The NetBSD Project

CVS log for pkgsrc/www/nginx/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / www / nginx

Request diff between arbitrary revisions


Default branch: MAIN


Revision 1.151 / (download) - annotate - [select for diffs], Fri Mar 15 18:35:22 2024 UTC (13 days, 17 hours ago) by nia
Branch: MAIN
CVS Tags: HEAD
Changes since 1.150: +2 -2 lines
Diff to previous 1.150 (colored) to selected 1.122 (colored)

nginx: Do not hardcode COMPILER_RPATH_FLAG.

Revision 1.150 / (download) - annotate - [select for diffs], Fri Feb 16 18:12:28 2024 UTC (5 weeks, 6 days ago) by osa
Branch: MAIN
Changes since 1.149: +2 -2 lines
Diff to previous 1.149 (colored) to selected 1.122 (colored)

www/nginx: third-party modules management (+)

o) update ndk: 0.3.2 -> 0.3.3;
o) update lua: 0.10.25 -> 0.10.26;
o) update headers_more: 0.34 -> 0.37.

Bump PKGREVISION.

Revision 1.149 / (download) - annotate - [select for diffs], Sun Nov 12 13:23:57 2023 UTC (4 months, 2 weeks ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2023Q4-base, pkgsrc-2023Q4
Changes since 1.148: +2 -2 lines
Diff to previous 1.148 (colored) to selected 1.122 (colored)

*: revebump for new brotli option for freetype2

Addresses PR 57693

Revision 1.148 / (download) - annotate - [select for diffs], Wed Nov 8 13:21:21 2023 UTC (4 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.147: +2 -2 lines
Diff to previous 1.147 (colored) to selected 1.122 (colored)

*: recursive bump for icu 74.1

Revision 1.147 / (download) - annotate - [select for diffs], Wed Oct 25 16:04:47 2023 UTC (5 months ago) by osa
Branch: MAIN
Changes since 1.146: +2 -2 lines
Diff to previous 1.146 (colored) to selected 1.122 (colored)

*/*: update NGINX JavaScript 0.8.1 -> 0.8.2

Bump PKGREVISION for www/nginx, www/nginx-devel, and www/unit.

<ChangeLog>

nginx modules:

*) Feature: introduced console object. The following methods
   were introduced: error(), info(), log(), time(), timeEnd(),
   warn().

*) Bugfix: fixed HEAD response handling with large Content-Length
   in fetch API.

*) Bugfix: fixed items() method for a shared dictionary.

*) Bugfix: fixed delete() method for a shared dictionary.

Core:

*) Feature: extended "fs" module. Added existsSync().

*) Bugfix: fixed "xml" module. Fixed broken XML exception handling
   in parse() method.

*) Bugfix: fixed RegExp.prototype.exec() with global regexp and
   unicode input.

*) Bugfix: fixed return statement parsing with invalid expression.

</ChangeLog>

Revision 1.146 / (download) - annotate - [select for diffs], Tue Oct 24 22:11:30 2023 UTC (5 months ago) by wiz
Branch: MAIN
Changes since 1.145: +2 -2 lines
Diff to previous 1.145 (colored) to selected 1.122 (colored)

*: bump for openssl 3

Revision 1.145 / (download) - annotate - [select for diffs], Sat Oct 21 17:11:39 2023 UTC (5 months, 1 week ago) by gdt
Branch: MAIN
Changes since 1.144: +2 -2 lines
Diff to previous 1.144 (colored) to selected 1.122 (colored)

recursive revbump for tiff update

Revision 1.144 / (download) - annotate - [select for diffs], Mon Sep 18 17:49:32 2023 UTC (6 months, 1 week ago) by osa
Branch: MAIN
CVS Tags: pkgsrc-2023Q3-base, pkgsrc-2023Q3
Changes since 1.143: +2 -2 lines
Diff to previous 1.143 (colored) to selected 1.122 (colored)

*/*: update NGINX JavaScript 0.8.0 -> 0.8.1

Bump PKGREVISION for www/nginx, www/nginx-devel, and www/unit.

<ChangeLog>

    nginx modules:

    *) Feature: introduced js_periodic directive.
        The directive specifies a JS handler to run at regular intervals.

    *) Feature: implemented items() method for a shared dictionary.
       The method returns all the non-expired key-value pairs.

    *) Bugfix: fixed size() and keys() methods of a shared dictionary.

    *) Bugfix: fixed erroneous exception in r.internalRedirect()
       introduced in 0.8.0.

    Core:

    *) Bugfix: fixed incorrect order of keys in
       Object.getOwnPropertyNames().

</ChangeLog>

Revision 1.143 / (download) - annotate - [select for diffs], Fri Sep 1 16:54:27 2023 UTC (6 months, 3 weeks ago) by osa
Branch: MAIN
Changes since 1.142: +2 -2 lines
Diff to previous 1.142 (colored) to selected 1.122 (colored)

www/nginx: update third-party lua module to v0.10.25

Bump PKGREVISION.

Revision 1.142 / (download) - annotate - [select for diffs], Thu Jul 20 15:02:52 2023 UTC (8 months, 1 week ago) by osa
Branch: MAIN
Changes since 1.141: +2 -2 lines
Diff to previous 1.141 (colored) to selected 1.122 (colored)

*/*: update NGINX JavaScript 0.7.12 -> 0.8.0

Bump PKGREVISION for www/nginx, www/nginx-devel, and www/unit.

<ChangeLog>

nginx modules:

*) Change: removed special treatment of forbidden headers in Fetch API
   introduced in 0.7.10.

*) Change: removed deprecated since 0.5.0 r.requestBody and
   r.responseBody in HTTP module.

*) Change: throwing an exception in r.internalRedirect() while
   filtering in HTTP module.

*) Feature: introduced global nginx properties.
    ngx.build - an optional nginx build name, corresponds to
    --build=name argument of configure script, by default is "".
    ngx.conf_file_path - the file path to current nginx configuration
        file.
    ngx.error_log_path - the file path to current error log file.
    ngx.prefix - the directory that keeps server files.
    ngx.version - the nginx version as a string, for example: "1.25.0".
    ngx.version_number - the nginx version as a number, for example:
        1025000.
    ngx.worker_id - corresponds to an nginx internal worker id.
       The value is between 0 and worker_processes - 1.

*) Feature: introduced js_shared_dict_zone directive.
    The directive allows to declare a dictionary that is shared among the
    working processes.

*) Improvement: added compile-time options to disable njs modules.
    For example to disable libxslt related code:
    NJS_LIBXSLT=NO ./configure  .. --add-module=/path/to/njs/module

*) Bugfix: fixed r.status setter when filtering in HTTP module.

*) Bugfix: fixed setting of Location header in HTTP module.

Core:

*) Change: native methods are provided with retval argument.
   This change breaks compatibility with C extension for njs
   requiring to modify the code.

*) Change: non-compliant deprecated String methods were removed.
    The following methods were removed: String.bytesFrom(),
    String.prototype.fromBytes(), String.prototype.fromUTF8(),
    String.prototype.toBytes(), String.prototype.toUTF8(),
    String.prototype.toString(encoding).

*) Change: removed support for building with GNU readline.

*) Feature: added Array.from(), Array.prototype.toSorted(),
    Array.prototype.toSpliced(), Array.prototype.toReversed().

*) Feature: added %TypedArray%.prototype.toSorted(),
    %TypedArray%.prototype.toSpliced(),
    %TypedArray%.prototype.toReversed().

*) Feature: added CryptoKey properties in WebCrypto.
    The following properties for CryptoKey were added:
    algorithm, extractable, type, usages.

*) Bugfix: fixed retval of crypto.getRandomValues().

*) Bugfix: fixed evaluation of computed property names with function
   expressions.

*) Bugfix: fixed implicit name for a function expression declared in
   arrays.

*) Bugfix: fixed parsing of for-in loops.

*) Bugfix: fixed Date.parse() with ISO-8601 format and UTC time
   offset.

</ChangeLog>

Revision 1.141 / (download) - annotate - [select for diffs], Thu Jul 6 09:42:18 2023 UTC (8 months, 3 weeks ago) by wiz
Branch: MAIN
Changes since 1.140: +2 -2 lines
Diff to previous 1.140 (colored) to selected 1.122 (colored)

*: recursive bump for perl 5.38

Revision 1.140 / (download) - annotate - [select for diffs], Mon May 22 11:39:04 2023 UTC (10 months, 1 week ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base, pkgsrc-2023Q2
Changes since 1.139: +2 -2 lines
Diff to previous 1.139 (colored) to selected 1.122 (colored)

*: recursive bump for libimagequant 4.x

Revision 1.139 / (download) - annotate - [select for diffs], Mon May 15 22:02:57 2023 UTC (10 months, 2 weeks ago) by osa
Branch: MAIN
Changes since 1.138: +2 -2 lines
Diff to previous 1.138 (colored) to selected 1.122 (colored)

www/nginx*: update third-party NDK module from 0.3.1 to 0.3.2

Bump PKGREVISIONs.

Revision 1.138 / (download) - annotate - [select for diffs], Mon Apr 24 16:34:38 2023 UTC (11 months ago) by osa
Branch: MAIN
Changes since 1.137: +2 -2 lines
Diff to previous 1.137 (colored) to selected 1.122 (colored)

www/nginx*: add third-party redis module

Bump PKGREVISIONs.

PR pkg/45322

Revision 1.137 / (download) - annotate - [select for diffs], Mon Apr 24 15:25:28 2023 UTC (11 months ago) by osa
Branch: MAIN
Changes since 1.136: +2 -2 lines
Diff to previous 1.136 (colored) to selected 1.122 (colored)

www/nginx*: remove needless patch

Bump PKGREVISIONs.

Revision 1.136 / (download) - annotate - [select for diffs], Wed Apr 19 08:11:49 2023 UTC (11 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.135: +2 -2 lines
Diff to previous 1.135 (colored) to selected 1.122 (colored)

revbump after textproc/icu update

Revision 1.135 / (download) - annotate - [select for diffs], Tue Apr 18 21:10:38 2023 UTC (11 months, 1 week ago) by osa
Branch: MAIN
Changes since 1.134: +2 -2 lines
Diff to previous 1.134 (colored) to selected 1.122 (colored)

www/nginx*: third-party modules management (+)

o) add sts, stream server traffic status module,
   https://github.com/vozlt/nginx-module-sts
o) add vts, virtual host traffic status module,
   https://github.com/vozlt/nginx-module-vts

Bump PKGREVISIONs.

Revision 1.134 / (download) - annotate - [select for diffs], Tue Apr 18 20:50:06 2023 UTC (11 months, 1 week ago) by osa
Branch: MAIN
Changes since 1.133: +7 -1 lines
Diff to previous 1.133 (colored) to selected 1.122 (colored)

www/nginx*: third-party modules management (+)

o) update nchan module 1.3.0 -> 1.3.6;
o) add gssapi (aka spnego) module.	(*)

Bump PKGREVISIONs.

PR pkg/57340				(*)

Revision 1.133 / (download) - annotate - [select for diffs], Tue Apr 18 18:41:59 2023 UTC (11 months, 1 week ago) by osa
Branch: MAIN
Changes since 1.132: +11 -4 lines
Diff to previous 1.132 (colored) to selected 1.122 (colored)

www/nginx*: update to the latest stable version - 1.24.0

The new stable version incorporating new features and bug fixes from
the 1.23.x mainline branch, including improved handling of multiple
header lines with identical names, memory usage optimization in
configurations with SSL proxying, better sanity checking of the
listen directive protocol parameters, TLSv1.3 protocol enabled by
default, automatic rotation of TLS session tickets encryption keys
when using shared memory in the ssl_session_cache directive, and more.

Syncronize www/nginx and www/nginx-devel ports, including:
o) merge recent versions of third-party modules from
   www/nginx-devel to www/nginx;
o) syncronize patches between www/nginx and www/nginx-devel;
o) syncronize MESSAGE;
o) remove needless patches;
o) move pcre2 support to the main Makefile, remove `pcre'
   option and devel/pcre support for the both whole ports,
   but keep it for the third-party `lua' module;
o) update naxsi third-party module to its recent commit.

Revision 1.132 / (download) - annotate - [select for diffs], Thu Apr 13 16:45:47 2023 UTC (11 months, 2 weeks ago) by osa
Branch: MAIN
Changes since 1.131: +2 -2 lines
Diff to previous 1.131 (colored) to selected 1.122 (colored)

*/*: update NGINX JavaScript 0.7.9 -> 0.7.12

Bump PKGREVISION for www/nginx and www/nginx-devel.

<ChangeLog>

Changes with njs 0.7.12                                       10 Apr 2023

nginx modules:

*) Bugfix: fixed Headers() constructor in Fetch API.

Core:

*) Feature: added Hash.copy() method in "crypto" module.

*) Feature: added "zlib" module.

*) Improvement: added support for export {name as default}
   statement.

*) Bugfix: fixed Number constructor according to the spec.

Changes with njs 0.7.11                                        9 Mar 2023
nginx modules:

*) Bugfix: added missed linking with libxml2 for the dynamic module.
   The bug was introduced in 0.7.10.

Core:

*) Feature: added XMLNode API to modify XML documents.

*) Change: removed XML_PARSE_DTDVALID during parsing of XML document
   due to security implications. The issue was introduced
   in 0.7.10. When XML_PARSE_DTDVALID is enabled, libxml2 parses and
   executes external entities present inside an XML document.

*) Bugfix: fixed the detection of await in arguments.

*) Bugfix: fixed Error() instance dumping when "name" prop is not
   primitive.

*) Bugfix: fixed array instance with a getter property dumping.

*) Bugfix: fixed njs_object_property() with NJS_WHITEOUT properties.

*) Bugfix: fixed func instance dumping with "name" as getter.

*) Bugfix: fixed attaching of a stack to an error object.

*) Bugfix: fixed String.prototype.replace() with replacement containing
   "$'", "$`".

Changes with njs 0.7.10                                        7 Feb 2023
nginx modules:

*) Feature: added Request, Response and Headers ctors in Fetch API.

*) Bugfix: fixed nginx logger callback for calls in master process.

Core:

*) Feature: added signal support in CLI.

*) Feature: added "xml" module for working with XML documents.

*) Feature: extended support for symmetric and asymmetric keys
   in WebCrypto. Most notably JWK format for importKey() was added.

*) Feature: extended support for symmetric and asymmetric keys
   in WebCrypto. Most notably JWK format for importKey() was added.
   generateKey() and exportKey() were also implemented.

*) Feature: added String.prototype.replaceAll().

*) Bugfix: fixed for(expr1; conditional syntax error handling.

*) Bugfix: fixed Object.values() and Object.entries() with external
   objects.

*) Bugfix: fixed RegExp.prototype[@@replace]().

</ChangeLog>

Revision 1.131 / (download) - annotate - [select for diffs], Wed Mar 29 08:35:10 2023 UTC (12 months ago) by adam
Branch: MAIN
Changes since 1.130: +2 -2 lines
Diff to previous 1.130 (colored) to selected 1.122 (colored)

nginx: lua module needs lua-resty-core and lua-resty-lrucache; sort PLIST; bump revision

Revision 1.130 / (download) - annotate - [select for diffs], Sun Jan 29 21:18:05 2023 UTC (13 months, 4 weeks ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base, pkgsrc-2023Q1
Changes since 1.129: +2 -2 lines
Diff to previous 1.129 (colored) to selected 1.122 (colored)

*: Recursive revbup from graphics/freetype2

Revision 1.129 / (download) - annotate - [select for diffs], Tue Jan 3 17:38:24 2023 UTC (14 months, 3 weeks ago) by wiz
Branch: MAIN
Changes since 1.128: +2 -2 lines
Diff to previous 1.128 (colored) to selected 1.122 (colored)

*: recursive bump for tiff shlib major bump

Revision 1.128 / (download) - annotate - [select for diffs], Wed Nov 23 16:21:21 2022 UTC (16 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base, pkgsrc-2022Q4
Changes since 1.127: +2 -2 lines
Diff to previous 1.127 (colored) to selected 1.122 (colored)

massive revision bump after textproc/icu update

Revision 1.127 / (download) - annotate - [select for diffs], Thu Nov 17 16:04:27 2022 UTC (16 months, 1 week ago) by osa
Branch: MAIN
Changes since 1.126: +2 -2 lines
Diff to previous 1.126 (colored) to selected 1.122 (colored)

*/*: update NGINX JavaScript 0.7.8 -> 0.7.9

Bump PKGREVISION for www/nginx and www/nginx-devel.

<ChangeLog>

nginx modules:

*) Bugfix: fixed Fetch Response prototype reinitialization.
   When at least one js_import directive was declared in both HTTP
   and Stream, ngx.fetch() returned inapproriate response in Stream.
   The bug was introduced in 0.7.7.

Core:

*) Bugfix: fixed String.prototype.replace(re) if re.exec() returns
   non-flat array.

*) Bugfix: fixed Array.prototype.fill() when start object changes
   "this".

*) Bugfix: fixed description for fs.mkdir() and fs.rmdir() methods.

*) Bugfix: fixed %TypedArray%.prototype.set(s) when s element changes
   "this".

*) Bugfix: fixed Array.prototype.splice(s, d) when d resizes "this"
   during evaluation.

*) Bugfix: fixed for-in loop with left and right hand side
   expressions.

</ChangeLog>

Revision 1.126 / (download) - annotate - [select for diffs], Tue Oct 25 16:35:46 2022 UTC (17 months ago) by osa
Branch: MAIN
Changes since 1.125: +2 -1 lines
Diff to previous 1.125 (colored) to selected 1.122 (colored)

*/*: update NGINX JavaScript 0.7.7 -> 0.7.8

Bump PKGREVISION for www/nginx and www/nginx-devel.

<ChangeLog>

nginx modules:

*) Feature: added js_preload_object directive.

*) Feature: added ngx.conf_prefix property.

*) Feature: added s.sendUpstream() and s.sendDownstream()
   in stream module.

*) Feature: added support for HEAD method in Fetch API.

*) Improvement: improved async callback support for s.send()
   in stream module.

Core:

*) Feature: added "name" instance property for a function
   object.

*) Feature: added njs.memoryStats object.

*) Bugfix: fixed String.prototype.trimEnd() with unicode
   string.

*) Bugfix: fixed Object.freeze() with fast arrays.

*) Bugfix: fixed Object.defineProperty() with fast arrays.

*) Bugfix: fixed async token as a property name of an object.

*) Bugfix: fixed property set instruction when key modifies
   base binding.

*) Bugfix: fixed complex assignments.

*) Bugfix: fixed handling of unhandled promise rejection.

*) Bugfix: fixed process.env when duplicate environ variables
   are present.

*) Bugfix: fixed double declaration detection in modules.

*) Bugfix: fixed bound function calls according to the spec.

*) Bugfix: fixed break label for if statement.

