Changes with nginx 0.5.38 14 Sep 2009 *) Security: a segmentation fault might occur in worker process while specially crafted request handling. Thanks to Chris Ries. *) Bugfix: a segmentation fault might occur in worker process, if error_log was set to info or debug level. Thanks to Sergey Bochenkov. Changes with nginx 0.5.37 07 Jul 2008 *) Bugfix: if sub_filter and SSI were used together, then responses might were transferred incorrectly. *) Bugfix: large SSI inclusions might be truncated. *) Bugfix: worker processes might not catch reconfiguration and log rotation signals. *) Bugfix: nginx could not be built on latest Fedora 9 Linux. Thanks to Roxis. *) Bugfix: a segmentation fault might occur in worker process on Linux, if keepalive was enabled. *) Bugfix: an alert "sendmsg() failed (9: Bad file descriptor)" on some 64-bit platforms while reconfiguration. Changes with nginx 0.5.36 04 May 2008 *) Bugfix: the "sub_filter" directive might set text to change into output. *) Bugfix: a segmentation fault occurred in worker process, if empty stub block was used second time in SSI. *) Bugfix: the "proxy_store" and "fastcgi_store" directives did not check a response length. *) Bugfix: nginx issued the bogus error message "SSL_shutdown() failed (SSL: )"; the bug had appeared in 0.5.35. *) Bugfix: in HTTPS mode requests might fail with the "bad write retry" error; the bug had appeared in 0.5.35. *) Bugfix: the "fastcgi_catch_stderr" directive did return error code; now it returns 502 code, that can be rerouted to a next server using the "fastcgi_next_upstream invalid_header" directive. *) Bugfix: a segmentation fault occurred in master process if the "fastcgi_catch_stderr" directive was used; the bug had appeared in 0.5.32. Thanks to Manlio Perillo. Changes with nginx 0.5.35 08 Jan 2008 *) Change: now the ngx_http_userid_module adds start time microseconds to the cookie field contains a pid value. *) Change: now the uname(2) is used on Linux instead of procfs. Thanks to Ilya Novikov. *) Feature: the "If-Range" request header line support. Thanks to Alexander V. Inyukhin. *) Bugfix: in HTTPS mode requests might fail with the "bad write retry" error; the bug had appeared in 0.5.13. *) Bugfix: the STARTTLS in SMTP mode did not work. Thanks to Oleg Motienko. *) Bugfix: large_client_header_buffers did not freed before going to keep-alive state. Thanks to Olexander Shtepa. *) Bugfix: the "limit_rate" directive did not allow to use full throughput, even if limit value was very high. *) Bugfix: the $status variable was equal to 0 if a proxied server returned response in HTTP/0.9 version. *) Bugfix: if the "?" character was in a "error_page" directive, then it was escaped in a proxied request; the bug had appeared in 0.5.32. Changes with nginx 0.5.34 13 Dec 2007 *) Change: now the full request line instead of URI only is written to error_log. *) Feature: Cygwin compatibility. Thanks to Vladimir Kutakov. *) Feature: the "merge_slashes" directive. *) Feature: the "gzip_vary" directive. *) Feature: the "server_tokens" directive. *) Feature: the "access_log" directive may be used inside the "limit_except" block. *) Bugfix: if the $server_protocol was used in FastCGI parameters and a request line length was near to the "client_header_buffer_size" directive value, then nginx issued an alert "fastcgi: the request record is too big". *) Bugfix: if a plain text HTTP/0.9 version request was made to HTTPS server, then nginx returned usual response. *) Bugfix: URL double escaping in a redirect of the "msie_refresh" directive; the bug had appeared in 0.5.28. *) Bugfix: a segmentation fault might occur in worker process if subrequests were used. *) Bugfix: the big responses may be transferred truncated if SSL and gzip were used. *) Bugfix: compatibility with mget. *) Bugfix: nginx did not unescape URI in the "include" SSI command. *) Bugfix: the segmentation fault was occurred on start or while