smtp_client_buffer" directives of the
ngx_mail_smtp_module. - Feature: the "server_name" and "valid_referers" directives support regular
expressions. - Feature: the "server_name", "map", and "valid_referers" directives support
the "www.example.*" wildcards. - Bugfix: sub_filter did not work with empty substitution.
- Bugfix: in sub_filter parsing.
- Bugfix: a worker process may got caught in an endless loop, if the memcached
was used. - Bugfix: nginx supported low case only "close" and "keep-alive" values in the
"Connection" request header line; bug appeared in 0.5.32. - build --with debug (for more verbose logging)
- Change: now nginx tries to set the "worker_priority", "worker_rlimit_nofile",
"worker_rlimit_core", and "worker_rlimit_sigpending" without super-user
privileges. - Change: now nginx escapes space and "%" in request to a mail proxy
authentication server. - Change: now nginx escapes "%" in $memcached_key variable.
- Feature: the "add_header Last-Modified ..." directive changes the
"Last-Modified" response header line. - Feature: the mail proxy supports AUTHENTICATE in IMAP mode. Thanks to Maxim
Dounin. - Feature: the mail proxy supports STARTTLS in SMTP mode. Thanks to Maxim
Dounin. - Bugfix: nginx did not close directory file on HEAD request if autoindex was
used. Thanks to Arkadiusz Patyk. - Bugfix: the "proxy_hide_header" and "fastcgi_hide_header" directives did not
hide response header lines whose name was longer than 32 characters. Thanks
to Manlio Perillo. - Bugfix: active connection counter always increased if mail proxy was used.
- Bugfix: if backend returned response header only using non-buffered proxy,
then nginx closed backend connection on timeout. - Bugfix: nginx did not support several "Connection" request header lines.
- Bugfix: a charset set by the "charset" directive was not appended to the
"Content-Type" header set by $r->send_http_header(). - Bugfix: a segmentation fault might occur in worker process if /dev/poll
method was used. - Bugfix: a segmentation fault occurred in worker process if invalid address
was set in the "auth_http" directive. - Bugfix: now nginx uses default listen backlog value 511 on all platforms
except FreeBSD. Thanks to Jiang Hong. - Bugfix: now Solaris sendfilev() is not used to transfer the client request
body to FastCGI-server via the unix domain socket. - Bugfix: if the same host without specified port was used as backend for HTTP
and HTTPS, then nginx used only one port - 80 or 443. - Bugfix: the "proxy_ignore_client_abort" and "fastcgi_ignore_client_abort"
directives did not work; bug appeared in 0.5.13.
- properly fixed #7441 (taking into accound ldv@'s objections)
- properly fixed #12655 (ditto)
- readability improvements to initscript
- added /etc/sysconfig/nginx (flexible ulimit setup)
- rebuild
- rebuild
- fix back my thinko regarding /var/run/nginx/ directory
- rework upgrade() initscript action (and run it only for package upgrades,
just do a restart for sysadmin's command) -- should fix #12655
- NMU: moved remnants of directory creation and permissions setup
from initscript to specfile (seems like was a band-aid which is
currently unneeded and non-elegant); see also #12647 - fixed #7441 (service nginx stop would leave children running)
- rebuild
- Feature: named locations.
- Feature: the "proxy_store" and "fastcgi_store" directives.
- Feature: the "proxy_store_access" and "fastcgi_store_access" directives.
- Feature: the $args variable can be set with the "set" directive.
- Feature: the $is_args variable.
- Bugfix: if a client has closed connection to mail proxy then nginx might not
close connection to backend. - Bugfix: now nginx escapes space in $memcached_key variable.
- Bugfix: a segmentation fault might occur in worker process when the HTTPS
protocol was used in the "proxy_pass" directive. - Bugfix: the perl $$ variable value in ngx_http_perl_module was equal to the
master process identification number. - Bugfix: fix building on Solaris/amd64 by Sun Studio 11 and early versions;
bug appeared in 0.5.29. - Feature: $nginx_version variable. Thanks to Nick S. Grechukh.
- Bugfix: if the FastCGI header was split in records, then nginx passed garbage
in the header to a client. - Bugfix: Sun Studio compatibility on Solaris/amd64 and Solaris/sparc64.