*) Bugfix: fixed labeled empty statements.

</ChangeLog>

Revision 1.125 / (download) - annotate - [select for diffs], Wed Oct 19 14:15:30 2022 UTC (17 months, 1 week ago) by osa
Branch: MAIN
Changes since 1.124: +2 -3 lines
Diff to previous 1.124 (colored) to selected 1.122 (colored)

www/nginx: security update 1.22.0 -> 1.22.1

<ChangeLog>

*) Security: processing of a specially crafted mp4 file by the
   ngx_http_mp4_module might cause a worker process crash, worker
   process memory disclosure, or might have potential other impact
   (CVE-2022-41741, CVE-2022-41742).

</ChangeLog>

Revision 1.124 / (download) - annotate - [select for diffs], Sun Sep 25 15:10:11 2022 UTC (18 months ago) by osa
Branch: MAIN
CVS Tags: pkgsrc-2022Q3-base, pkgsrc-2022Q3
Changes since 1.123: +2 -2 lines
Diff to previous 1.123 (colored) to selected 1.122 (colored)

www/nginx*: update third-party lua module 0.10.21 -> 0.10.22

ChangeLog:	https://github.com/openresty/lua-nginx-module/compare/v0.10.21...v0.10.22

Bump PKGREVISIONs.

Revision 1.123 / (download) - annotate - [select for diffs], Tue Aug 30 18:00:49 2022 UTC (18 months, 4 weeks ago) by osa
Branch: MAIN
Changes since 1.122: +2 -2 lines
Diff to previous 1.122 (colored)

*/*: update NGINX JavaScript 0.7.6 -> 0.7.7

Bump PKGREVISION for www/nginx and www/nginx-devel.

<ChangeLog>

nginx modules:

*) Feature: the number of nginx configuration contexts where
   js directives can be specified is extended.

   HTTP: js_import, js_path, js_set and js_var are allowed
   in server and location contexts. js_content, js_body_filter
   and js_header_filter are allowed in 'if' context.

   Stream: js_import, js_path, js_set and js_var are allowed
   in server context.

*) Feature: added r.internal property.

*) Bugfix: fixed reading response body in fetch API.

*) Bugfix: fixed "js_fetch_timeout" in stream module.

*) Bugfix: fixed socket leak with 0 fetch timeout.

Core:

*) Feature: extended "fs" module.  Added fs.openSync(),
   fs.promises.open(), fs.fstatSync(), fs.readSync(),
   fs.writeSync().

   The following properties of FileHandle are implemented:
   fd, read(), stat(), write(), close().

*) Bugfix: fixed parseInt(), parseFloat(), Symbol.for()
   with no arguments.

</ChangeLog>

Revision 1.122 / (download) - annotate - [selected], Tue Jul 19 18:09:44 2022 UTC (20 months, 1 week ago) by osa
Branch: MAIN
Changes since 1.121: +2 -2 lines
Diff to previous 1.121 (colored)

*/*: update NGINX JavaScript: 0.7.5 -> 0.7.6

Bump PKGREVISION for www/nginx.

<ChangeLog>

nginx modules:

*) Feature: improved r.args object. Added support for multiple
   arguments with the same key. Added case sensitivity for
   keys. Keys and values are percent-decoded now.

*) Bugfix: fixed r.headersOut setter for special headers.

Core:

*) Feature: added Symbol.for() and Symbol.keyfor().

*) Feature: added btoa() and atob() from WHATWG spec.

*) Bugfix: fixed large non-decimal literals.

*) Bugfix: fixed unicode argument trimming in parseInt().

*) Bugfix: fixed break instruction in a try-catch block.

*) Bugfix: fixed async function declaration in CLI.

</ChangeLog>

Revision 1.121 / (download) - annotate - [select for diffs], Fri Jul 15 00:41:45 2022 UTC (20 months, 2 weeks ago) by gutteridge
Branch: MAIN
Changes since 1.120: +3 -1 lines
Diff to previous 1.120 (colored) to selected 1.122 (colored)

nginx & nginx-devel: mark these packages conflict

Revision 1.120 / (download) - annotate - [select for diffs], Thu Jul 14 16:09:42 2022 UTC (20 months, 2 weeks ago) by osa
Branch: MAIN
Changes since 1.119: +2 -2 lines
Diff to previous 1.119 (colored) to selected 1.122 (colored)

www/nginx: update third-party modules:

o) http_push from 1.2.15 to 1.3.0, [1]
o) geoip2 from 3.3 to 3.4, [2]

References:
1. https://github.com/slact/nchan/compare/v1.2.15...v1.3.0
2. https://github.com/leev/ngx_http_geoip2_module/compare/3.3...3.4

Bump PKGREVISION.

Revision 1.119 / (download) - annotate - [select for diffs], Thu Jul 14 10:39:24 2022 UTC (20 months, 2 weeks ago) by osa
Branch: MAIN
Changes since 1.118: +2 -2 lines
Diff to previous 1.118 (colored) to selected 1.122 (colored)

www/nginx: update NGINX JavaScript module to 0.7.5

Fix PLIST for the third-party upload module.

Bump PKGREVISION.

Revision 1.118 / (download) - annotate - [select for diffs], Tue Jun 28 11:37:07 2022 UTC (21 months ago) by wiz
Branch: MAIN
Changes since 1.117: +2 -2 lines
Diff to previous 1.117 (colored) to selected 1.122 (colored)

*: recursive bump for perl 5.36

Revision 1.117 / (download) - annotate - [select for diffs], Wed May 25 13:57:02 2022 UTC (22 months ago) by osa
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base, pkgsrc-2022Q2
Changes since 1.116: +2 -1 lines
Diff to previous 1.116 (colored) to selected 1.122 (colored)

www/nginx*: cross merging

The third-party upload module has been add to www/nginx-devel.
Merge pcre/pcre2 functional from www/nginx-devel to www/nginx.

I'm going to review patches for the both ports.

Bump PKGREVISIONs.

Revision 1.116 / (download) - annotate - [select for diffs], Wed May 25 10:48:47 2022 UTC (22 months ago) by osa
Branch: MAIN
Changes since 1.115: +2 -3 lines
Diff to previous 1.115 (colored) to selected 1.122 (colored)

www/nginx: update to the recent stable version, 1.22.0

Also, update third-party modules:
o) http_push from 1.2.12 to 1.2.15
o) lua from 0.10.20 to 0.10.21
o) njs from 0.7.3 to 0.7.4

Revision 1.115 / (download) - annotate - [select for diffs], Tue May 10 18:08:52 2022 UTC (22 months, 2 weeks ago) by nia
Branch: MAIN
Changes since 1.114: +2 -2 lines
Diff to previous 1.114 (colored) to selected 1.122 (colored)

nginx*: Enable more options from the Triton builds that don't add any
more dependencies or distfiles.

Revision 1.114 / (download) - annotate - [select for diffs], Tue May 10 17:40:58 2022 UTC (22 months, 2 weeks ago) by nia
Branch: MAIN
Changes since 1.113: +2 -2 lines
Diff to previous 1.113 (colored) to selected 1.122 (colored)

nginx*: Enable http2 by default. Requested by various.

Revision 1.113 / (download) - annotate - [select for diffs], Mon Apr 18 19:12:18 2022 UTC (23 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.112: +2 -2 lines
Diff to previous 1.112 (colored) to selected 1.122 (colored)

revbump for textproc/icu update

Revision 1.112 / (download) - annotate - [select for diffs], Tue Apr 12 13:09:46 2022 UTC (23 months, 2 weeks ago) by osa
Branch: MAIN
Changes since 1.111: +2 -2 lines
Diff to previous 1.111 (colored) to selected 1.122 (colored)

www/nginx: update NGINX JavaScript module to 0.7.3

Bump PKGREVISION.

<ChangeLog>

Core:

*) Feature: added support of module resolution callback.
   This feature allows a host environment to control
   how imported modules are loaded.

*) Bugfix: fixed backtraces while traversing imported user
   modules.

*) Bugfix: fixed Array.prototype.concat() when "this" is a slow
   array.

*) Bugfix: fixed frame allocation from an awaited frame.

*) Bugfix: fixed allocation of large array literals.

*) Bugfix: fixed interpreter when "toString" conversion fails.

</ChangeLog>

Revision 1.111 / (download) - annotate - [select for diffs], Sat Mar 19 00:17:41 2022 UTC (2 years ago) by gutteridge
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base, pkgsrc-2022Q1
Changes since 1.110: +115 -3 lines
Diff to previous 1.110 (colored) to selected 1.122 (colored)

nginx: merge all into Makefile now this isn't shared

Revision 1.110 / (download) - annotate - [select for diffs], Thu Mar 17 02:37:49 2022 UTC (2 years ago) by osa
Branch: MAIN
Changes since 1.109: +2 -2 lines
Diff to previous 1.109 (colored) to selected 1.122 (colored)

www/nginx: remove needless --with-pcre-jit

The --with-pcre-jit configure option helps to build PCRE library with
JIT feature only, and it doesn't help when PCRE library is already
built without JIT support.

Bump PKGREVISION.

Revision 1.109 / (download) - annotate - [select for diffs], Mon Mar 14 02:49:09 2022 UTC (2 years ago) by osa
Branch: MAIN
Changes since 1.108: +2 -2 lines
Diff to previous 1.108 (colored) to selected 1.122 (colored)

www/nginx*: remove build and install of njs command line utility

The new and shiny lang/njs package will be added shortly.

Bump PKGREVISIONs.

Revision 1.108 / (download) - annotate - [select for diffs], Thu Mar 10 18:40:44 2022 UTC (2 years ago) by osa
Branch: MAIN
Changes since 1.107: +2 -2 lines
Diff to previous 1.107 (colored) to selected 1.122 (colored)

www/nginx*: build and install njs command line utility

Also, move NGINX JavaScript (njs) configure phase out of the NGINX build
phase.
Bump PKGREVISIONs.

Revision 1.107 / (download) - annotate - [select for diffs], Thu Mar 10 03:40:30 2022 UTC (2 years ago) by osa
Branch: MAIN
Changes since 1.106: +3 -3 lines
Diff to previous 1.106 (colored) to selected 1.122 (colored)

www/nginx*: implement dynamic modules build

It's possible now to build an additional module as a dynamic module.
Bump PKGREVISION.

While I'm here take over the maintainership for www/nginx (*).

Approved by:	joerg (*)

Revision 1.106 / (download) - annotate - [select for diffs], Wed Mar 9 18:48:17 2022 UTC (2 years ago) by osa
Branch: MAIN
Changes since 1.105: +2 -2 lines
Diff to previous 1.105 (colored) to selected 1.122 (colored)

www/nginx*: bump PKGREVISION after the third-party modules update

Discussed with:	gutteridge

Revision 1.105 / (download) - annotate - [select for diffs], Wed Dec 8 16:06:58 2021 UTC (2 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base, pkgsrc-2021Q4
Changes since 1.104: +2 -1 lines
Diff to previous 1.104 (colored) to selected 1.122 (colored)

revbump for icu and libffi

Revision 1.104 / (download) - annotate - [select for diffs], Tue Nov 23 21:58:49 2021 UTC (2 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.103: +2 -3 lines
Diff to previous 1.103 (colored) to selected 1.122 (colored)

nginx: update to 1.20.2.

Changes with nginx 1.20.2                                        16 Nov 2021

    *) Feature: OpenSSL 3.0 compatibility.

    *) Bugfix: SSL variables might be empty when used in logs; the bug had
       appeared in 1.19.5.

    *) Bugfix: keepalive connections with gRPC backends might not be closed
       after receiving a GOAWAY frame.

    *) Bugfix: backend SSL connections in the stream module might hang after
       an SSL handshake.

    *) Bugfix: SSL connections with gRPC backends might hang if select,
       poll, or /dev/poll methods were used.

    *) Bugfix: in the $content_length variable when using chunked transfer
       encoding.

    *) Bugfix: requests might hang when using HTTP/2 and the "aio_write"
       directive.

Revision 1.103 / (download) - annotate - [select for diffs], Mon Nov 8 01:02:01 2021 UTC (2 years, 4 months ago) by khorben
Branch: MAIN
Changes since 1.102: +2 -2 lines
Diff to previous 1.102 (colored) to selected 1.122 (colored)

nginx: let the RC script work unprivileged

This takes advantage of the introduction of the SYSCONFBASE variable.
Tested on NetBSD/amd64.

Bumps PKGREVISION.

Revision 1.102 / (download) - annotate - [select for diffs], Wed Sep 15 12:37:05 2021 UTC (2 years, 6 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base, pkgsrc-2021Q3
Changes since 1.101: +2 -1 lines
Diff to previous 1.101 (colored) to selected 1.122 (colored)

nginx: updated nchan module; bumped revision

1.2.10 (Aug. 25 2021)
 fix: Nchan could not be built without openssl due to hiredis dependency
      (introduced in v1.2.9)
 feature: allow no separator for http-raw-stream (thanks @sclem)

1.2.9 (Aug. 12 2021)
 feature: Redis cluster reconfiguration check timer,
      nchan_redis_cluster_check_interval setting
 fix: detect Redis cluster reconfiguration when publishing messages in "nostore" mode
 update: hiredis updated to v1.0.0
 fix: segfault on out-of-shared-memory condition for multiplexed publishers

Revision 1.101 / (download) - annotate - [select for diffs], Tue Jun 1 10:53:46 2021 UTC (2 years, 9 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base, pkgsrc-2021Q2
Changes since 1.100: +2 -3 lines
Diff to previous 1.100 (colored) to selected 1.122 (colored)

nginx: updated to 1.20.1

Changes with nginx 1.20.1

*) Security: 1-byte memory overwrite might occur during DNS server
   response processing if the "resolver" directive was used, allowing an
   attacker who is able to forge UDP packets from the DNS server to
   cause worker process crash or, potentially, arbitrary code execution
   (CVE-2021-23017).

nginx-rtmp-module v1.2.2:
Fixed segfaults.

Revision 1.100 / (download) - annotate - [select for diffs], Mon May 24 19:55:17 2021 UTC (2 years, 10 months ago) by wiz
Branch: MAIN
Changes since 1.99: +2 -1 lines
Diff to previous 1.99 (colored) to selected 1.122 (colored)

*: recursive bump for perl 5.34

Revision 1.99 / (download) - annotate - [select for diffs], Fri May 21 11:37:25 2021 UTC (2 years, 10 months ago) by adam
Branch: MAIN
Changes since 1.98: +2 -3 lines
Diff to previous 1.98 (colored) to selected 1.122 (colored)

nginx: updated to 1.20.0

Changes with nginx 1.20.0
*) 1.20.x stable branch.

Revision 1.98 / (download) - annotate - [select for diffs], Wed Apr 21 11:42:55 2021 UTC (2 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.97: +2 -2 lines
Diff to previous 1.97 (colored) to selected 1.122 (colored)

revbump for textproc/icu

Revision 1.97 / (download) - annotate - [select for diffs], Wed Dec 16 20:32:01 2020 UTC (3 years, 3 months ago) by otis
Branch: MAIN
CVS Tags: pkgsrc-2021Q1-base, pkgsrc-2021Q1, pkgsrc-2020Q4-base, pkgsrc-2020Q4
Changes since 1.96: +2 -2 lines
Diff to previous 1.96 (colored) to selected 1.122 (colored)

nginx: Update naxsi to 1.3

Changes for naxsi 1.3:
  - Fixed regression on FILE_EXT confusion
  - Documented id 19 and 20 to rules

Revision 1.96 / (download) - annotate - [select for diffs], Wed Dec 2 10:34:09 2020 UTC (3 years, 3 months ago) by otis
Branch: MAIN
Changes since 1.95: +2 -2 lines
Diff to previous 1.95 (colored) to selected 1.122 (colored)

nginx: Update njs module to 0.5.0.

Changelog:
* nginx modules:

    *) Feature: introduced global "ngx" object.
       The following methods were added:
         ngx.log(level, msg)

       The following properties were added:
         ngx.INFO,
         ngx.WARN,
         ngx.ERR.

    *) Feature: added support for Buffer object where string
       is expected.

    *) Feature: added Buffer version of existing properties.
       The following properties were added:
       r.requestBuffer (r.requestBody),
       r.responseBuffer (r.responseBody),
       r.rawVariables (r.variables),
       s.rawVariables (s.variables).

       The following events were added in stream module:
       upstream (upload),
       downstream (download).

    *) Improvement: added aliases to existing properties.
       The following properties were added:
       r.requestText (r.requestBody),
       r.responseText (r.responseBody).

    *) Improvement: throwing an exception in r.internalRedirect()
       for a subrequest.

    *) Bugfix: fixed promise r.subrequest() with error_page redirect.

    *) Bugfix: fixed promise events handling.

* Core:

    *) Feature: added TypeScript definitions for built-in
       modules.
       Thanks to Jakub Jirutka.

    *) Feature: tracking unhandled promise rejection.

    *) Feature: added initial iterator support.
       Thanks to Artem S. Povalyukhin.

    *) Improvement: TypeScript definitions are refactored.
       Thanks to Jakub Jirutka.

    *) Improvement: added forgotten support for
       Object.prototype.valueOf() in Buffer.from().

    *) Bugfix: fixed heap-use-after-free in JSON.parse().

    *) Bugfix: fixed heap-use-after-free in JSON.stringify().

    *) Bugfix: fixed JSON.stringify() for arrays resizable via
       getters.

    *) Bugfix: fixed heap-buffer-overflow for
       RegExp.prototype[Symbol.replace].

    *) Bugfix: fixed returned value for Buffer.prototype.write*
       functions.

    *) Bugfix: fixed querystring.stringify().
       Thanks to Artem S. Povalyukhin.

    *) Bugfix: fixed the catch handler for
       Promise.prototype.finally().

    *) Bugfix: fixed querystring.parse().

Revision 1.95 / (download) - annotate - [select for diffs], Wed Nov 25 11:40:06 2020 UTC (3 years, 4 months ago) by jperkin
Branch: MAIN
Changes since 1.94: +2 -1 lines
Diff to previous 1.94 (colored) to selected 1.122 (colored)

nginx*: Simplify and de-lint, no functional change.

Revision 1.94 / (download) - annotate - [select for diffs], Fri Nov 6 22:54:17 2020 UTC (3 years, 4 months ago) by otis
Branch: MAIN
Changes since 1.93: +2 -2 lines
Diff to previous 1.93 (colored) to selected 1.122 (colored)

nginx: Update LUA module to 0.10.19

Revision 1.93 / (download) - annotate - [select for diffs], Thu Nov 5 09:09:21 2020 UTC (3 years, 4 months ago) by ryoon
Branch: MAIN
Changes since 1.92: +2 -2 lines
Diff to previous 1.92 (colored) to selected 1.122 (colored)

*: Recursive revbump from textproc/icu-68.1

Revision 1.92 / (download) - annotate - [select for diffs], Wed Oct 28 20:24:29 2020 UTC (3 years, 5 months ago) by otis
Branch: MAIN
Changes since 1.91: +2 -2 lines
Diff to previous 1.91 (colored) to selected 1.122 (colored)

nginx: Bump PKGREVISION after modules upgrade

Revision 1.91 / (download) - annotate - [select for diffs], Tue Oct 6 12:04:30 2020 UTC (3 years, 5 months ago) by nils
Branch: MAIN
Changes since 1.90: +2 -2 lines
Diff to previous 1.90 (colored) to selected 1.122 (colored)

Updated naxsi module to version 1.1a.