reconfiguration if variable was used in the "charset" or "source_charset" directives. *) Bugfix: nginx returned the 400 response on requests like "GET http://www.domain.com HTTP/1.0". Thanks to James Oakley. *) Bugfix: a segmentation fault occurred in worker process if $date_local and $date_gmt were used outside the ngx_http_ssi_filter_module. *) Bugfix: a segmentation fault might occur in worker process if debug log was enabled. Thanks to Andrei Nigmatulin. *) Bugfix: ngx_http_memcached_module did not set $upstream_response_time. Thanks to Maxim Dounin. *) Bugfix: a worker process may got caught in an endless loop, if the memcached was used. Changes with nginx 0.5.33 07 Nov 2007 *) Change: now by default the "echo" SSI command uses entity encoding. *) Feature: the "encoding" parameter in the "echo" SSI command. *) Change: mail proxy was split on three modules: pop3, imap and smtp. *) Feature: the --without-mail_pop3_module, --without-mail_imap_module, and --without-mail_smtp_module configuration parameters. *) Feature: the "smtp_greeting_delay" and "smtp_client_buffer" directives of the ngx_mail_smtp_module. *) Feature: the "server_name" and "valid_referers" directives support regular expressions. *) Feature: the "server_name", "map", and "valid_referers" directives support the "www.example.*" wildcards. *) Bugfix: sub_filter did not work with empty substitution. *) Bugfix: in sub_filter parsing. *) Bugfix: a worker process may got caught in an endless loop, if the memcached was used. *) Bugfix: nginx supported low case only "close" and "keep-alive" values in the "Connection" request header line; the bug had appeared in 0.5.32. *) Bugfix: nginx could not start on Solaris if the shared PCRE library located in non-standard place was used. Changes with nginx 0.5.32 24 Sep 2007 *) Change: now nginx tries to set the "worker_priority", "worker_rlimit_nofile", "worker_rlimit_core", and "worker_rlimit_sigpending" without super-user privileges. *) Change: now nginx escapes space and "%" in request to a mail proxy authentication server. *) Change: now nginx escapes "%" in $memcached_key variable. *) Change: the special make target "upgrade1" was defined for online upgrade of 0.1.x versions. *) Feature: the "add_header Last-Modified ..." directive changes the "Last-Modified" response header line. *) Feature: the mail proxy supports AUTHENTICATE in IMAP mode. Thanks to Maxim Dounin. *) Feature: the mail proxy supports STARTTLS in SMTP mode. Thanks to Maxim Dounin. *) Bugfix: nginx did not close directory file on HEAD request if autoindex was used. Thanks to Arkadiusz Patyk. *) Bugfix: the "proxy_hide_header" and "fastcgi_hide_header" directives did not hide response header lines whose name was longer than 32 characters. Thanks to Manlio Perillo. *) Bugfix: active connection counter always increased if mail proxy was used. *) Bugfix: if backend returned response header only using non-buffered proxy, then nginx closed backend connection on timeout. *) Bugfix: nginx did not support several "Connection" request header lines. *) Bugfix: a charset set by the "charset" directive was not appended to the "Content-Type" header set by $r->send_http_header(). *) Bugfix: a segmentation fault might occur in worker process if /dev/poll method was used. *) Bugfix: nginx did not work on FreeBSD/sparc64. *) Bugfix: a segmentation fault occurred in worker process if invalid address was set in the "auth_http" directive. *) Bugfix: now nginx uses default listen backlog value 511 on all platforms except FreeBSD. Thanks to Jiang Hong. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: if the same host without specified port was used as backend for HTTP and HTTPS, then nginx used only one port - 80 or 443. *) Bugfix: the "proxy_ignore_client_abort" and "fastcgi_ignore_client_abort" directives did not work; the bug had appeared in 0.5.13. Changes with nginx 0.5.31 15 Aug 2007 *) Feature: named locations. *) Feature: the "proxy_store" and "fastcgi_store" directives. *) Feature: the "proxy_store_access" and "fastcgi_store_access" directives. Changes with nginx 0.5.30 30 Jul 2007 *) Feature: the $args variable can be set with the "set" directive. *) Feature: the $is_args variable. *) Bugfix: if a client has closed connection to mail proxy then nginx might not close connection to backend. *) Bugfix: now nginx escapes space in $memcached_key variable. *) Bugfix: a segmentation fault might occur in worker process when the HTTPS protocol was used in the "proxy_pass" directive. *) Bugfix: the perl $$ variable value in ngx_http_perl_module was equal to the master process identification number. *) Bugfix: fix building on Solaris/amd64 by Sun Studio 11 and early versions; the bug had appeared in 0.5.29. Changes with nginx 0.5.29 23 Jul 2007 *) Feature: $nginx_version variable. Thanks to Nick S. Grechukh. *) Bugfix: if the FastCGI header was split in records, then nginx passed garbage in the header to a client. *) Bugfix: Sun Studio compatibility on Solaris/amd64 and Solaris/sparc64. Thanks to Jiang Hong and Andrei Nigmatulin. *) Bugfix: of minor potential bugs. Thanks to Coverity's Scan. Changes with nginx 0.5.28 17 Jul 2007 *) Security: the "msie_refresh" directive allowed XSS. Thanks to Maxim Boguk. *) Bugfix: a segmentation fault might occur in worker process if the "auth_http_header" directive was used. Thanks to Maxim Dounin. *) Bugfix: a segmentation fault occurred in worker process if the CRAM-MD5 authentication method was used, but it was not enabled. *) Bugfix: a segmentation fault might occur in worker process if the eventport method was used. Changes with nginx 0.5.27 09 Jul 2007 *) Bugfix: if remote SSI subrequest was used, then posterior local file subrequest might transferred to client in wrong order. *) Bugfix: large SSI inclusions buffered in temporary files were truncated. Changes with nginx 0.5.26 17 Jun 2007 *) Bugfix: in SSI parsing. Changes with nginx 0.5.25 11 Jun 2007 *) Bugfix: nginx could not be built with the --without-http_rewrite_module parameter; the bug had appeared in 0.5.24. Changes with nginx 0.5.24 06 Jun 2007 *) Security: the "ssl_verify_client" directive did not work if request was made using HTTP/0.9. *) Bugfix: a part of response body might be passed uncompressed if gzip was used; the bug had appeared in 0.5.23. Changes with nginx 0.5.23 04 Jun 2007 *) Feature: the ngx_http_ssl_module supports Server Name Indication TLS extension. *) Feature: the "fastcgi_catch_stderr" directive. Thanks to Nick S. Grechukh, OWOX project. *) Bugfix: a segmentation fault occurred in master process if two virtual servers should bind() to the overlapping ports. *) Bugfix: if nginx was built with ngx_http_perl_module and perl supported threads, then during second reconfiguration the error messages "panic: MUTEX_LOCK" and "perl_parse() failed" were issued. *) Bugfix: in the HTTPS protocol in the "proxy_pass" directive. Changes with nginx 0.5.22 29 May 2007 *) Bugfix: a big request body might not be passed to backend; the bug had appeared in 0.5.21. Changes with nginx 0.5.21 28 May 2007 *) Bugfix: if server has more than about ten locations, then regex locations might be choosen not in that order as they were specified. *) Bugfix: a worker process may got caught in an endless loop on 64-bit platform, if the 33-rd or next in succession backend has failed. Thanks to Anton Povarov. *) Bugfix: a bus error might occur on Solaris/sparc64 if the PCRE library was used. Thanks to Andrei Nigmatulin. *) Bugfix: in the HTTPS protocol in the "proxy_pass" directive. Changes with nginx 0.5.20 07 May 2007 *) Feature: the "sendfile_max_chunk" directive. *) Feature: the "$http_...", "$sent_http_...", and "$upstream_http_..." variables may be changed using the "set" directive. *) Bugfix: a segmentation fault might occur in worker process if the SSI command 'if expr="$var = /"' was used. *) Bugfix: trailing boundary of multipart range response was transferred incorrectly. Thanks to Evan Miller. *) Bugfix: nginx did not work on Solaris/sparc64 if it was built by Sun Studio. Thanks to Andrei Nigmatulin. *) Bugfix: the ngx_http_perl_module could not be built by Solaris make. Thanks to Andrei Nigmatulin. Changes with nginx 0.5.19 24 Apr 2007 *) Change: now the $request_time variable has millisecond precision. *) Change: the method $r->rflush of ngx_http_perl_module was renamed to the $r->flush. *) Feature: the $upstream_addr variable. *) Feature: the "proxy_headers_hash_max_size" and "proxy_headers_hash_bucket_size" directives. Thanks to Volodymyr Kostyrko. *) Bugfix: the files more than 2G could not be transferred using sendfile and limit_rate on 64-bit platforms. *) Bugfix: the files more than 2G could not be transferred using sendfile on 64-bit Linux. Changes with nginx 0.5.18 19 Apr 2007 *) Feature: the ngx_http_sub_filter_module. *) Feature: the "$upstream_http_..." variables. *) Feature: now the $upstream_status and $upstream_response_time variables keep data about all upstreams before X-Accel-Redirect. *) Bugfix: a segmentation fault occurred in master process after first reconfiguration and receiving any signal if nginx was built with ngx_http_perl_module and perl did not support multiplicity; the bug had appeared in 0.5.9. *) Bugfix: if perl did not support multiplicity, then after reconfiguration perl code did not work; the bug had appeared in 0.3.38. Changes with nginx 0.5.17 02 Apr 2007 *) Change: now nginx always returns the 405 status for the TRACE method. *) Feature: now nginx supports the "include" directive inside the "types" block. *) Bugfix: the $document_root variable usage in the "root" and "alias" directives is disabled: this caused recursive stack overflow. *) Bugfix: in the HTTPS protocol in the "proxy_pass" directive. *) Bugfix: in some cases non-cachable variables (such as $uri variable) returned old cached value. Changes with nginx 0.5.16 26 Mar 2007 *) Bugfix: the C-class network was not used as hash key in the "ip_hash" directive. Thanks to Pavel Yarkovoy. *) Bugfix: a segmentation fault might occur in worker process if a charset was set in the "Content-Type" header line and the line has trailing ";"; the bug had appeared in 0.3.50. *) Bugfix: the "[alert] zero size buf" error when FastCGI server was used and a request body written in a temporary file was multiple of 32K. *) Bugfix: nginx could not be built on Solaris without the --with-debug option; the bug had appeared in 0.5.15. Changes with nginx 0.5.15 19 Mar 2007 *) Feature: the mail proxy supports authenticated SMTP proxying and the "smtp_auth", "smtp_capablities", and "xclient" directives. Thanks to Anton Yuzhaninov and Maxim Dounin. *) Feature: now the keep-alive connections are closed just after receiving the reconfiguration signal. *) Change: the "imap" and "auth" directives were renamed to the "mail" and "pop3_auth" directives. *) Bugfix: a segmentation fault occurred in worker process if the CRAM-MD5 authentication method was used and the APOP method was disabled. *) Bugfix: if the "starttls only" directive was used in POP3 protocol, then nginx allowed authentication without switching to the SSL mode. *) Bugfix: worker processes did not exit after reconfiguration and did not rotate logs if the eventport method was used. *) Bugfix: a worker process may got caught in an endless loop, if the "ip_hash" directive was used. *) Bugfix: now nginx does not log some alerts if eventport or /dev/poll methods are used. Changes with nginx 0.5.14 23 Feb 2007 *) Bugfix: nginx ignored superfluous closing "}" in the end of configuration file. Changes with nginx 0.5.13 19 Feb 2007 *) Feature: the COPY and MOVE methods. *) Bugfix: the ngx_http_realip_module set garbage for requests passed via keep-alive connection. *) Bugfix: nginx did not work on big-endian 64-bit