Thanks to Jiang Hong and Andrei Nigmatulin. - Bugfix: of minor potential bugs. Thanks to Coverity's Scan.
- Security: the "msie_refresh" directive allowed XSS. Thanks to Maxim Boguk.
- Bugfix: a segmentation fault might occur in worker process if the
"auth_http_header" directive was used. Thanks to Maxim Dounin. - Bugfix: a segmentation fault occurred in worker process if the CRAM-MD5
authentication method was used, but it was not enabled. - Bugfix: a segmentation fault might occur in worker process if the eventport
method was used. - Bugfix: if remote SSI subrequest was used, then posterior local file
subrequest might transferred to client in wrong order. - Bugfix: large SSI inclusions buffered in temporary files were truncated.
- More strict requires for perl-base version
- Remove nginx.perl.fix.patch (added to upstream)
- Drop nginx-0.5.14-gns-catchstderr.patch (added to upstream)
- Bugfix: in SSI parsing.
- Bugfix: nginx could not be built with the --without-http_rewrite_module
parameter; bug appeared in 0.5.24. - Security: the "ssl_verify_client" directive did not work if request was made
using HTTP/0.9. - Bugfix: a part of response body might be passed uncompressed if gzip was
used; bug appeared in 0.5.23.
- update version to 0.5.22
- fix perl module (#11911)
- update mime.types (get it from Apache)
- fix x86_64 building
- update version to 0.5.20
- remove connection_pool_size option from config file (fix crash on x86_64)
- build with perl support (at@)
- Feature: the "sendfile_max_chunk" directive.
- Feature: the "$http_...", "$sent_http_...", and "$upstream_http_..."
variables may be changed using the "set" directive. - Bugfix: a segmentation fault might occur in worker process if the SSI command
'if expr="$var = /"' was used. - Bugfix: trailing boundary of multipart range response was transferred
incorrectly. Thanks to Evan Miller.
- update version to 0.5.19
- build --with-http_stub_status_module (gns@)
- fix mail proxy building
- Add Symbian sis/sisx files to mime.types (#11459)
- Add hints to config file (#11368)
- Make default config file more useful
- Add README.ALT
- Start more workers in default config (more DoS proof)
- Change: now the $request_time variable has millisecond precision.
- Feature: the $upstream_addr variable.
- Feature: the "proxy_headers_hash_max_size" and
"proxy_headers_hash_bucket_size" directives. Thanks to Volodymyr Kostyrko. - Bugfix: the files more than 2G could not be transferred using sendfile on
64-bit Linux. - Feature: the ngx_http_sub_filter_module.
- Feature: the "$upstream_http_..." variables.
- Feature: now the $upstream_status and $upstream_response_time variables keep
data about all upstreams before X-Accel-Redirect.
- update version to 0.5.17
- update version to 0.5.14
- update version to 0.5.0
- version update
- rebuild with http_browser_module
- version update
- version update
- version update
- authorize by client certifications added
- version update
- version update
- with realip
- version update;
- NMU;
- version update;
- x86_64 fixes;
- default config updated;
- init script improvements;
- add logrotate script;
- update patches.
- version update
- version update
- create directories for temp files (client requests, fastcgi & proxy replies)
- version update
- added two patches (from lakostis@)
- build with optimization flags (from lakostis@)
- version update
- default_charset removed
- charset set reply codepage, source_charset -- source charset :)
- limit_rate supported with proxy and fastcgi
- X-Accel-Limit-Rate header from backend supported
- added: ssi_types
- added: autoindex_exact_size
- added: log_not_found
- added: break
- removed: post_accept_timeout
- build with imap
- many other fixes
- version update
- 0.1.34
- spec cleanup / macrification (mike@)
- changed "nginx" user/group to "_nginx" (mike@)
- version update
- some cleanups
- version update
- cleanup
- version update
- add ulimit -n 16384 to initscript
- version update
- cleanup
- tmp moved to /var/spool/nagios/tmp
- version update
- version update
- version update
- fastcgi support (upstream)
- version update
- OpenSSL-support builded
- rewrite and pcre support builded
- startup script
- useful default config-file
- version update
- first build