Upstream changes since 0.56:
1.0:
* Parse body of PATCH requests
* Scientific notation in json
* Log clarification
* Fixed country code when geoip library fail to get geolocation or ip is private/local address
* Fixed issues to setup nxapi on ES5 and added country location on stats and generated whitelists
1.1:
* Fixed various compilation issues
* Fixed valid JSON blocked by Rule ID 15
* Fixed documentation
* Updated libinjection to 3.9.2
* Added Content-type: application/vnd.api+json
* Added JSON logging output for events
* Implemented Whitelist for IPs and CIDRs and support for IPv4 and IPv6
1.1a:
* Fixed 3 vulnerabilities related to the WAF.
* Fixed build on FreeBSD

Revision 1.90 / (download) - annotate - [select for diffs], Mon Aug 31 18:12:35 2020 UTC (3 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3
Changes since 1.89: +2 -2 lines
Diff to previous 1.89 (colored) to selected 1.122 (colored)

*: bump PKGREVISION for perl-5.32.

Revision 1.89 / (download) - annotate - [select for diffs], Mon Aug 17 20:20:22 2020 UTC (3 years, 7 months ago) by leot
Branch: MAIN
Changes since 1.88: +2 -1 lines
Diff to previous 1.88 (colored) to selected 1.122 (colored)

*: revbump after fontconfig bl3 changes (libuuid removal)

Revision 1.88 / (download) - annotate - [select for diffs], Mon Jun 1 06:18:51 2020 UTC (3 years, 9 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base, pkgsrc-2020Q2
Changes since 1.87: +2 -3 lines
Diff to previous 1.87 (colored) to selected 1.122 (colored)

nginx: updated to 1.18.0

Changes with nginx 1.18.0
*) 1.18.x stable branch.

Changes with nginx 1.17.10
*) Feature: the "auth_delay" directive.

Revision 1.87 / (download) - annotate - [select for diffs], Sun Jan 19 07:28:36 2020 UTC (4 years, 2 months ago) by kim
Branch: MAIN
CVS Tags: pkgsrc-2020Q1-base, pkgsrc-2020Q1
Changes since 1.86: +2 -2 lines
Diff to previous 1.86 (colored) to selected 1.122 (colored)

Add patch from upstream to address CVE-2019-20372. Bump revision.

Revision 1.86 / (download) - annotate - [select for diffs], Sat Jan 18 21:51:09 2020 UTC (4 years, 2 months ago) by jperkin
Branch: MAIN
Changes since 1.85: +2 -1 lines
Diff to previous 1.85 (colored) to selected 1.122 (colored)

*: Recursive revision bump for openssl 1.1.1.

Revision 1.85 / (download) - annotate - [select for diffs], Thu Aug 15 08:06:29 2019 UTC (4 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3
Changes since 1.84: +2 -3 lines
Diff to previous 1.84 (colored) to selected 1.122 (colored)

nginx: updated to 1.16.1

Changes with nginx 1.16.1

    *) Security: when using HTTP/2 a client might cause excessive memory
       consumption and CPU usage (CVE-2019-9511, CVE-2019-9513,
       CVE-2019-9516).

Revision 1.84 / (download) - annotate - [select for diffs], Sun Aug 11 13:24:22 2019 UTC (4 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.83: +2 -1 lines
Diff to previous 1.83 (colored) to selected 1.122 (colored)

Bump PKGREVISIONs for perl 5.30.0

Revision 1.83 / (download) - annotate - [select for diffs], Mon May 6 09:38:48 2019 UTC (4 years, 10 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base, pkgsrc-2019Q2
Changes since 1.82: +2 -3 lines
Diff to previous 1.82 (colored) to selected 1.122 (colored)

nginx: updated to 1.16.0

Changes with nginx 1.16.0                                        23 Apr 2019

    *) 1.16.x stable branch.


Changes with nginx 1.15.12                                       16 Apr 2019

    *) Bugfix: a segmentation fault might occur in a worker process if
       variables were used in the "ssl_certificate" or "ssl_certificate_key"
       directives and OCSP stapling was enabled.


Changes with nginx 1.15.11                                       09 Apr 2019

    *) Bugfix: in the "ssl_stapling_file" directive on Windows.


Changes with nginx 1.15.10                                       26 Mar 2019

    *) Change: when using a hostname in the "listen" directive nginx now
       creates listening sockets for all addresses the hostname resolves to
       (previously, only the first address was used).

    *) Feature: port ranges in the "listen" directive.

    *) Feature: loading of SSL certificates and secret keys from variables.

    *) Workaround: the $ssl_server_name variable might be empty when using
       OpenSSL 1.1.1.

    *) Bugfix: nginx/Windows could not be built with Visual Studio 2015 or
       newer; the bug had appeared in 1.15.9.


Changes with nginx 1.15.9                                        26 Feb 2019

    *) Feature: variables support in the "ssl_certificate" and
       "ssl_certificate_key" directives.

    *) Feature: the "poll" method is now available on Windows when using
       Windows Vista or newer.

    *) Bugfix: if the "select" method was used on Windows and an error
       occurred while establishing a backend connection, nginx waited for
       the connection establishment timeout to expire.

    *) Bugfix: the "proxy_upload_rate" and "proxy_download_rate" directives
       in the stream module worked incorrectly when proxying UDP datagrams.


Changes with nginx 1.15.8                                        25 Dec 2018

    *) Feature: the $upstream_bytes_sent variable.
       Thanks to Piotr Sikora.

    *) Feature: new directives in vim syntax highlighting scripts.
       Thanks to Gena Makhomed.

    *) Bugfix: in the "proxy_cache_background_update" directive.

    *) Bugfix: in the "geo" directive when using unix domain listen sockets.

    *) Workaround: the "ignoring stale global SSL error ... bad length"
       alerts might appear in logs when using the "ssl_early_data" directive
       with OpenSSL.

    *) Bugfix: in nginx/Windows.

    *) Bugfix: in the ngx_http_autoindex_module on 32-bit platforms.


Changes with nginx 1.15.7                                        27 Nov 2018

    *) Feature: the "proxy_requests" directive in the stream module.

    *) Feature: the "delay" parameter of the "limit_req" directive.
       Thanks to Vladislav Shabanov and Peter Shchuchkin.

    *) Bugfix: memory leak on errors during reconfiguration.

    *) Bugfix: in the $upstream_response_time, $upstream_connect_time, and
       $upstream_header_time variables.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_mp4_module was used on 32-bit platforms.


Changes with nginx 1.15.6                                        06 Nov 2018

    *) Security: when using HTTP/2 a client might cause excessive memory
       consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).

    *) Security: processing of a specially crafted mp4 file with the
       ngx_http_mp4_module might result in worker process memory disclosure
       (CVE-2018-16845).

    *) Feature: the "proxy_socket_keepalive", "fastcgi_socket_keepalive",
       "grpc_socket_keepalive", "memcached_socket_keepalive",
       "scgi_socket_keepalive", and "uwsgi_socket_keepalive" directives.

    *) Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL
       1.1.1, the TLS 1.3 protocol was always enabled.

    *) Bugfix: working with gRPC backends might result in excessive memory
       consumption.


Changes with nginx 1.15.5                                        02 Oct 2018

    *) Bugfix: a segmentation fault might occur in a worker process when
       using OpenSSL 1.1.0h or newer; the bug had appeared in 1.15.4.

    *) Bugfix: of minor potential bugs.


Changes with nginx 1.15.4                                        25 Sep 2018

    *) Feature: now the "ssl_early_data" directive can be used with OpenSSL.

    *) Bugfix: in the ngx_http_uwsgi_module.
       Thanks to Chris Caputo.

    *) Bugfix: connections with some gRPC backends might not be cached when
       using the "keepalive" directive.

    *) Bugfix: a socket leak might occur when using the "error_page"
       directive to redirect early request processing errors, notably errors
       with code 400.

    *) Bugfix: the "return" directive did not change the response code when
       returning errors if the request was redirected by the "error_page"
       directive.

    *) Bugfix: standard error pages and responses of the
       ngx_http_autoindex_module module used the "bgcolor" attribute, and
       might be displayed incorrectly when using custom color settings in
       browsers.
       Thanks to Nova DasSarma.

    *) Change: the logging level of the "no suitable key share" and "no
       suitable signature algorithm" SSL errors has been lowered from "crit"
       to "info".


Changes with nginx 1.15.3                                        28 Aug 2018

    *) Feature: now TLSv1.3 can be used with BoringSSL.

    *) Feature: the "ssl_early_data" directive, currently available with
       BoringSSL.

    *) Feature: the "keepalive_timeout" and "keepalive_requests" directives
       in the "upstream" block.

    *) Bugfix: the ngx_http_dav_module did not truncate destination file
       when copying a file over an existing one with the COPY method.

    *) Bugfix: the ngx_http_dav_module used zero access rights on the
       destination file and did not preserve file modification time when
       moving a file between different file systems with the MOVE method.

    *) Bugfix: the ngx_http_dav_module used default access rights when
       copying a file with the COPY method.

    *) Workaround: some clients might not work when using HTTP/2; the bug
       had appeared in 1.13.5.

    *) Bugfix: nginx could not be built with LibreSSL 2.8.0.


Changes with nginx 1.15.2                                        24 Jul 2018

    *) Feature: the $ssl_preread_protocol variable in the
       ngx_stream_ssl_preread_module.

    *) Feature: now when using the "reset_timedout_connection" directive
       nginx will reset connections being closed with the 444 code.

    *) Change: a logging level of the "http request", "https proxy request",
       "unsupported protocol", and "version too low" SSL errors has been
       lowered from "crit" to "info".

    *) Bugfix: DNS requests were not resent if initial sending of a request
       failed.

    *) Bugfix: the "reuseport" parameter of the "listen" directive was
       ignored if the number of worker processes was specified after the
       "listen" directive.

    *) Bugfix: when using OpenSSL 1.1.0 or newer it was not possible to
       switch off "ssl_prefer_server_ciphers" in a virtual server if it was
       switched on in the default server.

    *) Bugfix: SSL session reuse with upstream servers did not work with the
       TLS 1.3 protocol.


Changes with nginx 1.15.1                                        03 Jul 2018

    *) Feature: the "random" directive inside the "upstream" block.

    *) Feature: improved performance when using the "hash" and "ip_hash"
       directives with the "zone" directive.

    *) Feature: the "reuseport" parameter of the "listen" directive now uses
       SO_REUSEPORT_LB on FreeBSD 12.

    *) Bugfix: HTTP/2 server push did not work if SSL was terminated by a
       proxy server in front of nginx.

    *) Bugfix: the "tcp_nopush" directive was always used on backend
       connections.

    *) Bugfix: sending a disk-buffered request body to a gRPC backend might
       fail.


Changes with nginx 1.15.0                                        05 Jun 2018

    *) Change: the "ssl" directive is deprecated; the "ssl" parameter of the
       "listen" directive should be used instead.

    *) Change: now nginx detects missing SSL certificates during
       configuration testing when using the "ssl" parameter of the "listen"
       directive.

    *) Feature: now the stream module can handle multiple incoming UDP
       datagrams from a client within a single session.

    *) Bugfix: it was possible to specify an incorrect response code in the
       "proxy_cache_valid" directive.

    *) Bugfix: nginx could not be built by gcc 8.1.

    *) Bugfix: logging to syslog stopped on local IP address changes.

    *) Bugfix: nginx could not be built by clang with CUDA SDK installed;
       the bug had appeared in 1.13.8.

    *) Bugfix: "getsockopt(TCP_FASTOPEN) ... failed" messages might appear
       in logs during binary upgrade when using unix domain listen sockets
       on FreeBSD.

    *) Bugfix: nginx could not be built on Fedora 28 Linux.

    *) Bugfix: request processing rate might exceed configured rate when
       using the "limit_req" directive.

    *) Bugfix: in handling of client addresses when using unix domain listen
       sockets to work with datagrams on Linux.

    *) Bugfix: in memory allocation error handling.

Revision 1.82 / (download) - annotate - [select for diffs], Wed Mar 27 06:45:13 2019 UTC (5 years ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base, pkgsrc-2019Q1
Changes since 1.81: +2 -1 lines
Diff to previous 1.81 (colored) to selected 1.122 (colored)

nginx-devel: updated to 1.5.10

Changes with nginx 1.15.10:
*) Change: when using a hostname in the "listen" directive nginx now
   creates listening sockets for all addresses the hostname resolves to
   (previously, only the first address was used).
*) Feature: port ranges in the "listen" directive.
*) Feature: loading of SSL certificates and secret keys from variables.
*) Workaround: the $ssl_server_name variable might be empty when using
   OpenSSL 1.1.1.
*) Bugfix: nginx/Windows could not be built with Visual Studio 2015 or
   newer; the bug had appeared in 1.15.9.

nginx-nchan:
1.2.5:
 fix: using multiplexed channels with Redis in backup mode may result in worker crash
 fix: nchan_publisher_channel_id could not be set exclusively in a publisher location
 fix: Google pagespeed module compatibility
 fix: nchan prevents nginx from starting if no http {} block is configured
1.2.4:
 fix: Redis cluster info with zero-length hostname may result in worker crash
 fix: build problems with included hiredis lib in FreeBSD
 feature: nchan_redis_namespace and nchan_redis_ping_interval now work in upstream blocks
 fix: websocket publisher did not publishing channel events
 fix: Redis namespace was limited to 8 bytes

Revision 1.81 / (download) - annotate - [select for diffs], Sat Dec 15 23:34:27 2018 UTC (5 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base, pkgsrc-2018Q4
Changes since 1.80: +2 -2 lines
Diff to previous 1.80 (colored) to selected 1.122 (colored)

nginx: updated to 1.14.2

Changes with nginx 1.14.2
*) Bugfix: nginx could not be built by gcc 8.1.
*) Bugfix: nginx could not be built on Fedora 28 Linux.
*) Bugfix: in handling of client addresses when using unix domain listen
   sockets to work with datagrams on Linux.
*) Change: the logging level of the "http request", "https proxy
   request", "unsupported protocol", "version too low", "no suitable key
   share", and "no suitable signature algorithm" SSL errors has been
   lowered from "crit" to "info".
*) Bugfix: when using OpenSSL 1.1.0 or newer it was not possible to
   switch off "ssl_prefer_server_ciphers" in a virtual server if it was
   switched on in the default server.
*) Bugfix: nginx could not be built with LibreSSL 2.8.0.
*) Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL
   1.1.1, the TLS 1.3 protocol was always enabled.
*) Bugfix: sending a disk-buffered request body to a gRPC backend might
   fail.
*) Bugfix: connections with some gRPC backends might not be cached when
   using the "keepalive" directive.
*) Bugfix: a segmentation fault might occur in a worker process if the
   ngx_http_mp4_module was used on 32-bit platforms.

Revision 1.79.2.1 / (download) - annotate - [select for diffs], Wed Dec 12 06:54:14 2018 UTC (5 years, 3 months ago) by spz
Branch: pkgsrc-2018Q3
Changes since 1.79: +2 -3 lines
Diff to previous 1.79 (colored) next main 1.80 (colored) to selected 1.122 (colored)

Pullup ticket #5884 - requested by nia
www/nginx: security update

Revisions pulled up:
- www/nginx/Makefile                                            1.80
- www/nginx/distinfo                                            1.65
- www/nginx/options.mk                                          1.48

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	nia
   Date:		Fri Nov 16 00:26:19 UTC 2018

   Modified Files:
   	pkgsrc/www/nginx: Makefile distinfo options.mk

   Log Message:
   www/nginx: Update to nginx-1.14.1

   Changes with nginx 1.14.1                                        06 Nov 2018

       *) Security: when using HTTP/2 a client might cause excessive memory
          consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).

       *) Security: processing of a specially crafted mp4 file with the
          ngx_http_mp4_module might result in worker process memory disclosure
          (CVE-2018-16845).

       *) Bugfix: working with gRPC backends might result in excessive memory
          consumption.


   To generate a diff of this commit:
   cvs rdiff -u -r1.79 -r1.80 pkgsrc/www/nginx/Makefile
   cvs rdiff -u -r1.64 -r1.65 pkgsrc/www/nginx/distinfo
   cvs rdiff -u -r1.47 -r1.48 pkgsrc/www/nginx/options.mk

Revision 1.80 / (download) - annotate - [select for diffs], Fri Nov 16 00:26:19 2018 UTC (5 years, 4 months ago) by nia
Branch: MAIN
Changes since 1.79: +2 -3 lines
Diff to previous 1.79 (colored) to selected 1.122 (colored)

www/nginx: Update to nginx-1.14.1

Changes with nginx 1.14.1                                        06 Nov 2018

    *) Security: when using HTTP/2 a client might cause excessive memory
       consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).

    *) Security: processing of a specially crafted mp4 file with the
       ngx_http_mp4_module might result in worker process memory disclosure
       (CVE-2018-16845).

    *) Bugfix: working with gRPC backends might result in excessive memory
       consumption.

Revision 1.79 / (download) - annotate - [select for diffs], Fri Aug 24 18:27:07 2018 UTC (5 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base
Branch point for: pkgsrc-2018Q3
Changes since 1.78: +3 -2 lines
Diff to previous 1.78 (colored) to selected 1.122 (colored)

nginx-devel: updated to 1.15.2

Changes with nginx 1.15.2:
*) Feature: the $ssl_preread_protocol variable in the
   ngx_stream_ssl_preread_module.
*) Feature: now when using the "reset_timedout_connection" directive
   nginx will reset connections being closed with the 444 code.
*) Change: a logging level of the "http request", "https proxy request",
   "unsupported protocol", and "version too low" SSL errors has been
   lowered from "crit" to "info".
*) Bugfix: DNS requests were not resent if initial sending of a request
   failed.
*) Bugfix: the "reuseport" parameter of the "listen" directive was
   ignored if the number of worker processes was specified after the
   "listen" directive.
*) Bugfix: when using OpenSSL 1.1.0 or newer it was not possible to
   switch off "ssl_prefer_server_ciphers" in a virtual server if it was
   switched on in the default server.
*) Bugfix: SSL session reuse with upstream servers did not work with the
   TLS 1.3 protocol.