Linux. Thanks to Andrei Nigmatulin. *) Bugfix: now when IMAP/POP3 proxy receives too long command it closes the connection right away, but not after timeout. *) Bugfix: if the "epoll" method was used and a client closed a connection prematurely, then nginx closed the connection after a send timeout only. *) Bugfix: nginx could not be built on platforms different from i386, amd64, sparc, and ppc; the bug had appeared in 0.5.8. Changes with nginx 0.5.12 12 Feb 2007 *) Bugfix: nginx could not be built on platforms different from i386, amd64, sparc, and ppc; the bug had appeared in 0.5.8. *) Bugfix: a segmentation fault might occur in worker process if the temporary files were used while working with FastCGI server; the bug had appeared in 0.5.8. *) Bugfix: a segmentation fault might occur in worker process if the $fastcgi_script_name variable was logged. *) Bugfix: ngx_http_perl_module could not be built on Solaris. Changes with nginx 0.5.11 05 Feb 2007 *) Feature: now configure detects system PCRE library in MacPorts. Thanks to Chris McGrath. *) Bugfix: the response was incorrect if several ranges were requested; the bug had appeared in 0.5.6. *) Bugfix: the "create_full_put_path" directive could not create the intermediate directories if no "dav_access" directive was set. Thanks to Evan Miller. *) Bugfix: the "0" response code might be logged in the access_log instead of the "400" and "408" error codes. *) Bugfix: a segmentation fault might occur in worker process if nginx was built with -O2 optimization. Changes with nginx 0.5.10 26 Jan 2007 *) Bugfix: while online executable file upgrade the new master process did not inherit the listening sockets; the bug had appeared in 0.5.9. *) Bugfix: a segmentation fault might occur in worker process if nginx was built with -O2 optimization; the bug had appeared in 0.5.1. Changes with nginx 0.5.9 25 Jan 2007 *) Change: now the ngx_http_memcached_module uses the $memcached_key variable value as a key. *) Feature: the $memcached_key variable. *) Feature: the "clean" parameter in the "client_body_in_file_only" directive. *) Feature: the "env" directive. *) Feature: the "sendfile" directive is available inside the "if" block. *) Feature: now on failure of the writing to access nginx logs a message to error_log, but not more often than once a minute. *) Bugfix: the "access_log off" directive did not always turn off the logging. Changes with nginx 0.5.8 19 Jan 2007 *) Bugfix: a segmentation fault might occur if "client_body_in_file_only on" was used and a request body was small. *) Bugfix: a segmentation fault occurred if "client_body_in_file_only on" and "proxy_pass_request_body off" or "fastcgi_pass_request_body off" directives were used, and nginx switched to a next upstream. *) Bugfix: if the "proxy_buffering off" directive was used and a client connection was non-active, then the connection was closed after send timeout; the bug had appeared in 0.4.7. *) Bugfix: if the "epoll" method was used and a client closed a connection prematurely, then nginx closed the connection after a send timeout only. *) Bugfix: the "[alert] zero size buf" error when FastCGI server was used. *) Bugfixes in the "limit_zone" directive. Changes with nginx 0.5.7 15 Jan 2007 *) Feature: the ssl_session_cache storage optimization. *) Bugfixes in the "ssl_session_cache" and "limit_zone" directives. *) Bugfix: the segmentation fault was occurred on start or while reconfiguration if the "ssl_session_cache" or "limit_zone" directives were used on 64-bit platforms. *) Bugfix: a segmentation fault occurred if the "add_before_body" or "add_after_body" directives were used and there was no "Content-Type" header line in response. *) Bugfix: the OpenSSL library was always built with the threads support. Thanks to Den Ivanov. *) Bugfix: the PCRE-6.5+ library and the icc compiler compatibility. Changes with nginx 0.5.6 09 Jan 2007 *) Change: now the ngx_http_index_mo