May 8th, 2013· Security: a stack-based buffer overflow might occur in a worker process while handling a specially crafted request, potentially resulting in arbitrary code execution (CVE-2013-2028); the bug had appeared in 1.3.9. Thanks to Greg MacManus, iSIGHT Partners Labs.
April 2nd, 2013· Change: opening and closing a connection without sending any data in it is no longer logged to access_log with 400 error code.
· Feature: the ngx_http_spdy_module. Thanks to Automattic for sponsoring this work.
· Feature: the "limit_req_status" and "limit_conn_status" directives. Thanks to Nick Marden.
· Feature: the "image_filter_interlace" directive. Thanks to Ian Babrou.
· Feature: $connections_waiting variable in the ngx_http_stub_status_module.
· Feature: the mail proxy module now supports IPv6 backends.
· Bugfix: request body might be transmitted incorrectly when retrying a request to a next upstream server; the bug had appeared in 1.3.9. Thanks to Piotr Sikora.
· Bugfix: in the "client_body_in_file_only" directive; the bug had appeared in 1.3.9.
· Bugfix: responses might hang if subrequests were used and a DNS error happened during subrequest processing. Thanks to Lanshun Zhou.
· Bugfix: in backend usage accounting.
April 2nd, 2013· Bugfix: new sessions were not always stored if the "ssl_session_cache shared" directive was used and there was no free space in shared memory. Thanks to Piotr Sikora.
· Bugfix: responses might hang if subrequests were used and a DNS error happened during subrequest processing. Thanks to Lanshun Zhou.
· Bugfix: in the ngx_http_mp4_module. Thanks to Gernot Vormayr.
· Bugfix: in backend usage accounting.
February 12th, 2013· Change: now if the "include" directive with mask is used on Unix systems, included files are sorted in alphabetical order.
· Change: the "add_header" directive adds headers to 201 responses.
· Feature: the "geo" directive now supports IPv6 addresses in CIDR notation.
· Feature: the "flush" and "gzip" parameters of the "access_log" directive.
· Feature: variables support in the "auth_basic" directive.
· Feature: the $pipe, $request_length, $time_iso8601, and $time_local variables can now be used not only in the "log_format" directive. Thanks to Kiril Kalchev.
· Feature: IPv6 support in the ngx_http_geoip_module. Thanks to Gregor Kališnik.
· Bugfix: nginx could not be built with the ngx_http_perl_module in some cases.
· Bugfix: a segmentation fault might occur in a worker process if the ngx_http_xslt_module was used.
· Bugfix: nginx could not be built on MacOSX in some cases. Thanks to Piotr Sikora.
· Bugfix: the "limit_rate" directive with high rates might result in truncated responses on 32-bit platforms. Thanks to Alexey Antropov.
· Bugfix: a segmentation fault might occur in a worker process if the "if" directive was used. Thanks to Piotr Sikora.
· Bugfix: a "100 Continue" response was issued with "413 Request Entity Too Large" responses.
· Bugfix: the "image_filter", "image_filter_jpeg_quality" and "image_filter_sharpen" directives might be inherited incorrectly. Thanks to Ian Babrou.
· Bugfix: "crypt_r() failed" errors might appear if the "auth_basic" directive was used on Linux.
· Bugfix: in backup servers handling. Thanks to Thomas Chen.
· Bugfix: proxied HEAD requests might return incorrect response if the "gzip" directive was used.
· Bugfix: a segmentation fault occurred on start or during reconfiguration if the "keepalive" directive was specified more than once in a single upstream block.
· Bugfix: in the "proxy_method" directive.
· Bugfix: a segmentation fault might occur in a worker process if resolver was used with the poll method.
· Bugfix: nginx might hog CPU during SSL handshake with a backend if the select, poll, or /dev/poll methods were used.
· Bugfix: the "[crit] SSL_write() failed (SSL:)" error.
· Bugfix: in the "fastcgi_keep_conn" directive.
October 8th, 2012· Feature: OCSP stapling support. Thanks to Comodo, DigiCert and GlobalSign for sponsoring this work.
· Feature: the "ssl_trusted_certificate" directive.
· Feature: resolver now randomly rotates addresses returned from cache. Thanks to Anton Jouline.
· Bugfix: OpenSSL 0.9.7 compatibility.
February 11th, 2012· Feature: the "TLSv1.1" and "TLSv1.2" parameters of the"ssl_protocols" directive.
· Feature: the "if" SSI command supports captures in regularexpressions.
· Bugfix: the "if" SSI command did not work inside the
· "block" command.
· Bugfix: in AIO error handling on FreeBSD.
· Bugfix: in the OpenSSL library initialization.
· Bugfix: the "worker_cpu_affinity" directive might not work.
· Bugfix: the "limit_conn_log_level" and
· "limit_req_log_level"directives might not work.
· Bugfix: the "read_ahead" directive might not work combined with"try_files" and "open_file_cache".
· Bugfix: the "proxy_cache_use_stale" directive with "error"
· parameterdid not return answer from cache if there were no live upstreams.
· Bugfix: a segmentation fault might occur in a worker process if smalltime was used in the "inactive" parameter of the
· "proxy_cache_path"directive.
· Bugfix: responses from cache might hang.
· Bugfix: in error handling while connecting to a backend.Thanks to Piotr Sikora.
· Bugfix: in the "epoll" event method.Thanks to Yichun Zhang.
· Bugfix: the $sent_http_cache_control variable might contain a wrongvalue if the "expires" directive was used.Thanks to Yichun Zhang.
· Bugfix: the "limit_rate" directive did not allow to use fullthroughput, even if limit value was very high.
· Bugfix: the "sendfile_max_chunk" directive did not work, if the"limit_rate" directive was used.
· Bugfix: nginx could not be built on Solaris; the bug had appeared in1.0.11.
· Bugfix: in the ngx_http_scgi_module.
· Bugfix: in the ngx_http_mp4_module.
April 15th, 2011· Bugfix: a cache manager might hog CPU after reload. Thanks to Maxim Dounin.
· Bugfix: an "image_filter crop" directive worked incorrectly coupled with an "image_filter rotate 180" directive.
· Bugfix: a "satisfy any" directive disabled custom 401 error page.
Find us on Google+