Changes with nginx 1.15.1:
*) Feature: the "random" directive inside the "upstream" block.
*) Feature: improved performance when using the "hash" and "ip_hash"
   directives with the "zone" directive.
*) Feature: the "reuseport" parameter of the "listen" directive now uses
   SO_REUSEPORT_LB on FreeBSD 12.
*) Bugfix: HTTP/2 server push did not work if SSL was terminated by a
   proxy server in front of nginx.
*) Bugfix: the "tcp_nopush" directive was always used on backend
   connections.
*) Bugfix: sending a disk-buffered request body to a gRPC backend might
   fail.

Changes with nginx 1.15.0:
*) Change: the "ssl" directive is deprecated; the "ssl" parameter of the
   "listen" directive should be used instead.
*) Change: now nginx detects missing SSL certificates during
   configuration testing when using the "ssl" parameter of the "listen"
   directive.
*) Feature: now the stream module can handle multiple incoming UDP
   datagrams from a client within a single session.
*) Bugfix: it was possible to specify an incorrect response code in the
   "proxy_cache_valid" directive.
*) Bugfix: nginx could not be built by gcc 8.1.
*) Bugfix: logging to syslog stopped on local IP address changes.
*) Bugfix: nginx could not be built by clang with CUDA SDK installed;
   the bug had appeared in 1.13.8.
*) Bugfix: "getsockopt(TCP_FASTOPEN) ... failed" messages might appear
   in logs during binary upgrade when using unix domain listen sockets
   on FreeBSD.
*) Bugfix: nginx could not be built on Fedora 28 Linux.
*) Bugfix: request processing rate might exceed configured rate when
   using the "limit_req" directive.
*) Bugfix: in handling of client addresses when using unix domain listen
   sockets to work with datagrams on Linux.
*) Bugfix: in memory allocation error handling.

Revision 1.78 / (download) - annotate - [select for diffs], Wed Aug 22 09:47:26 2018 UTC (5 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.77: +2 -1 lines
Diff to previous 1.77 (colored) to selected 1.122 (colored)

Recursive bump for perl5-5.28.0

Revision 1.77 / (download) - annotate - [select for diffs], Wed May 16 07:45:58 2018 UTC (5 years, 10 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base, pkgsrc-2018Q2
Changes since 1.76: +2 -3 lines
Diff to previous 1.76 (colored) to selected 1.122 (colored)

nginx: updated to 1.14.0

nginx-1.14.0 stable version has been released, incorporating new features and bug fixes from the 1.13.x mainline branch - including the mirror module, HTTP/2 push, the gRPC proxy module, and more.

Revision 1.76 / (download) - annotate - [select for diffs], Thu Apr 12 06:48:25 2018 UTC (5 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.75: +2 -2 lines
Diff to previous 1.75 (colored) to selected 1.122 (colored)

nginx: updated optional modules: luajit, encrypted-session, headers-more, push, rtmp

Revision 1.75 / (download) - annotate - [select for diffs], Mon Mar 12 11:17:47 2018 UTC (6 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base, pkgsrc-2018Q1
Changes since 1.74: +2 -1 lines
Diff to previous 1.74 (colored) to selected 1.122 (colored)

Recursive bumps for fontconfig and libzip dependency changes.

Revision 1.74 / (download) - annotate - [select for diffs], Sat Oct 28 10:57:29 2017 UTC (6 years, 5 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base, pkgsrc-2017Q4
Changes since 1.73: +3 -3 lines
Diff to previous 1.73 (colored) to selected 1.122 (colored)

nginx: updated to 1.12.2

Changes with nginx 1.12.2:

*) Bugfix: client SSL connections were immediately closed if deferred
   accept and the "proxy_protocol" parameter of the "listen" directive
   were used.

*) Bugfix: client connections might be dropped during configuration
   testing when using the "reuseport" parameter of the "listen"
   directive on Linux.

*) Bugfix: incorrect response length was returned on 32-bit platforms
   when requesting more than 4 gigabytes with multiple ranges.

*) Bugfix: switching to the next upstream server in the stream module
   did not work when using the "ssl_preread" directive.

*) Bugfix: when using HTTP/2 client request body might be corrupted.

*) Bugfix: in handling of client addresses when using unix domain
   sockets.

Revision 1.73 / (download) - annotate - [select for diffs], Sun Jul 23 21:08:18 2017 UTC (6 years, 8 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base, pkgsrc-2017Q3
Changes since 1.72: +2 -3 lines
Diff to previous 1.72 (colored) to selected 1.122 (colored)

Changes with nginx 1.12.1
 *) Security: a specially crafted request might result in an integer
    overflow and incorrect processing of ranges in the range filter,
    potentially resulting in sensitive information leak (CVE-2017-7529).
PkgSrc:
 *) Updated external modules
 *) Added RTMP module (Media Streaming Server)

Revision 1.72 / (download) - annotate - [select for diffs], Thu Jun 29 12:20:05 2017 UTC (6 years, 9 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.71: +2 -2 lines
Diff to previous 1.71 (colored) to selected 1.122 (colored)

Install processed rather than template nginx man page. PKGREVISION++
Fixes joyent/pkgsrc/issues/515

Revision 1.71 / (download) - annotate - [select for diffs], Mon Jun 5 14:25:07 2017 UTC (6 years, 9 months ago) by ryoon
Branch: MAIN
Changes since 1.70: +2 -1 lines
Diff to previous 1.70 (colored) to selected 1.122 (colored)

Recursive revbump from lang/perl5 5.26.0

Revision 1.70 / (download) - annotate - [select for diffs], Tue May 2 12:28:31 2017 UTC (6 years, 10 months ago) by fhajny
Branch: MAIN
Changes since 1.69: +2 -3 lines
Diff to previous 1.69 (colored) to selected 1.122 (colored)

* Update www/nginx to 1.12.0.
* Update naxsi to 0.55.3.

Approximate changelog since nginx 1.10.3 follows.

Changes with nginx 1.12.0                                        12 Apr 2017
- 1.12.x stable branch.

Changes with nginx 1.11.13                                       04 Apr 2017
- Feature: the "http_429" parameter of the "proxy_next_upstream",
  "fastcgi_next_upstream", "scgi_next_upstream", and
  "uwsgi_next_upstream" directives.
  Thanks to Piotr Sikora.
- Bugfix: in memory allocation error handling.
- Bugfix: requests might hang when using the "sendfile" and
  "timer_resolution" directives on Linux.
- Bugfix: requests might hang when using the "sendfile" and "aio_write"
  directives with subrequests.
- Bugfix: in the ngx_http_v2_module.
  Thanks to Piotr Sikora.
- Bugfix: a segmentation fault might occur in a worker process when
  using HTTP/2.
- Bugfix: requests might hang when using the "limit_rate",
  "sendfile_max_chunk", "limit_req" directives, or the $r->sleep()
  embedded perl method with subrequests.
- Bugfix: in the ngx_http_slice_module.


Changes with nginx 1.11.12                                       24 Mar 2017
- Bugfix: nginx might hog CPU; the bug had appeared in 1.11.11.


Changes with nginx 1.11.11                                       21 Mar 2017
- Feature: the "worker_shutdown_timeout" directive.
- Feature: vim syntax highlighting scripts improvements.
  Thanks to Wei-Ko Kao.
- Bugfix: a segmentation fault might occur in a worker process if the
  $limit_rate variable was set to an empty string.
- Bugfix: the "proxy_cache_background_update",
  "fastcgi_cache_background_update", "scgi_cache_background_update",
  and "uwsgi_cache_background_update" directives might work incorrectly
  if the "if" directive was used.
- Bugfix: a segmentation fault might occur in a worker process if
  number of large_client_header_buffers in a virtual server was
  different from the one in the default server.
- Bugfix: in the mail proxy server.


Changes with nginx 1.11.10                                       14 Feb 2017
- Change: cache header format has been changed, previously cached
  responses will be invalidated.
- Feature: support of "stale-while-revalidate" and "stale-if-error"
  extensions in the "Cache-Control" backend response header line.
- Feature: the "proxy_cache_background_update",
  "fastcgi_cache_background_update", "scgi_cache_background_update",
  and "uwsgi_cache_background_update" directives.
- Feature: nginx is now able to cache responses with the "Vary" header
  line up to 128 characters long (instead of 42 characters in previous
  versions).
- Feature: the "build" parameter of the "server_tokens" directive.
  Thanks to Tom Thorogood.
- Bugfix: "[crit] SSL_write() failed" messages might appear in logs
  when handling requests with the "Expect: 100-continue" request header
  line.
- Bugfix: the ngx_http_slice_module did not work in named locations.
- Bugfix: a segmentation fault might occur in a worker process when
  using AIO after an "X-Accel-Redirect" redirection.
- Bugfix: reduced memory consumption for long-lived requests using
  gzipping.


Changes with nginx 1.11.9                                        24 Jan 2017
- Bugfix: nginx might hog CPU when using the stream module; the bug had
  appeared in 1.11.5.
- Bugfix: EXTERNAL authentication mechanism in mail proxy was accepted
  even if it was not enabled in the configuration.
- Bugfix: a segmentation fault might occur in a worker process if the
  "ssl_verify_client" directive of the stream module was used.
- Bugfix: the "ssl_verify_client" directive of the stream module might
  not work.
- Bugfix: closing keepalive connections due to no free worker
  connections might be too aggressive.
  Thanks to Joel Cunningham.
- Bugfix: an incorrect response might be returned when using the
  "sendfile" directive on FreeBSD and macOS; the bug had appeared in
  1.7.8.
- Bugfix: a truncated response might be stored in cache when using the
  "aio_write" directive.
- Bugfix: a socket leak might occur when using the "aio_write"
  directive.


Changes with nginx 1.11.8                                        27 Dec 2016
- Feature: the "absolute_redirect" directive.
- Feature: the "escape" parameter of the "log_format" directive.
- Feature: client SSL certificates verification in the stream module.
- Feature: the "ssl_session_ticket_key" directive supports AES256
  encryption of TLS session tickets when used with 80-byte keys.
- Feature: vim-commentary support in vim scripts.
  Thanks to Armin Grodon.
- Bugfix: recursion when evaluating variables was not limited.
- Bugfix: in the ngx_stream_ssl_preread_module.
- Bugfix: if a server in an upstream in the stream module failed, it
  was considered alive only when a test connection sent to it after
  fail_timeout was closed; now a successfully established connection is
  enough.
- Bugfix: nginx/Windows could not be built with 64-bit Visual Studio.
- Bugfix: nginx/Windows could not be built with OpenSSL 1.1.0.


Changes with nginx 1.11.7                                        13 Dec 2016

- Change: now in case of a client certificate verification error the
  $ssl_client_verify variable contains a string with the failure
  reason, for example, "FAILED:certificate has expired".
- Feature: the $ssl_ciphers, $ssl_curves, $ssl_client_v_start,
  $ssl_client_v_end, and $ssl_client_v_remain variables.
- Feature: the "volatile" parameter of the "map" directive.
- Bugfix: dependencies specified for a module were ignored while
  building dynamic modules.
- Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
  directives client request body might be corrupted; the bug had
  appeared in 1.11.0.
- Bugfix: a segmentation fault might occur in a worker process when
  using HTTP/2; the bug had appeared in 1.11.3.
- Bugfix: in the ngx_http_mp4_module.
  Thanks to Congcong Hu.
- Bugfix: in the ngx_http_perl_module.

Revision 1.69 / (download) - annotate - [select for diffs], Tue Feb 28 15:20:11 2017 UTC (7 years, 1 month ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base, pkgsrc-2017Q1
Changes since 1.68: +2 -1 lines
Diff to previous 1.68 (colored) to selected 1.122 (colored)

Recursive revbump from graphics/libwebp

Revision 1.68 / (download) - annotate - [select for diffs], Tue Feb 14 10:12:35 2017 UTC (7 years, 1 month ago) by fhajny
Branch: MAIN
Changes since 1.67: +2 -3 lines
Diff to previous 1.67 (colored) to selected 1.122 (colored)

Update www/nginx to 1.10.3.

Changes with nginx 1.10.3                                        31 Jan 2017

    *) Bugfix: in the "add_after_body" directive when used with the
       "sub_filter" directive.

    *) Bugfix: unix domain listen sockets might not be inherited during
       binary upgrade on Linux.

    *) Bugfix: graceful shutdown of old worker processes might require
       infinite time when using HTTP/2.

    *) Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
       directives client request body might be corrupted; the bug had
       appeared in 1.10.2.

    *) Bugfix: a segmentation fault might occur in a worker process when
       using HTTP/2; the bug had appeared in 1.10.2.

    *) Bugfix: an incorrect response might be returned when using the
       "sendfile" directive on FreeBSD and macOS; the bug had appeared in
       1.7.8.

    *) Bugfix: a truncated response might be stored in cache when using the
       "aio_write" directive.

    *) Bugfix: a socket leak might occur when using the "aio_write"
       directive.


Changes with nginx 1.10.2                                        18 Oct 2016

    *) Change: the "421 Misdirected Request" response now used when
       rejecting requests to a virtual server different from one negotiated
       during an SSL handshake; this improves interoperability with some
       HTTP/2 clients when using client certificates.

    *) Change: HTTP/2 clients can now start sending request body
       immediately; the "http2_body_preread_size" directive controls size of
       the buffer used before nginx will start reading client request body.

    *) Bugfix: a segmentation fault might occur in a worker process when
       using HTTP/2 and the "proxy_request_buffering" directive.

    *) Bugfix: the "Content-Length" request header line was always added to
       requests passed to backends, including requests without body, when
       using HTTP/2.

    *) Bugfix: "http request count is zero" alerts might appear in logs when
       using HTTP/2.

    *) Bugfix: unnecessary buffering might occur when using the "sub_filter"
       directive; the issue had appeared in 1.9.4.

    *) Bugfix: socket leak when using HTTP/2.

    *) Bugfix: an incorrect response might be returned when using the "aio
       threads" and "sendfile" directives; the bug had appeared in 1.9.13.

    *) Workaround: OpenSSL 1.1.0 compatibility.

Revision 1.67 / (download) - annotate - [select for diffs], Wed Aug 3 10:23:32 2016 UTC (7 years, 7 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base, pkgsrc-2016Q4, pkgsrc-2016Q3-base, pkgsrc-2016Q3
Changes since 1.66: +2 -1 lines
Diff to previous 1.66 (colored) to selected 1.122 (colored)

Revbump after graphics/gd update

Revision 1.66 / (download) - annotate - [select for diffs], Wed Jun 15 14:49:11 2016 UTC (7 years, 9 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2016Q2-base, pkgsrc-2016Q2
Changes since 1.65: +2 -3 lines
Diff to previous 1.65 (colored) to selected 1.122 (colored)

Update www/nginx to 1.10.1.
Update 3rd party modules in options.mk.


Changes with nginx 1.10.1

- Security: a segmentation fault might occur in a worker process while
  writing a specially crafted request body to a temporary file
  (CVE-2016-4450); the bug had appeared in 1.3.9.


Changes with nginx 1.10.0

- 1.10.x stable branch.


Changes with nginx 1.9.15

- Bugfix: "recv() failed" errors might occur when using HHVM as a
  FastCGI server.

- Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
  directives a timeout or a "client violated flow control" error might
  occur while reading client request body; the bug had appeared in
  1.9.14.

- Workaround: a response might not be shown by some browsers if HTTP/2
  was used and client request body was not fully read; the bug had
  appeared in 1.9.14.

- Bugfix: connections might hang when using the "aio threads"
  directive.
  Thanks to Mindaugas Rasiukevicius.


Changes with nginx 1.9.14

- Feature: OpenSSL 1.1.0 compatibility.

- Feature: the "proxy_request_buffering", "fastcgi_request_buffering",
  "scgi_request_buffering", and "uwsgi_request_buffering" directives
  now work with HTTP/2.

- Bugfix: "zero size buf in output" alerts might appear in logs when
  using HTTP/2.

- Bugfix: the "client_max_body_size" directive might work incorrectly
  when using HTTP/2.

- Bugfix: of minor bugs in logging.


Changes with nginx 1.9.13

- Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
  passed to the next server by default if a request has been sent to a
  backend; the "non_idempotent" parameter of the "proxy_next_upstream"
  directive explicitly allows retrying such requests.

- Feature: the ngx_http_perl_module can be built dynamically.

- Feature: UDP support in the stream module.

- Feature: the "aio_write" directive.

- Feature: now cache manager monitors number of elements in caches and
  tries to avoid cache keys zone overflows.

- Bugfix: "task already active" and "second aio post" alerts might
  appear in logs when using the "sendfile" and "aio" directives with
  subrequests.

- Bugfix: "zero size buf in output" alerts might appear in logs if
  caching was used and a client closed a connection prematurely.

- Bugfix: connections with clients might be closed needlessly if
  caching was used.
  Thanks to Justin Li.

- Bugfix: nginx might hog CPU if the "sendfile" directive was used on
  Linux or Solaris and a file being sent was changed during sending.

- Bugfix: connections might hang when using the "sendfile" and "aio
  threads" directives.

- Bugfix: in the "proxy_pass", "fastcgi_pass", "scgi_pass", and
  "uwsgi_pass" directives when using variables.
  Thanks to Piotr Sikora.

- Bugfix: in the ngx_http_sub_filter_module.

- Bugfix: if an error occurred in a cached backend connection, the
  request was passed to the next server regardless of the
  proxy_next_upstream directive.

- Bugfix: "CreateFile() failed" errors when creating temporary files
  on
  Windows.


Changes with nginx 1.9.12

- Feature: Huffman encoding of response headers in HTTP/2.
  Thanks to Vlad Krasnov.

- Feature: the "worker_cpu_affinity" directive now supports more than
  64 CPUs.

- Bugfix: compatibility with 3rd party C++ modules; the bug had
  appeared in 1.9.11.
  Thanks to Piotr Sikora.

- Bugfix: nginx could not be built statically with OpenSSL on Linux;
  the bug had appeared in 1.9.11.

- Bugfix: the "add_header ... always" directive with an empty value
  did
  not delete "Last-Modified" and "ETag" header lines from error
  responses.

- Workaround: "called a function you should not call" and "shutdown
  while in init" messages might appear in logs when using OpenSSL
  1.0.2f.

- Bugfix: invalid headers might be logged incorrectly.

- Bugfix: socket leak when using HTTP/2.

- Bugfix: in the ngx_http_v2_module.


Changes with nginx 1.9.11

- Feature: TCP support in resolver.

- Feature: dynamic modules.

- Bugfix: the $request_length variable did not include size of request
  headers when using HTTP/2.

- Bugfix: in the ngx_http_v2_module.


Changes with nginx 1.9.10

- Security: invalid pointer dereference might occur during DNS server
  response processing if the "resolver" directive was used, allowing an
  attacker who is able to forge UDP packets from the DNS server to
  cause segmentation fault in a worker process (CVE-2016-0742).

- Security: use-after-free condition might occur during CNAME response
  processing if the "resolver" directive was used, allowing an attacker
  who is able to trigger name resolution to cause segmentation fault in
  a worker process, or might have potential other impact
  (CVE-2016-0746).

- Security: CNAME resolution was insufficiently limited if the
  "resolver" directive was used, allowing an attacker who is able to
  trigger arbitrary name resolution to cause excessive resource
  consumption in worker processes (CVE-2016-0747).

- Feature: the "auto" parameter of the "worker_cpu_affinity"
  directive.

- Bugfix: the "proxy_protocol" parameter of the "listen" directive did
  not work with IPv6 listen sockets.

- Bugfix: connections to upstream servers might be cached incorrectly
  when using the "keepalive" directive.

- Bugfix: proxying used the HTTP method of the original request after
  an "X-Accel-Redirect" redirection.


Changes with nginx 1.9.9

- Bugfix: proxying to unix domain sockets did not work when using
  variables; the bug had appeared in 1.9.8.


Changes with nginx 1.9.8

- Feature: pwritev() support.

- Feature: the "include" directive inside the "upstream" block.

- Feature: the ngx_http_slice_module.

- Bugfix: a segmentation fault might occur in a worker process when
  using LibreSSL; the bug had appeared in 1.9.6.

- Bugfix: nginx could not be built on OS X in some cases.


Changes with nginx 1.9.7

- Feature: the "nohostname" parameter of logging to syslog.

- Feature: the "proxy_cache_convert_head" directive.

- Feature: the $realip_remote_addr variable in the
  ngx_http_realip_module.

- Bugfix: the "expires" directive might not work when using variables.

- Bugfix: a segmentation fault might occur in a worker process when
  using HTTP/2; the bug had appeared in 1.9.6.

- Bugfix: if nginx was built with the ngx_http_v2_module it was
  possible to use the HTTP/2 protocol even if the "http2" parameter of
  the "listen" directive was not specified.

- Bugfix: in the ngx_http_v2_module.


Changes with nginx 1.9.6

- Bugfix: a segmentation fault might occur in a worker process when
  using HTTP/2.
  Thanks to Piotr Sikora and Denis Andzakovic.

- Bugfix: the $server_protocol variable was empty when using HTTP/2.

- Bugfix: backend SSL connections in the stream module might be timed
  out unexpectedly.

- Bugfix: a segmentation fault might occur in a worker process if
  different ssl_session_cache settings were used in different virtual
  servers.

- Bugfix: nginx/Windows could not be built with MinGW gcc; the bug had
  appeared in 1.9.4.
  Thanks to Kouhei Sutou.

- Bugfix: time was not updated when the timer_resolution directive was
  used on Windows.

- Miscellaneous minor fixes and improvements.
  Thanks to Markus Linnala, Kurtis Nusbaum and Piotr Sikora.


Changes with nginx 1.9.5

- Feature: the ngx_http_v2_module (replaces ngx_http_spdy_module).
  Thanks to Dropbox and Automattic for sponsoring this work.

- Change: now the "output_buffers" directive uses two buffers by
  default.

- Change: now nginx limits subrequests recursion, not simultaneous
  subrequests.

- Change: now nginx checks the whole cache key when returning a
  response from cache.
  Thanks to Gena Makhomed and Sergey Brester.

- Bugfix: "header already sent" alerts might appear in logs when using
  cache; the bug had appeared in 1.7.5.

- Bugfix: "writev() failed (4: Interrupted system call)" errors might
  appear in logs when using CephFS and the "timer_resolution" directive
  on Linux.

- Bugfix: in invalid configurations handling.
  Thanks to Markus Linnala.

- Bugfix: a segmentation fault occurred in a worker process if the
  "sub_filter" directive was used at http level; the bug had appeared
  in 1.9.4.


Changes with nginx 1.9.4

- Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
  directives of the stream module are replaced with the
  "proxy_buffer_size" directive.

- Feature: the "tcp_nodelay" directive in the stream module.

- Feature: multiple "sub_filter" directives can be used
  simultaneously.

- Feature: variables support in the search string of the "sub_filter"
  directive.

- Workaround: configuration testing might fail under Linux OpenVZ.
  Thanks to Gena Makhomed.

- Bugfix: old worker processes might hog CPU after reconfiguration
  with
  a large number of worker_connections.

- Bugfix: a segmentation fault might occur in a worker process if the
  "try_files" and "alias" directives were used inside a location given
  by a regular expression; the bug had appeared in 1.7.1.

- Bugfix: the "try_files" directive inside a nested location given by
  a regular expression worked incorrectly if the "alias" directive was
  used in the outer location.

- Bugfix: in hash table initialization error handling.

- Bugfix: nginx could not be built with Visual Studio 2015.


Changes with nginx 1.9.3

- Change: duplicate "http", "mail", and "stream" blocks are now
  disallowed.

- Feature: connection limiting in the stream module.

- Feature: data rate limiting in the stream module.

- Bugfix: the "zone" directive inside the "upstream" block did not
  work on Windows.

- Bugfix: compatibility with LibreSSL in the stream module.
  Thanks to Piotr Sikora.

- Bugfix: in the "--builddir" configure parameter.
  Thanks to Piotr Sikora.

- Bugfix: the "ssl_stapling_file" directive did not work; the bug had
  appeared in 1.9.2.
  Thanks to Faidon Liambotis and Brandon Black.

- Bugfix: a segmentation fault might occur in a worker process if the
  "ssl_stapling" directive was used; the bug had appeared in 1.9.2.
  Thanks to Matthew Baldwin.


Changes with nginx 1.9.2

- Feature: the "backlog" parameter of the "listen" directives of the
  mail proxy and stream modules.

- Feature: the "allow" and "deny" directives in the stream module.

- Feature: the "proxy_bind" directive in the stream module.

- Feature: the "proxy_protocol" directive in the stream module.

- Feature: the -T switch.

- Feature: the REQUEST_SCHEME parameter added to the fastcgi.conf,
  fastcgi_params, scgi_params, and uwsgi_params standard configuration
  files.

- Bugfix: the "reuseport" parameter of the "listen" directive of the
  stream module did not work.

- Bugfix: OCSP stapling might return an expired OCSP response in some
  cases.


Changes with nginx 1.9.1

- Change: now SSLv3 protocol is disabled by default.

- Change: some long deprecated directives are not supported anymore.

- Feature: the "reuseport" parameter of the "listen" directive.
  Thanks to Yingqi Lu at Intel and Sepherosa Ziehau.

- Feature: the $upstream_connect_time variable.

- Bugfix: in the "hash" directive on big-endian platforms.

- Bugfix: nginx might fail to start on some old Linux variants; the
  bug had appeared in 1.7.11.

- Bugfix: in IP address parsing.
  Thanks to Sergey Polovko.


Changes with nginx 1.9.0

- Change: obsolete aio and rtsig event methods have been removed.

- Feature: the "zone" directive inside the "upstream" block.

- Feature: the stream module.

- Feature: byte ranges support in the ngx_http_memcached_module.
  Thanks to Martin Mlynar.

- Feature: shared memory can now be used on Windows versions with
  address space layout randomization.
  Thanks to Sergey Brester.

- Feature: the "error_log" directive can now be used on mail and
  server levels in mail proxy.

- Bugfix: the "proxy_protocol" parameter of the "listen" directive did
  not work if not specified in the first "listen" directive for a
  listen socket.

Revision 1.63.2.1 / (download) - annotate - [select for diffs], Sat Jun 11 10:06:37 2016 UTC (7 years, 9 months ago) by spz
Branch: pkgsrc-2016Q1
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored) next main 1.64 (colored) to selected 1.122 (colored)

Pullup ticket #5038 - requested by joerg
www/nginx: security patch
www/nginx-devel: security patch

Revisions pulled up:
- www/nginx-devel/Makefile                                      1.20
- www/nginx-devel/distinfo                                      1.20
- www/nginx-devel/patches/patch-src_os_unix_ngx__files.c        1.1
- www/nginx/Makefile                                            1.64
- www/nginx/patches/patch-src_os_unix_ngx__files.c              1.1

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	joerg
   Date:		Tue May 31 19:44:47 UTC 2016

   Modified Files:
   	pkgsrc/www/nginx: Makefile
   Added Files:
   	pkgsrc/www/nginx/patches: patch-src_os_unix_ngx__files.c

   Log Message:
   Avoid CVE-2016-4450 (NULL dereference while saving client body to
   temporary file). Bump revision.


   To generate a diff of this commit:
   cvs rdiff -u -r1.63 -r1.64 pkgsrc/www/nginx/Makefile
   cvs rdiff -u -r0 -r1.1 \
       pkgsrc/www/nginx/patches/patch-src_os_unix_ngx__files.c

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	joerg
   Date:		Tue May 31 19:54:43 UTC 2016

   Modified Files:
   	pkgsrc/www/nginx-devel: Makefile distinfo
   Added Files:
   	pkgsrc/www/nginx-devel/patches: patch-src_os_unix_ngx__files.c

   Log Message:
   Avoid CVE-2016-4450 (NULL dereference while saving client body to
   temporary file). Bump revision.


   To generate a diff of this commit:
   cvs rdiff -u -r1.19 -r1.20 pkgsrc/www/nginx-devel/Makefile \
       pkgsrc/www/nginx-devel/distinfo
   cvs rdiff -u -r0 -r1.1 \
       pkgsrc/www/nginx-devel/patches/patch-src_os_unix_ngx__files.c

Revision 1.65 / (download) - annotate - [select for diffs], Wed Jun 8 19:24:53 2016 UTC (7 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.64: +2 -2 lines
Diff to previous 1.64 (colored) to selected 1.122 (colored)

Bump PKGREVISION for perl-5.24.

Revision 1.64 / (download) - annotate - [select for diffs], Tue May 31 19:44:47 2016 UTC (7 years, 9 months ago) by joerg
Branch: MAIN
Changes since 1.63: +2 -2 lines
Diff to previous 1.63 (colored) to selected 1.122 (colored)

Avoid CVE-2016-4450 (NULL dereference while saving client body to
temporary file). Bump revision.

Revision 1.63 / (download) - annotate - [select for diffs], Sat Mar 5 11:29:38 2016 UTC (8 years ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base
Branch point for: pkgsrc-2016Q1
Changes since 1.62: +2 -1 lines
Diff to previous 1.62 (colored) to selected 1.122 (colored)

Bump PKGREVISION for security/openssl ABI bump.

Revision 1.62 / (download) - annotate - [select for diffs], Tue Jan 26 17:54:19 2016 UTC (8 years, 2 months ago) by joerg
Branch: MAIN
Changes since 1.61: +2 -3 lines
Diff to previous 1.61 (colored) to selected 1.122 (colored)

Update to nginx 1.8.1:
- security fixes when using the "resolver" directive
- bugfixes for "proxy_protocol" parameter of "listen", "try_files" and
  "alias" directives, when using different ssl_session_cache settings
  across vhosts, "spdy" could be active when builtin but not explicitly
  enabled

Revision 1.61 / (download) - annotate - [select for diffs], Wed Nov 18 14:19:55 2015 UTC (8 years, 4 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base, pkgsrc-2015Q4
Changes since 1.60: +2 -2 lines
Diff to previous 1.60 (colored) to selected 1.122 (colored)

Recursive revbump from multimedia/libvpx

Revision 1.60 / (download) - annotate - [select for diffs], Wed Sep 30 13:36:00 2015 UTC (8 years, 6 months ago) by imil
Branch: MAIN
Changes since 1.59: +2 -1 lines
Diff to previous 1.59 (colored) to selected 1.122 (colored)

Updated Github third party modules and changed DISTFILES to point to github.com
instead of ftp.NetBSD.org.

* lua-nginx-module 0.9.5 updated to 0.9.16
* echo-nginx-module 0.51 updated to 0.58
* set-misc-nginx-module 0.24 updated to 0.29
* array-var-nginx-module 0.03 updated to 0.04
* encrypted-session-nginx-module 0.03 updated to 0.04
* form-input-nginx-module 0.07 updated to 0.11
* headers-more-nginx-module 0.25 updated to 0.26.1

Only minor revision changes, no features added. Modules don't have Changelog,
git history shows only cosmetic changes and bugfixes.

Revision 1.59 / (download) - annotate - [select for diffs], Fri Jun 26 13:46:53 2015 UTC (8 years, 9 months ago) by rodent
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q3, pkgsrc-2015Q2-base, pkgsrc-2015Q2
Changes since 1.58: +2 -3 lines
Diff to previous 1.58 (colored) to selected 1.122 (colored)

Update to latest stable. Resolves CVE-2014-3616. From CHANGELOG:

Changes with nginx 1.8.0                                         21 Apr 2015
    *) 1.8.x stable branch.

Changes with nginx 1.7.12                                        07 Apr 2015
    *) Feature: now the "tcp_nodelay" directive works with backend SSL
       connections.
    *) Feature: now thread pools can be used to read cache file headers.
    *) Bugfix: in the "proxy_request_buffering" directive.
    *) Bugfix: a segmentation fault might occur in a worker process when
       using thread pools on Linux.
    *) Bugfix: in error handling when using the "ssl_stapling" directive.
    *) Bugfix: in the ngx_http_spdy_module.

Changes with nginx 1.7.11                                        24 Mar 2015
    *) Change: the "sendfile" parameter of the "aio" directive is
       deprecated; now nginx automatically uses AIO to pre-load data for
       sendfile if both "aio" and "sendfile" directives are used.
    *) Feature: experimental thread pools support.
    *) Feature: the "proxy_request_buffering", "fastcgi_request_buffering",
       "scgi_request_buffering", and "uwsgi_request_buffering" directives.
    *) Feature: request body filters experimental API.
    *) Feature: client SSL certificates support in mail proxy.
    *) Feature: startup speedup when using the "hash ... consistent"
       directive in the upstream block.
    *) Feature: debug logging into a cyclic memory buffer.
    *) Bugfix: in hash table handling.
    *) Bugfix: in the "proxy_cache_revalidate" directive.
    *) Bugfix: SSL connections might hang if deferred accept or the
       "proxy_protocol" parameter of the "listen" directive were used.
    *) Bugfix: the $upstream_response_time variable might contain a wrong
       value if the "image_filter" directive was used.
    *) Bugfix: in integer overflow handling.
    *) Bugfix: it was not possible to enable SSLv3 with LibreSSL.
    *) Bugfix: the "ignoring stale global SSL error ... called a function
       you should not call" alerts appeared in logs when using LibreSSL.
    *) Bugfix: certificates specified by the "ssl_client_certificate" and
       "ssl_trusted_certificate" directives were inadvertently used to
       automatically construct certificate chains.

Changes with nginx 1.7.10                                        10 Feb 2015
    *) Feature: the "use_temp_path" parameter of the "proxy_cache_path",
       "fastcgi_cache_path", "scgi_cache_path", and "uwsgi_cache_path"
       directives.
    *) Feature: the $upstream_header_time variable.
    *) Workaround: now on disk overflow nginx tries to write error logs once
       a second only.
    *) Bugfix: the "try_files" directive did not ignore normal files while
       testing directories.
    *) Bugfix: alerts "sendfile() failed" if the "sendfile" directive was
       used on OS X; the bug had appeared in 1.7.8.
    *) Bugfix: alerts "sem_post() failed" might appear in logs.
    *) Bugfix: nginx could not be built with musl libc.
    *) Bugfix: nginx could not be built on Tru64 UNIX.

Changes with nginx 1.7.9                                         23 Dec 2014
    *) Feature: variables support in the "proxy_cache", "fastcgi_cache",
       "scgi_cache", and "uwsgi_cache" directives.
    *) Feature: variables support in the "expires" directive.
    *) Feature: loading of secret keys from hardware tokens with OpenSSL
       engines.
    *) Feature: the "autoindex_format" directive.
    *) Bugfix: cache revalidation is now only used for responses with 200
       and 206 status codes.
    *) Bugfix: the "TE" client request header line was passed to backends
       while proxying.
    *) Bugfix: the "proxy_pass", "fastcgi_pass", "scgi_pass", and
       "uwsgi_pass" directives might not work correctly inside the "if" and
       "limit_except" blocks.
    *) Bugfix: the "proxy_store" directive with the "on" parameter was
       ignored if the "proxy_store" directive with an explicitly specified
       file path was used on a previous level.
    *) Bugfix: nginx could not be built with BoringSSL.

Changes with nginx 1.7.8                                         02 Dec 2014
    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
       header lines are passed to a backend while caching if nginx knows in
       advance that the response will not be cached (e.g., when using
       proxy_cache_min_uses).
    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
       backend with caching disabled; the new directives
       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
       after which the lock will be released and another attempt to cache a
       response will be made.
    *) Change: the "log_format" directive can now be used only at http
       level.
    *) Feature: the "proxy_ssl_certificate", "proxy_ssl_certificate_key",
       "proxy_ssl_password_file", "uwsgi_ssl_certificate",
       "uwsgi_ssl_certificate_key", and "uwsgi_ssl_password_file"
       directives.
    *) Feature: it is now possible to switch to a named location using
       "X-Accel-Redirect".
    *) Feature: now the "tcp_nodelay" directive works with SPDY connections.
    *) Feature: new directives in vim syntax highliting scripts.
    *) Bugfix: nginx ignored the "s-maxage" value in the "Cache-Control"
       backend response header line.
    *) Bugfix: in the ngx_http_spdy_module.
    *) Bugfix: in the "ssl_password_file" directive when using OpenSSL
       0.9.8zc, 1.0.0o, 1.0.1j.
    *) Bugfix: alerts "header already sent" appeared in logs if the
       "post_action" directive was used; the bug had appeared in 1.5.4.
    *) Bugfix: alerts "the http output chain is empty" might appear in logs
       if the "postpone_output 0" directive was used with SSI includes.
    *) Bugfix: in the "proxy_cache_lock" directive with SSI subrequests.

Changes with nginx 1.7.7                                         28 Oct 2014

    *) Change: now nginx takes into account the "Vary" header line in a
       backend response while caching.
    *) Feature: the "proxy_force_ranges", "fastcgi_force_ranges",
       "scgi_force_ranges", and "uwsgi_force_ranges" directives.
    *) Feature: the "proxy_limit_rate", "fastcgi_limit_rate",
       "scgi_limit_rate", and "uwsgi_limit_rate" directives.
    *) Feature: the "Vary" parameter of the "proxy_ignore_headers",
       "fastcgi_ignore_headers", "scgi_ignore_headers", and
       "uwsgi_ignore_headers" directives.
    *) Bugfix: the last part of a response received from a backend with
       unbufferred proxy might not be sent to a client if "gzip" or "gunzip"
       directives were used.
    *) Bugfix: in the "proxy_cache_revalidate" directive.
    *) Bugfix: in error handling.
    *) Bugfix: in the "proxy_next_upstream_tries" and
       "proxy_next_upstream_timeout" directives.
    *) Bugfix: nginx/Windows could not be built with MinGW-w64 gcc.

Changes with nginx 1.7.6                                         30 Sep 2014

    *) Change: the deprecated "limit_zone" directive is not supported
       anymore.
    *) Feature: the "limit_conn_zone" and "limit_req_zone" directives now
       can be used with combinations of multiple variables.
    *) Bugfix: request body might be transmitted incorrectly when retrying a
       FastCGI request to the next upstream server.
    *) Bugfix: in logging to syslog.
Changes with nginx 1.7.5                                         16 Sep 2014

    *) Security: it was possible to reuse SSL sessions in unrelated contexts
       if a shared SSL session cache or the same TLS session ticket key was
       used for multiple "server" blocks (CVE-2014-3616).
    *) Change: now the "stub_status" directive does not require a parameter.
    *) Feature: the "always" parameter of the "add_header" directive.
    *) Feature: the "proxy_next_upstream_tries",
       "proxy_next_upstream_timeout", "fastcgi_next_upstream_tries",
       "fastcgi_next_upstream_timeout", "memcached_next_upstream_tries",
       "memcached_next_upstream_timeout", "scgi_next_upstream_tries",
       "scgi_next_upstream_timeout", "uwsgi_next_upstream_tries", and
       "uwsgi_next_upstream_timeout" directives.
    *) Bugfix: in the "if" parameter of the "access_log" directive.
    *) Bugfix: in the ngx_http_perl_module.
    *) Bugfix: the "listen" directive of the mail proxy module did not allow
       to specify more than two parameters.
    *) Bugfix: the "sub_filter" directive did not work with a string to
       replace consisting of a single character.
    *) Bugfix: requests might hang if resolver was used and a timeout
       occurred during a DNS request.
    *) Bugfix: in the ngx_http_spdy_module when using with AIO.
    *) Bugfix: a segmentation fault might occur in a worker process if the
       "set" directive was used to change the "$http_...", "$sent_http_...",
       or "$upstream_http_..." variables.
    *) Bugfix: in memory allocation error handling.

Changes with nginx 1.7.4                                         05 Aug 2014

    *) Security: pipelined commands were not discarded after STARTTLS
       command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
    *) Change: URI escaping now uses uppercase hexadecimal digits.
    *) Feature: now nginx can be build with BoringSSL and LibreSSL.
    *) Bugfix: requests might hang if resolver was used and a DNS server
       returned a malformed response; the bug had appeared in 1.5.8.
    *) Bugfix: in the ngx_http_spdy_module.
    *) Bugfix: the $uri variable might contain garbage when returning errors
       with code 400.
    *) Bugfix: in error handling in the "proxy_store" directive and the
       ngx_http_dav_module.
    *) Bugfix: a segmentation fault might occur if logging of errors to
       syslog was used; the bug had appeared in 1.7.1.
    *) Bugfix: the $geoip_latitude, $geoip_longitude, $geoip_dma_code, and
       $geoip_area_code variables might not work.
    *) Bugfix: in memory allocation error handling.

Changes with nginx 1.7.3                                         08 Jul 2014
    *) Feature: weak entity tags are now preserved on response
       modifications, and strong ones are changed to weak.
    *) Feature: cache revalidation now uses If-None-Match header if
       possible.
    *) Feature: the "ssl_password_file" directive.
    *) Bugfix: the If-None-Match request header line was ignored if there
       was no Last-Modified header in a response returned from cache.
    *) Bugfix: "peer closed connection in SSL handshake" messages were
       logged at "info" level instead of "error" while connecting to
       backends.
    *) Bugfix: in the ngx_http_dav_module module in nginx/Windows.
    *) Bugfix: SPDY connections might be closed prematurely if caching was
       used.

Changes with nginx 1.7.2                                         17 Jun 2014
    *) Feature: the "hash" directive inside the "upstream" block.
    *) Feature: defragmentation of free shared memory blocks.
    *) Bugfix: a segmentation fault might occur in a worker process if the
       default value of the "access_log" directive was used; the bug had
       appeared in 1.7.0.
    *) Bugfix: trailing slash was mistakenly removed from the last parameter
       of the "try_files" directive.
    *) Bugfix: nginx could not be built on OS X in some cases.
    *) Bugfix: in the ngx_http_spdy_module.

Changes with nginx 1.7.1                                         27 May 2014
    *) Feature: the "$upstream_cookie_..." variables.
    *) Feature: the $ssl_client_fingerprint variable.
    *) Feature: the "error_log" and "access_log" directives now support
       logging to syslog.
    *) Feature: the mail proxy now logs client port on connect.
    *) Bugfix: memory leak if the "ssl_stapling" directive was used.
    *) Bugfix: the "alias" directive used inside a location given by a
       regular expression worked incorrectly if the "if" or "limit_except"
       directives were used.
    *) Bugfix: the "charset" directive did not set a charset to encoded
       backend responses.
    *) Bugfix: a "proxy_pass" directive without URI part might use original
       request after the $args variable was set.
    *) Bugfix: in the "none" parameter in the "smtp_auth" directive; the bug
       had appeared in 1.5.6.
    *) Bugfix: if sub_filter and SSI were used together, then responses
       might be transferred incorrectly.
    *) Bugfix: nginx could not be built with the --with-file-aio option on
       Linux/aarch64.

Changes with nginx 1.7.0                                         24 Apr 2014
    *) Feature: backend SSL certificate verification.
    *) Feature: support for SNI while working with SSL backends.
    *) Feature: the $ssl_server_name variable.
    *) Feature: the "if" parameter of the "access_log" directive.

Revision 1.58 / (download) - annotate - [select for diffs], Fri Jun 12 10:51:51 2015 UTC (8 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.57: +2 -1 lines
Diff to previous 1.57 (colored) to selected 1.122 (colored)

Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.

Revision 1.57 / (download) - annotate - [select for diffs], Wed Sep 24 05:42:48 2014 UTC (9 years, 6 months ago) by kim
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base, pkgsrc-2015Q1, pkgsrc-2014Q4-base, pkgsrc-2014Q4, pkgsrc-2014Q3-base, pkgsrc-2014Q3
Changes since 1.56: +2 -2 lines
Diff to previous 1.56 (colored) to selected 1.122 (colored)

Upgrade to nginx-1.6.2 to fix security vulnerability CVE-2014-3616.
Restore module checksums that were lost in last update.

Changes with nginx 1.6.2                                         16 Sep 2014

    *) Security: it was possible to reuse SSL sessions in unrelated contexts
       if a shared SSL session cache or the same TLS session ticket key was
       used for multiple "server" blocks (CVE-2014-3616).
       Thanks to Antoine Delignat-Lavaud.

    *) Bugfix: requests might hang if resolver was used and a DNS server
       returned a malformed response; the bug had appeared in 1.5.8.

    *) Bugfix: requests might hang if resolver was used and a timeout
       occurred during a DNS request.

Revision 1.56 / (download) - annotate - [select for diffs], Thu Aug 7 05:05:50 2014 UTC (9 years, 7 months ago) by rodent
Branch: MAIN
Changes since 1.55: +2 -2 lines
Diff to previous 1.55 (colored) to selected 1.122 (colored)

Changes with nginx 1.6.1                                         05 Aug 2014
    *) Security: pipelined commands were not discarded after STARTTLS
       command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
    *) Bugfix: the $uri variable might contain garbage when returning errors
       with code 400.
    *) Bugfix: in the "none" parameter in the "smtp_auth" directive; the bug
       had appeared in 1.5.6.

Revision 1.55 / (download) - annotate - [select for diffs], Sun Apr 27 11:05:45 2014 UTC (9 years, 11 months ago) by rodent
Branch: MAIN
CVS Tags: pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.54: +2 -3 lines
Diff to previous 1.54 (colored) to selected 1.122 (colored)

Update to latest stable release, 1.6.0. This folds many (but not all)
features from the previous development branch (1.5.x) - including various
SSL improvements, SPDY 3.1 support, cache revalidation with conditional
requests, auth request module and more. Resolves CVE-2013-4547.
files/nginx.sh now has a configtest command for lazy admins (me) who don't
want to remember command line options. CHANGELOG:

Changes with nginx 1.5.13                                        08 Apr 2014

    *) Change: improved hash table handling; the default values of the
       "variables_hash_max_size" and "types_hash_bucket_size" were changed
       to 1024 and 64 respectively.
    *) Feature: the ngx_http_mp4_module now supports the "end" argument.
    *) Feature: byte ranges support in the ngx_http_mp4_module and while
       saving responses to cache.
    *) Bugfix: alerts "ngx_slab_alloc() failed: no memory" no longer logged
       when using shared memory in the "ssl_session_cache" directive and in
       the ngx_http_limit_req_module.
    *) Bugfix: the "underscores_in_headers" directive did not allow
       underscore as a first character of a header.
    *) Bugfix: cache manager might hog CPU on exit in nginx/Windows.
    *) Bugfix: nginx/Windows terminated abnormally if the
       "ssl_session_cache" directive was used with the "shared" parameter.
    *) Bugfix: in the ngx_http_spdy_module.

Changes with nginx 1.5.12                                        18 Mar 2014

    *) Security: a heap memory buffer overflow might occur in a worker
       process while handling a specially crafted request by
       ngx_http_spdy_module, potentially resulting in arbitrary code
       execution (CVE-2014-0133).
    *) Feature: the "proxy_protocol" parameters of the "listen" and
       "real_ip_header" directives, the $proxy_protocol_addr variable.
    *) Bugfix: in the "fastcgi_next_upstream" directive.

Changes with nginx 1.5.11                                        04 Mar 2014

    *) Security: memory corruption might occur in a worker process on 32-bit
       platforms while handling a specially crafted request by
       ngx_http_spdy_module, potentially resulting in arbitrary code
       execution (CVE-2014-0088); the bug had appeared in 1.5.10.
    *) Feature: the $ssl_session_reused variable.
    *) Bugfix: the "client_max_body_size" directive might not work when
       reading a request body using chunked transfer encoding; the bug had
       appeared in 1.3.9.
    *) Bugfix: a segmentation fault might occur in a worker process when
       proxying WebSocket connections.
    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_spdy_module was used on 32-bit platforms; the bug had
       appeared in 1.5.10.
    *) Bugfix: the $upstream_status variable might contain wrong data if the
       "proxy_cache_use_stale" or "proxy_cache_revalidate" directives were
       used.
    *) Bugfix: a segmentation fault might occur in a worker process if
       errors with code 400 were redirected to a named location using the
       "error_page" directive.
    *) Bugfix: nginx/Windows could not be built with Visual Studio 2013.

Changes with nginx 1.5.10                                        04 Feb 2014

    *) Feature: the ngx_http_spdy_module now uses SPDY 3.1 protocol.
    *) Feature: the ngx_http_mp4_module now skips tracks too short for a
       seek requested.
    *) Bugfix: a segmentation fault might occur in a worker process if the
       $ssl_session_id variable was used in logs; the bug had appeared in
       1.5.9.
    *) Bugfix: the $date_local and $date_gmt variables used wrong format
       outside of the ngx_http_ssi_filter_module.
    *) Bugfix: client connections might be immediately closed if deferred
       accept was used; the bug had appeared in 1.3.15.
    *) Bugfix: alerts "getsockopt(TCP_FASTOPEN) ... failed" appeared in logs
       during binary upgrade on Linux; the bug had appeared in 1.5.8.

Changes with nginx 1.5.9                                         22 Jan 2014

    *) Change: now nginx expects escaped URIs in "X-Accel-Redirect" headers.
    *) Feature: the "ssl_buffer_size" directive.
    *) Feature: the "limit_rate" directive can now be used to rate limit
       responses sent in SPDY connections.
    *) Feature: the "spdy_chunk_size" directive.
    *) Feature: the "ssl_session_tickets" directive.
    *) Bugfix: the $ssl_session_id variable contained full session
       serialized instead of just a session id.
    *) Bugfix: nginx incorrectly handled escaped "?" character in the
       "include" SSI command.
    *) Bugfix: the ngx_http_dav_module did not unescape destination URI of
       the COPY and MOVE methods.
    *) Bugfix: resolver did not understand domain names with a trailing dot.
    *) Bugfix: alerts "zero size buf in output" might appear in logs while
       proxying; the bug had appeared in 1.3.9.
    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_spdy_module was used.
    *) Bugfix: proxied WebSocket connections might hang right after
       handshake if the select, poll, or /dev/poll methods were used.
    *) Bugfix: the "xclient" directive of the mail proxy module incorrectly
       handled IPv6 client addresses.

Changes with nginx 1.5.8                                         17 Dec 2013

    *) Feature: IPv6 support in resolver.
    *) Feature: the "listen" directive supports the "fastopen" parameter.
    *) Feature: SSL support in the ngx_http_uwsgi_module.
    *) Feature: vim syntax highlighting scripts were added to contrib.
    *) Bugfix: a timeout might occur while reading client request body in an
       SSL connection using chunked transfer encoding.
    *) Bugfix: the "master_process" directive did not work correctly in
       nginx/Windows.
    *) Bugfix: the "setfib" parameter of the "listen" directive might not
       work.
    *) Bugfix: in the ngx_http_spdy_module.

Changes with nginx 1.5.7                                         19 Nov 2013

    *) Security: a character following an unescaped space in a request line
       was handled incorrectly (CVE-2013-4547); the bug had appeared in
       0.8.41.
    *) Change: a logging level of auth_basic errors about no user/password
       provided has been lowered from "error" to "info".
    *) Feature: the "proxy_cache_revalidate", "fastcgi_cache_revalidate",
       "scgi_cache_revalidate", and "uwsgi_cache_revalidate" directives.
    *) Feature: the "ssl_session_ticket_key" directive.
    *) Bugfix: the directive "add_header Cache-Control ''" added a
       "Cache-Control" response header line with an empty value.
    *) Bugfix: the "satisfy any" directive might return 403 error instead of
       401 if auth_request and auth_basic directives were used.
    *) Bugfix: the "accept_filter" and "deferred" parameters of the "listen"
       directive were ignored for listen sockets created during binary
       upgrade.
    *) Bugfix: some data received from a backend with unbufferred proxy
       might not be sent to a client immediately if "gzip" or "gunzip"
       directives were used.
    *) Bugfix: in error handling in ngx_http_gunzip_filter_module.
    *) Bugfix: responses might hang if the ngx_http_spdy_module was used
       with the "auth_request" directive.
    *) Bugfix: memory leak in nginx/Windows.

Changes with nginx 1.5.6                                         01 Oct 2013

    *) Feature: the "fastcgi_buffering" directive.
    *) Feature: the "proxy_ssl_protocols" and "proxy_ssl_ciphers"
       directives.
    *) Feature: optimization of SSL handshakes when using long certificate
       chains.
    *) Feature: the mail proxy supports SMTP pipelining.
    *) Bugfix: in the ngx_http_auth_basic_module when using "$apr1$"
       password encryption method.
    *) Bugfix: in MacOSX, Cygwin, and nginx/Windows incorrect location might
       be used to process a request if locations were given using characters
       in different cases.
    *) Bugfix: automatic redirect with appended trailing slash for proxied
       locations might not work.
    *) Bugfix: in the mail proxy server.
    *) Bugfix: in the ngx_http_spdy_module.

Changes with nginx 1.5.5                                         17 Sep 2013

    *) Change: now nginx assumes HTTP/1.0 by default if it is not able to
       detect protocol reliably.
    *) Feature: the "disable_symlinks" directive now uses O_PATH on Linux.
    *) Feature: now nginx uses EPOLLRDHUP events to detect premature
       connection close by clients if the "epoll" method is used.
    *) Bugfix: in the "valid_referers" directive if the "server_names"
       parameter was used.
    *) Bugfix: the $request_time variable did not work in nginx/Windows.
    *) Bugfix: in the "image_filter" directive.
    *) Bugfix: OpenSSL 1.0.1f compatibility.

Changes with nginx 1.5.4                                         27 Aug 2013

    *) Change: the "js" extension MIME type has been changed to
       "application/javascript"; default value of the "charset_types"
       directive was changed accordingly.
    *) Change: now the "image_filter" directive with the "size" parameter
       returns responses with the "application/json" MIME type.
    *) Feature: the ngx_http_auth_request_module.
    *) Bugfix: a segmentation fault might occur on start or during
       reconfiguration if the "try_files" directive was used with an empty
       parameter.
    *) Bugfix: memory leak if relative paths were specified using variables
       in the "root" or "auth_basic_user_file" directives.
    *) Bugfix: the "valid_referers" directive incorrectly executed regular
       expressions if a "Referer" header started with "https://".
    *) Bugfix: responses might hang if subrequests were used and an SSL
       handshake error happened during subrequest processing.
    *) Bugfix: in the ngx_http_autoindex_module.
    *) Bugfix: in the ngx_http_spdy_module.

Changes with nginx 1.5.3                                         30 Jul 2013

    *) Change in internal API: now u->length defaults to -1 if working with
       backends in unbuffered mode.
    *) Change: now after receiving an incomplete response from a backend
       server nginx tries to send an available part of the response to a
       client, and then closes client connection.
    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_spdy_module was used with the "client_body_in_file_only"
       directive.
    *) Bugfix: the "so_keepalive" parameter of the "listen" directive might
       be handled incorrectly on DragonFlyBSD.
    *) Bugfix: in the ngx_http_xslt_filter_module.
    *) Bugfix: in the ngx_http_sub_filter_module.

Changes with nginx 1.5.2                                         02 Jul 2013

    *) Feature: now several "error_log" directives can be used.
    *) Bugfix: the $r->header_in() embedded perl method did not return value
       of the "Cookie" and "X-Forwarded-For" request header lines; the bug
       had appeared in 1.3.14.
    *) Bugfix: in the ngx_http_spdy_module.
    *) Bugfix: nginx could not be built on Linux with x32 ABI.

Changes with nginx 1.5.1                                         04 Jun 2013

    *) Feature: the "ssi_last_modified", "sub_filter_last_modified", and
       "xslt_last_modified" directives.
    *) Feature: the "http_403" parameter of the "proxy_next_upstream",
       "fastcgi_next_upstream", "scgi_next_upstream", and
       "uwsgi_next_upstream" directives.
    *) Feature: the "allow" and "deny" directives now support unix domain
       sockets.
    *) Bugfix: nginx could not be built with the ngx_mail_ssl_module, but
       without ngx_http_ssl_module; the bug had appeared in 1.3.14.
    *) Bugfix: in the "proxy_set_body" directive.
    *) Bugfix: in the "lingering_time" directive.
    *) Bugfix: the "fail_timeout" parameter of the "server" directive in the
       "upstream" context might not work if "max_fails" parameter was used;
       the bug had appeared in 1.3.0.
    *) Bugfix: a segmentation fault might occur in a worker process if the
       "ssl_stapling" directive was used.
    *) Bugfix: in the mail proxy server.
    *) Bugfix: nginx/Windows might stop accepting connections if several
       worker processes were used.

Changes with nginx 1.5.0                                         07 May 2013

    *) Security: a stack-based buffer overflow might occur in a worker
       process while handling a specially crafted request, potentially
       resulting in arbitrary code execution (CVE-2013-2028); the bug had
       appeared in 1.3.9.

Revision 1.54 / (download) - annotate - [select for diffs], Wed Mar 26 13:31:22 2014 UTC (10 years ago) by imil
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1
Changes since 1.53: +2 -2 lines
Diff to previous 1.53 (colored) to selected 1.122 (colored)

Fixed LuaJIT2 linking for the Lua module.

Revision 1.53 / (download) - annotate - [select for diffs], Fri Mar 21 21:41:19 2014 UTC (10 years ago) by imil
Branch: MAIN
Changes since 1.52: +2 -2 lines
Diff to previous 1.52 (colored) to selected 1.122 (colored)

Added form-input https://github.com/calio/form-input-nginx-module and
encrypted-session https://github.com/agentzh/encrypted-session-nginx-module

Revision 1.52 / (download) - annotate - [select for diffs], Fri Mar 21 11:36:47 2014 UTC (10 years ago) by imil
Branch: MAIN
Changes since 1.51: +2 -2 lines
Diff to previous 1.51 (colored) to selected 1.122 (colored)

Added array-var-nginx-module https://github.com/agentzh/array-var-nginx-module

Revision 1.51 / (download) - annotate - [select for diffs], Thu Mar 20 22:19:35 2014 UTC (10 years ago) by imil
Branch: MAIN
Changes since 1.50: +2 -2 lines
Diff to previous 1.50 (colored) to selected 1.122 (colored)

Added ngx_set_misc http://wiki.nginx.org/HttpSetMiscModule and ngx_headers_more
http://wiki.nginx.org/HttpHeadersMoreModule

Revision 1.50 / (download) - annotate - [select for diffs], Wed Mar 19 18:01:18 2014 UTC (10 years ago) by imil
Branch: MAIN
Changes since 1.49: +2 -1 lines
Diff to previous 1.49 (colored) to selected 1.122 (colored)

Added the `echo' module: http://wiki.nginx.org/HttpEchoModule

Revision 1.49 / (download) - annotate - [select for diffs], Wed Mar 19 14:14:31 2014 UTC (10 years ago) by imil
Branch: MAIN
Changes since 1.48: +2 -3 lines
Diff to previous 1.48 (colored) to selected 1.122 (colored)

Changes with nginx 1.4.7                                         18 Mar 2014

    *) Security: a heap memory buffer overflow might occur in a worker
       process while handling a specially crafted request by
       ngx_http_spdy_module, potentially resulting in arbitrary code
       execution (CVE-2014-0133).
       Thanks to Lucas Molas, researcher at Programa STIC, Fundaci Dr.
       Manuel Sadosky, Buenos Aires, Argentina.

    *) Bugfix: in the "fastcgi_next_upstream" directive.
       Thanks to Lucas Molas.

Revision 1.48 / (download) - annotate - [select for diffs], Fri Mar 14 11:34:25 2014 UTC (10 years ago) by imil
Branch: MAIN
Changes since 1.47: +2 -1 lines
Diff to previous 1.47 (colored) to selected 1.122 (colored)

A new module was added, worth a revision.

Revision 1.47 / (download) - annotate - [select for diffs], Sun Mar 9 13:34:02 2014 UTC (10 years ago) by rodent
Branch: MAIN
Changes since 1.46: +2 -2 lines
Diff to previous 1.46 (colored) to selected 1.122 (colored)

Changes with nginx 1.4.6                                         04 Mar 2014

    *) Bugfix: the "client_max_body_size" directive might not work when
       reading a request body using chunked transfer encoding; the bug had
       appeared in 1.3.9.
       Thanks to Lucas Molas.

    *) Bugfix: a segmentation fault might occur in a worker process when
       proxying WebSocket connections.

Revision 1.46 / (download) - annotate - [select for diffs], Sat Mar 1 20:14:44 2014 UTC (10 years, 1 month ago) by rodent
Branch: MAIN
Changes since 1.45: +2 -3 lines
Diff to previous 1.45 (colored) to selected 1.122 (colored)

Updated to latest release, 1.4.5, released on 2014-02-11. From CHANGES-1.4:

*) Bugfix: the $ssl_session_id variable contained full session
   serialized instead of just a session id.
   Thanks to Ivan Risti\u0107.

*) Bugfix: client connections might be immediately closed if deferred
   accept was used; the bug had appeared in 1.3.15.

*) Bugfix: alerts "zero size buf in output" might appear in logs while
   proxying; the bug had appeared in 1.3.9.

*) Bugfix: a segmentation fault might occur in a worker process if the
   ngx_http_spdy_module was used.

*) Bugfix: proxied WebSocket connections might hang right after
   handshake if the select, poll, or /dev/poll methods were used.

*) Bugfix: a timeout might occur while reading client request body in an
   SSL connection using chunked transfer encoding.

*) Bugfix: memory leak in nginx/Windows.

Revision 1.45 / (download) - annotate - [select for diffs], Wed Feb 12 23:18:46 2014 UTC (10 years, 1 month ago) by tron
Branch: MAIN
Changes since 1.44: +2 -1 lines
Diff to previous 1.44 (colored) to selected 1.122 (colored)

Recursive PKGREVISION bump for OpenSSL API version bump.

Revision 1.43.2.1 / (download) - annotate - [select for diffs], Thu Dec 5 17:43:31 2013 UTC (10 years, 3 months ago) by schnoebe
Branch: pkgsrc-2013Q3
Changes since 1.43: +2 -3 lines
Diff to previous 1.43 (colored) next main 1.44 (colored) to selected 1.122 (colored)

pull-up to pkgsrc-2013Q3, ticket #4264

Updated to nginx 1.4.4

Changes with nginx 1.4.4                                         19 Nov 2013

    *) Security: a character following an unescaped space in a request line
       was handled incorrectly (CVE-2013-4547); the bug had appeared in
       0.8.41.
       Thanks to Ivan Fratric of the Google Security Team.


Changes with nginx 1.4.3                                         08 Oct 2013

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_spdy_module was used with the "client_body_in_file_only"
       directive.

    *) Bugfix: a segmentation fault might occur on start or during
       reconfiguration if the "try_files" directive was used with an empty
       parameter.

    *) Bugfix: the $request_time variable did not work in nginx/Windows.

    *) Bugfix: in the ngx_http_auth_basic_module when using "$apr1$"
       password encryption method.
       Thanks to Markus Linnala.

    *) Bugfix: in the ngx_http_autoindex_module.

    *) Bugfix: in the mail proxy server.

Revision 1.44 / (download) - annotate - [select for diffs], Thu Dec 5 15:09:58 2013 UTC (10 years, 3 months ago) by imil
Branch: MAIN
CVS Tags: pkgsrc-2013Q4-base, pkgsrc-2013Q4
Changes since 1.43: +2 -3 lines
Diff to previous 1.43 (colored) to selected 1.122 (colored)

Updated to nginx 1.4.4

Changes with nginx 1.4.4                                         19 Nov 2013

    *) Security: a character following an unescaped space in a request line
       was handled incorrectly (CVE-2013-4547); the bug had appeared in
       0.8.41.
       Thanks to Ivan Fratric of the Google Security Team.


Changes with nginx 1.4.3                                         08 Oct 2013

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_spdy_module was used with the "client_body_in_file_only"
       directive.

    *) Bugfix: a segmentation fault might occur on start or during
       reconfiguration if the "try_files" directive was used with an empty
       parameter.

    *) Bugfix: the $request_time variable did not work in nginx/Windows.

    *) Bugfix: in the ngx_http_auth_basic_module when using "$apr1$"
       password encryption method.
       Thanks to Markus Linnala.

    *) Bugfix: in the ngx_http_autoindex_module.

    *) Bugfix: in the mail proxy server.

Revision 1.43 / (download) - annotate - [select for diffs], Wed Sep 4 12:31:26 2013 UTC (10 years, 6 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base
Branch point for: pkgsrc-2013Q3
Changes since 1.42: +2 -1 lines
Diff to previous 1.42 (colored) to selected 1.122 (colored)

recursive bump from graphics/gd shlib major bump.

Revision 1.42 / (download) - annotate - [select for diffs], Sun Aug 18 08:03:19 2013 UTC (10 years, 7 months ago) by imil
Branch: MAIN
Changes since 1.41: +2 -3 lines
Diff to previous 1.41 (colored) to selected 1.122 (colored)

Updated nginx to 1.4.2 and naxsi to 0.51

Changes with nginx 1.4.2

    *) Bugfix: the $r->header_in() embedded perl method did not return value
       of the "Cookie" and "X-Forwarded-For" request header lines; the bug
       had appeared in 1.3.14.

    *) Bugfix: nginx could not be built with the ngx_mail_ssl_module, but
       without ngx_http_ssl_module; the bug had appeared in 1.3.14.

    *) Bugfix: in the "proxy_set_body" directive.
       Thanks to Lanshun Zhou.

    *) Bugfix: the "fail_timeout" parameter of the "server" directive in the
       "upstream" context might not work if "max_fails" parameter was used;
       the bug had appeared in 1.3.0.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "ssl_stapling" directive was used.
       Thanks to Piotr Sikora.

    *) Bugfix: nginx/Windows might stop accepting connections if several
       worker processes were used.

Revision 1.41 / (download) - annotate - [select for diffs], Fri Jul 12 10:45:04 2013 UTC (10 years, 8 months ago) by jperkin
Branch: MAIN
Changes since 1.40: +2 -2 lines
Diff to previous 1.40 (colored) to selected 1.122 (colored)

Bump PKGREVISION of all packages which create users, to pick up change of
sysutils/user_* packages.

Revision 1.40 / (download) - annotate - [select for diffs], Tue Jun 4 22:17:16 2013 UTC (10 years, 9 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2
Changes since 1.39: +2 -2 lines
Diff to previous 1.39 (colored) to selected 1.122 (colored)

Try to fix the fallout caused by the fix for PR pkg/47882. Part 3:

Recursively bump package revisions again after the "freetype2" and
"fontconfig" handling was fixed.

Revision 1.39 / (download) - annotate - [select for diffs], Mon Jun 3 10:06:09 2013 UTC (10 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.38: +2 -1 lines
Diff to previous 1.38 (colored) to selected 1.122 (colored)

Bump freetype2 and fontconfig dependencies to current pkgsrc versions,
to address issues with NetBSD-6(and earlier)'s fontconfig not being
new enough for pango.

While doing that, also bump freetype2 dependency to current pkgsrc
version.

Suggested by tron in PR 47882

Revision 1.38 / (download) - annotate - [select for diffs], Tue May 7 14:04:46 2013 UTC (10 years, 10 months ago) by imil
Branch: MAIN
Changes since 1.37: +2 -3 lines
Diff to previous 1.37 (colored) to selected 1.122 (colored)

Updated to 1.4.1 - fixes CVE-2013-2028

Revision 1.37 / (download) - annotate - [select for diffs], Thu Apr 25 11:27:19 2013 UTC (10 years, 11 months ago) by imil
Branch: MAIN
Changes since 1.36: +2 -1 lines
Diff to previous 1.36 (colored) to selected 1.122 (colored)

Updated the naxsi WAF module to 0.50. Forms multipart parsing improved.

Revision 1.36 / (download) - annotate - [select for diffs], Thu Apr 25 11:10:49 2013 UTC (10 years, 11 months ago) by imil
Branch: MAIN
Changes since 1.35: +2 -2 lines
Diff to previous 1.35 (colored) to selected 1.122 (colored)

Updated nginx stable to 1.4.0. Notable improvements regarding latest stable
version are:

. SPDY protocol support
. WebSocket connections
. OCSP Stapling
. gunzip module
. flood prevention through rejection codes

Full changelog:

Changes with nginx 1.4.0                                         24 Apr 2013

    *) Bugfix: nginx could not be built with the ngx_http_perl_module if the
       --with-openssl option was used; the bug had appeared in 1.3.16.

    *) Bugfix: in a request body handling in the ngx_http_perl_module; the
       bug had appeared in 1.3.9.


Changes with nginx 1.3.16                                        16 Apr 2013

    *) Bugfix: a segmentation fault might occur in a worker process if
       subrequests were used; the bug had appeared in 1.3.9.

    *) Bugfix: the "tcp_nodelay" directive caused an error if a WebSocket
       connection was proxied into a unix domain socket.

    *) Bugfix: the $upstream_response_length variable has an incorrect value
       "0" if buffering was not used.
       Thanks to Piotr Sikora.

    *) Bugfix: in the eventport and /dev/poll methods.


Changes with nginx 1.3.15                                        26 Mar 2013

    *) Change: opening and closing a connection without sending any data in
       it is no longer logged to access_log with error code 400.

    *) Feature: the ngx_http_spdy_module.
       Thanks to Automattic for sponsoring this work.

    *) Feature: the "limit_req_status" and "limit_conn_status" directives.
       Thanks to Nick Marden.

    *) Feature: the "image_filter_interlace" directive.
       Thanks to Ian Babrou.

    *) Feature: $connections_waiting variable in the
       ngx_http_stub_status_module.

    *) Feature: the mail proxy module now supports IPv6 backends.

    *) Bugfix: request body might be transmitted incorrectly when retrying a
       request to the next upstream server; the bug had appeared in 1.3.9.
       Thanks to Piotr Sikora.

    *) Bugfix: in the "client_body_in_file_only" directive; the bug had
       appeared in 1.3.9.

    *) Bugfix: responses might hang if subrequests were used and a DNS error
       happened during subrequest processing.
       Thanks to Lanshun Zhou.

    *) Bugfix: in backend usage accounting.


Changes with nginx 1.3.14                                        05 Mar 2013

    *) Feature: $connections_active, $connections_reading, and
       $connections_writing variables in the ngx_http_stub_status_module.

    *) Feature: support of WebSocket connections in the
       ngx_http_uwsgi_module and ngx_http_scgi_module.

    *) Bugfix: in virtual servers handling with SNI.

    *) Bugfix: new sessions were not always stored if the "ssl_session_cache
       shared" directive was used and there was no free space in shared
       memory.
       Thanks to Piotr Sikora.

    *) Bugfix: multiple X-Forwarded-For headers were handled incorrectly.
       Thanks to Neal Poole for sponsoring this work.

    *) Bugfix: in the ngx_http_mp4_module.
       Thanks to Gernot Vormayr.


Changes with nginx 1.3.13                                        19 Feb 2013

    *) Change: a compiler with name "cc" is now used by default.

    *) Feature: support for proxying of WebSocket connections.
       Thanks to Apcera and CloudBees for sponsoring this work.

    *) Feature: the "auth_basic_user_file" directive supports "{SHA}"
       password encryption method.
       Thanks to Louis Opter.


Changes with nginx 1.3.12                                        05 Feb 2013

    *) Feature: variables support in the "proxy_bind", "fastcgi_bind",
       "memcached_bind", "scgi_bind", and "uwsgi_bind" directives.

    *) Feature: the $pipe, $request_length, $time_iso8601, and $time_local
       variables can now be used not only in the "log_format" directive.
       Thanks to Kiril Kalchev.

    *) Feature: IPv6 support in the ngx_http_geoip_module.
       Thanks to Gregor Kali¨îik.

    *) Bugfix: in the "proxy_method" directive.

    *) Bugfix: a segmentation fault might occur in a worker process if
       resolver was used with the poll method.

    *) Bugfix: nginx might hog CPU during SSL handshake with a backend if
       the select, poll, or /dev/poll methods were used.

    *) Bugfix: the "[crit] SSL_write() failed (SSL:)" error.

    *) Bugfix: in the "client_body_in_file_only" directive; the bug had
       appeared in 1.3.9.

    *) Bugfix: in the "fastcgi_keep_conn" directive.


Changes with nginx 1.3.11                                        10 Jan 2013

    *) Bugfix: a segmentation fault might occur if logging was used; the bug
       had appeared in 1.3.10.

    *) Bugfix: the "proxy_pass" directive did not work with IP addresses
       without port specified; the bug had appeared in 1.3.10.

    *) Bugfix: a segmentation fault occurred on start or during
       reconfiguration if the "keepalive" directive was specified more than
       once in a single upstream block.

    *) Bugfix: parameter "default" of the "geo" directive did not set
       default value for IPv6 addresses.


Changes with nginx 1.3.10                                        25 Dec 2012

    *) Change: domain names specified in configuration file are now resolved
       to IPv6 addresses as well as IPv4 ones.

    *) Change: now if the "include" directive with mask is used on Unix
       systems, included files are sorted in alphabetical order.

    *) Change: the "add_header" directive adds headers to 201 responses.

    *) Feature: the "geo" directive now supports IPv6 addresses in CIDR
       notation.

    *) Feature: the "flush" and "gzip" parameters of the "access_log"
       directive.

    *) Feature: variables support in the "auth_basic" directive.

    *) Bugfix: nginx could not be built with the ngx_http_perl_module in
       some cases.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_xslt_module was used.

    *) Bugfix: nginx could not be built on MacOSX in some cases.
       Thanks to Piotr Sikora.

    *) Bugfix: the "limit_rate" directive with high rates might result in
       truncated responses on 32-bit platforms.
       Thanks to Alexey Antropov.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "if" directive was used.
       Thanks to Piotr Sikora.

    *) Bugfix: a "100 Continue" response was issued with "413 Request Entity
       Too Large" responses.

    *) Bugfix: the "image_filter", "image_filter_jpeg_quality" and
       "image_filter_sharpen" directives might be inherited incorrectly.
       Thanks to Ian Babrou.

    *) Bugfix: "crypt_r() failed" errors might appear if the "auth_basic"
       directive was used on Linux.

    *) Bugfix: in backup servers handling.
       Thanks to Thomas Chen.

    *) Bugfix: proxied HEAD requests might return incorrect response if the
       "gzip" directive was used.


Changes with nginx 1.3.9                                         27 Nov 2012

    *) Feature: support for chunked transfer encoding while reading client
       request body.

    *) Feature: the $request_time and $msec variables can now be used not
       only in the "log_format" directive.

    *) Bugfix: cache manager and cache loader processes might not be able to
       start if more than 512 listen sockets were used.

    *) Bugfix: in the ngx_http_dav_module.


Changes with nginx 1.3.8                                         30 Oct 2012

    *) Feature: the "optional_no_ca" parameter of the "ssl_verify_client"
       directive.
       Thanks to Mike Kazantsev and Eric O'Connor.

    *) Feature: the $bytes_sent, $connection, and $connection_requests
       variables can now be used not only in the "log_format" directive.
       Thanks to Benjamin Gröósing.

    *) Feature: the "auto" parameter of the "worker_processes" directive.

    *) Bugfix: "cache file ... has md5 collision" alert.

    *) Bugfix: in the ngx_http_gunzip_filter_module.

    *) Bugfix: in the "ssl_stapling" directive.


Changes with nginx 1.3.7                                         02 Oct 2012

    *) Feature: OCSP stapling support.
       Thanks to Comodo, DigiCert and GlobalSign for sponsoring this work.

    *) Feature: the "ssl_trusted_certificate" directive.

    *) Feature: resolver now randomly rotates addresses returned from cache.
       Thanks to Anton Jouline.

    *) Bugfix: OpenSSL 0.9.7 compatibility.


Changes with nginx 1.3.6                                         12 Sep 2012

    *) Feature: the ngx_http_gunzip_filter_module.

    *) Feature: the "memcached_gzip_flag" directive.

    *) Feature: the "always" parameter of the "gzip_static" directive.

    *) Bugfix: in the "limit_req" directive; the bug had appeared in 1.1.14.
       Thanks to Charles Chen.

    *) Bugfix: nginx could not be built by gcc 4.7 with -O2 optimization if
       the --with-ipv6 option was used.


Changes with nginx 1.3.5                                         21 Aug 2012

    *) Change: the ngx_http_mp4_module module no longer skips tracks in
       formats other than H.264 and AAC.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "map" directive was used with variables as values.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "geo" directive was used with the "ranges" parameter but without the
       "default" parameter; the bug had appeared in 0.8.43.
       Thanks to Zhen Chen and Weibin Yao.

    *) Bugfix: in the -p command-line parameter handling.

    *) Bugfix: in the mail proxy server.

    *) Bugfix: of minor potential bugs.
       Thanks to Coverity.

    *) Bugfix: nginx/Windows could not be built with Visual Studio 2005
       Express.
       Thanks to HAYASHI Kentaro.


Changes with nginx 1.3.4                                         31 Jul 2012

    *) Change: the "ipv6only" parameter is now turned on by default for
       listening IPv6 sockets.

    *) Feature: the Clang compiler support.

    *) Bugfix: extra listening sockets might be created.
       Thanks to Roman Odaisky.

    *) Bugfix: nginx/Windows might hog CPU if a worker process failed to
       start.
       Thanks to Ricardo Villalobos Guevara.

    *) Bugfix: the "proxy_pass_header", "fastcgi_pass_header",
       "scgi_pass_header", "uwsgi_pass_header", "proxy_hide_header",
       "fastcgi_hide_header", "scgi_hide_header", and "uwsgi_hide_header"
       directives might be inherited incorrectly.


Changes with nginx 1.3.3                                         10 Jul 2012

    *) Feature: entity tags support and the "etag" directive.

    *) Bugfix: trailing dot in a source value was not ignored if the "map"
       directive was used with the "hostnames" parameter.

    *) Bugfix: incorrect location might be used to process a request if a
       URI was changed via a "rewrite" directive before an internal redirect
       to a named location.


Changes with nginx 1.3.2                                         26 Jun 2012

    *) Change: the "single" parameter of the "keepalive" directive is now
       ignored.

    *) Change: SSL compression is now disabled when using all versions of
       OpenSSL, including ones prior to 1.0.0.

    *) Feature: it is now possible to use the "ip_hash" directive to balance
       IPv6 clients.

    *) Feature: the $status variable can now be used not only in the
       "log_format" directive.

    *) Bugfix: a segmentation fault might occur in a worker process on
       shutdown if the "resolver" directive was used.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_mp4_module was used.

    *) Bugfix: in the ngx_http_mp4_module.

    *) Bugfix: a segmentation fault might occur in a worker process if
       conflicting wildcard server names were used.

    *) Bugfix: nginx might be terminated abnormally on a SIGBUS signal on
       ARM platform.

    *) Bugfix: an alert "sendmsg() failed (9: Bad file number)" on HP-UX
       while reconfiguration.


Changes with nginx 1.3.1                                         05 Jun 2012

    *) Security: now nginx/Windows ignores trailing dot in URI path
       component, and does not allow URIs with ":$" in it.
       Thanks to Vladimir Kochetkov, Positive Research Center.

    *) Feature: the "proxy_pass", "fastcgi_pass", "scgi_pass", "uwsgi_pass"
       directives, and the "server" directive inside the "upstream" block,
       now support IPv6 addresses.

    *) Feature: the "resolver" directive now supports IPv6 addresses and an
       optional port specification.

    *) Feature: the "least_conn" directive inside the "upstream" block.

    *) Feature: it is now possible to specify a weight for servers while
       using the "ip_hash" directive.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "image_filter" directive was used; the bug had appeared in 1.3.0.

    *) Bugfix: nginx could not be built with ngx_cpp_test_module; the bug
       had appeared in 1.1.12.

    *) Bugfix: access to variables from SSI and embedded perl module might
       not work after reconfiguration.
       Thanks to Yichun Zhang.

    *) Bugfix: in the ngx_http_xslt_filter_module.
       Thanks to Kuramoto Eiji.

    *) Bugfix: memory leak if $geoip_org variable was used.
       Thanks to Denis F. Latypoff.

    *) Bugfix: in the "proxy_cookie_domain" and "proxy_cookie_path"
       directives.


Changes with nginx 1.3.0                                         15 May 2012

    *) Feature: the "debug_connection" directive now supports IPv6 addresses
       and the "unix:" parameter.

    *) Feature: the "set_real_ip_from" directive and the "proxy" parameter
       of the "geo" directive now support IPv6 addresses.

    *) Feature: the "real_ip_recursive", "geoip_proxy", and
       "geoip_proxy_recursive" directives.

    *) Feature: the "proxy_recursive" parameter of the "geo" directive.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "resolver" directive was used.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "fastcgi_pass", "scgi_pass", or "uwsgi_pass" directives were used and
       backend returned incorrect response.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "rewrite" directive was used and new request arguments in a
       replacement used variables.

    *) Bugfix: nginx might hog CPU if the open file resource limit was
       reached.

    *) Bugfix: nginx might loop infinitely over backends if the
       "proxy_next_upstream" directive with the "http_404" parameter was
       used and there were backup servers specified in an upstream block.

    *) Bugfix: adding the "down" parameter of the "server" directive might
       cause unneeded client redistribution among backend servers if the
       "ip_hash" directive was used.

    *) Bugfix: socket leak.
       Thanks to Yichun Zhang.

    *) Bugfix: in the ngx_http_fastcgi_module.

Revision 1.35 / (download) - annotate - [select for diffs], Wed Apr 17 19:53:52 2013 UTC (10 years, 11 months ago) by imil
Branch: MAIN
Changes since 1.34: +2 -3 lines
Diff to previous 1.34 (colored) to selected 1.122 (colored)

Changes with nginx 1.2.8

    *) Bugfix: new sessions were not always stored if the "ssl_session_cache
       shared" directive was used and there was no free space in shared
       memory.
       Thanks to Piotr Sikora.

    *) Bugfix: responses might hang if subrequests were used and a DNS error
       happened during subrequest processing.
       Thanks to Lanshun Zhou.

    *) Bugfix: in the ngx_http_mp4_module.
       Thanks to Gernot Vormayr.

    *) Bugfix: in backend usage accounting.

Revision 1.34 / (download) - annotate - [select for diffs], Fri Feb 22 15:37:58 2013 UTC (11 years, 1 month ago) by imil
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base, pkgsrc-2013Q1
Changes since 1.33: +3 -101 lines
Diff to previous 1.33 (colored) to selected 1.122 (colored)

Preparing www/nginx-devel import by splitting up Makefile into
Makefile + Makefile.common. nginx is highly backward compatible
and 99% of stable series Makefile applies to devel.

Bumping PKGREVISION

Revision 1.33 / (download) - annotate - [select for diffs], Mon Feb 18 20:32:09 2013 UTC (11 years, 1 month ago) by imil
Branch: MAIN
Changes since 1.32: +4 -3 lines
Diff to previous 1.32 (colored) to selected 1.122 (colored)

Changes with nginx 1.2.7

    *) Change: now if the "include" directive with mask is used on Unix
       systems, included files are sorted in alphabetical order.

    *) Change: the "add_header" directive adds headers to 201 responses.

    *) Feature: the "geo" directive now supports IPv6 addresses in CIDR
       notation.

    *) Feature: the "flush" and "gzip" parameters of the "access_log"
       directive.

    *) Feature: variables support in the "auth_basic" directive.

    *) Feature: the $pipe, $request_length, $time_iso8601, and $time_local
       variables can now be used not only in the "log_format" directive.
       Thanks to Kiril Kalchev.

    *) Feature: IPv6 support in the ngx_http_geoip_module.
       Thanks to Gregor Kali¨îik.

    *) Bugfix: nginx could not be built with the ngx_http_perl_module in
       some cases.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_xslt_module was used.

    *) Bugfix: nginx could not be built on MacOSX in some cases.
       Thanks to Piotr Sikora.

    *) Bugfix: the "limit_rate" directive with high rates might result in
       truncated responses on 32-bit platforms.
       Thanks to Alexey Antropov.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "if" directive was used.
       Thanks to Piotr Sikora.

    *) Bugfix: a "100 Continue" response was issued with "413 Request Entity
       Too Large" responses.

    *) Bugfix: the "image_filter", "image_filter_jpeg_quality" and
       "image_filter_sharpen" directives might be inherited incorrectly.
       Thanks to Ian Babrou.

    *) Bugfix: "crypt_r() failed" errors might appear if the "auth_basic"
       directive was used on Linux.

    *) Bugfix: in backup servers handling.
       Thanks to Thomas Chen.

    *) Bugfix: proxied HEAD requests might return incorrect response if the
       "gzip" directive was used.

    *) Bugfix: a segmentation fault occurred on start or during
       reconfiguration if the "keepalive" directive was specified more than
       once in a single upstream block.

    *) Bugfix: in the "proxy_method" directive.

    *) Bugfix: a segmentation fault might occur in a worker process if
       resolver was used with the poll method.

    *) Bugfix: nginx might hog CPU during SSL handshake with a backend if
       the select, poll, or /dev/poll methods were used.

    *) Bugfix: the "[crit] SSL_write() failed (SSL:)" error.

    *) Bugfix: in the "fastcgi_keep_conn" directive.

+ updated MESSAGES in order to show a working logrotate.

Revision 1.32 / (download) - annotate - [select for diffs], Sat Feb 16 11:24:55 2013 UTC (11 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.31: +2 -2 lines
Diff to previous 1.31 (colored) to selected 1.122 (colored)

Recursive bump for png-1.6.

Revision 1.31 / (download) - annotate - [select for diffs], Wed Feb 6 23:24:02 2013 UTC (11 years, 1 month ago) by jperkin
Branch: MAIN
Changes since 1.30: +2 -1 lines
Diff to previous 1.30 (colored) to selected 1.122 (colored)

PKGREVISION bumps for the security/openssl 1.0.1d update.

Revision 1.30 / (download) - annotate - [select for diffs], Sun Feb 3 19:47:43 2013 UTC (11 years, 1 month ago) by imil
Branch: MAIN
Changes since 1.29: +2 -3 lines
Diff to previous 1.29 (colored) to selected 1.122 (colored)

Changes with nginx 1.2.6

    *) Feature: the $request_time and $msec variables can now be used not
       only in the "log_format" directive.

    *) Bugfix: cache manager and cache loader processes might not be able to
       start if more than 512 listen sockets were used.

    *) Bugfix: in the ngx_http_dav_module.

+ Under NetBSD 5.1_STABLE, a large number of included vhosts led to SEGV, this
does not occur with nginx 1.2.6.

Revision 1.29 / (download) - annotate - [select for diffs], Sat Jan 26 21:39:04 2013 UTC (11 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.28: +2 -1 lines
Diff to previous 1.28 (colored) to selected 1.122 (colored)

Revbump after graphics/jpeg and textproc/icu

Revision 1.28 / (download) - annotate - [select for diffs], Mon Nov 26 14:38:14 2012 UTC (11 years, 4 months ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base, pkgsrc-2012Q4
Changes since 1.27: +2 -2 lines
Diff to previous 1.27 (colored) to selected 1.122 (colored)

Update www/nginx to 1.2.5.

Changes with nginx 1.2.5                                         13 Nov 2012

    *) Feature: the "optional_no_ca" parameter of the "ssl_verify_client"
       directive.
       Thanks to Mike Kazantsev and Eric O'Connor.

    *) Feature: the $bytes_sent, $connection, and $connection_requests
       variables can now be used not only in the "log_format" directive.
       Thanks to Benjamin Grossing.

    *) Feature: resolver now randomly rotates addresses returned from cache.
       Thanks to Anton Jouline.

    *) Feature: the "auto" parameter of the "worker_processes" directive.

    *) Bugfix: "cache file ... has md5 collision" alert.

    *) Bugfix: OpenSSL 0.9.7 compatibility.


Changes with nginx 1.2.4                                         25 Sep 2012

    *) Bugfix: in the "limit_req" directive; the bug had appeared in 1.1.14.
       Thanks to Charles Chen.

    *) Bugfix: nginx could not be built by gcc 4.7 with -O2 optimization if
       the --with-ipv6 option was used.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "map" directive was used with variables as values.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "geo" directive was used with the "ranges" parameter but without the
       "default" parameter; the bug had appeared in 0.8.43.
       Thanks to Zhen Chen and Weibin Yao.

    *) Bugfix: in the -p command-line parameter handling.

    *) Bugfix: in the mail proxy server.

    *) Bugfix: of minor potential bugs.
       Thanks to Coverity.

    *) Bugfix: nginx/Windows could not be built with Visual Studio 2005
       Express.
       Thanks to HAYASHI Kentaro.

Revision 1.27 / (download) - annotate - [select for diffs], Sun Oct 28 06:30:23 2012 UTC (11 years, 5 months ago) by asau
Branch: MAIN
Changes since 1.26: +1 -2 lines
Diff to previous 1.26 (colored) to selected 1.122 (colored)

Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.

Revision 1.26 / (download) - annotate - [select for diffs], Sun Sep 23 12:46:15 2012 UTC (11 years, 6 months ago) by shattered
Branch: MAIN
CVS Tags: pkgsrc-2012Q3-base, pkgsrc-2012Q3
Changes since 1.25: +2 -1 lines
Diff to previous 1.25 (colored) to selected 1.122 (colored)

Add option 'nginx-autodetect-cflags' (not set by default) -- fixes build
problem on Solaris with Sun compiler (nginx ticket 65).

Revision 1.25 / (download) - annotate - [select for diffs], Wed Aug 8 06:44:08 2012 UTC (11 years, 7 months ago) by imil
Branch: MAIN
Changes since 1.24: +2 -2 lines
Diff to previous 1.24 (colored) to selected 1.122 (colored)

Changes with nginx 1.2.3                                         07 Aug 2012

    *) Feature: the Clang compiler support.

    *) Bugfix: extra listening sockets might be created.
       Thanks to Roman Odaisky.

    *) Bugfix: nginx/Windows might hog CPU if a worker process failed to
       start.
       Thanks to Ricardo Villalobos Guevara.

    *) Bugfix: the "proxy_pass_header", "fastcgi_pass_header",
       "scgi_pass_header", "uwsgi_pass_header", "proxy_hide_header",
       "fastcgi_hide_header", "scgi_hide_header", and "uwsgi_hide_header"
       directives might be inherited incorrectly.

    *) Bugfix: trailing dot in a source value was not ignored if the "map"
       directive was used with the "hostnames" parameter.

    *) Bugfix: incorrect location might be used to process a request if a
       URI was changed via a "rewrite" directive before an internal redirect
       to a named location.

Revision 1.24 / (download) - annotate - [select for diffs], Tue Aug 7 10:42:08 2012 UTC (11 years, 7 months ago) by imil
Branch: MAIN
Changes since 1.23: +2 -3 lines
Diff to previous 1.23 (colored) to selected 1.122 (colored)

Changes with nginx 1.2.0                                         23 Apr 2012

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "try_files" directive was used; the bug had appeared in 1.1.19.

    *) Bugfix: response might be truncated if there were more than IOV_MAX
       buffers used.

    *) Bugfix: in the "crop" parameter of the "image_filter" directive.
       Thanks to Maxim Bublis.


Changes with nginx 1.1.19                                        12 Apr 2012

    *) Security: specially crafted mp4 file might allow to overwrite memory
       locations in a worker process if the ngx_http_mp4_module was used,
       potentially resulting in arbitrary code execution (CVE-2012-2089).
       Thanks to Matthew Daley.

    *) Bugfix: nginx/Windows might be terminated abnormally.
       Thanks to Vincent Lee.

    *) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
       "backup".

    *) Bugfix: the "allow" and "deny" directives might be inherited
       incorrectly if they were used with IPv6 addresses.

    *) Bugfix: the "modern_browser" and "ancient_browser" directives might
       be inherited incorrectly.

    *) Bugfix: timeouts might be handled incorrectly on Solaris/SPARC.

    *) Bugfix: in the ngx_http_mp4_module.


Changes with nginx 1.1.18                                        28 Mar 2012

    *) Change: keepalive connections are no longer disabled for Safari by
       default.

    *) Feature: the $connection_requests variable.

    *) Feature: $tcpinfo_rtt, $tcpinfo_rttvar, $tcpinfo_snd_cwnd and
       $tcpinfo_rcv_space variables.

    *) Feature: the "worker_cpu_affinity" directive now works on FreeBSD.

    *) Feature: the "xslt_param" and "xslt_string_param" directives.
       Thanks to Samuel Behan.

    *) Bugfix: in configure tests.
       Thanks to Piotr Sikora.

    *) Bugfix: in the ngx_http_xslt_filter_module.

    *) Bugfix: nginx could not be built on Debian GNU/Hurd.


Changes with nginx 1.1.17                                        15 Mar 2012

    *) Security: content of previously freed memory might be sent to a
       client if backend returned specially crafted response.
       Thanks to Matthew Daley.

    *) Bugfix: in the embedded perl module if used from SSI.
       Thanks to Matthew Daley.

    *) Bugfix: in the ngx_http_uwsgi_module.


Changes with nginx 1.1.16                                        29 Feb 2012

    *) Change: the simultaneous subrequest limit has been raised to 200.

    *) Feature: the "from" parameter of the "disable_symlinks" directive.

    *) Feature: the "return" and "error_page" directives can now be used to
       return 307 redirections.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "resolver" directive was used and there was no "error_log" directive
       specified at global level.
       Thanks to Roman Arutyunyan.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "proxy_http_version 1.1" or "fastcgi_keep_conn on" directives were
       used.

    *) Bugfix: memory leaks.
       Thanks to Lanshun Zhou.

    *) Bugfix: in the "disable_symlinks" directive.

    *) Bugfix: on ZFS filesystem disk cache size might be calculated
       incorrectly; the bug had appeared in 1.0.1.

    *) Bugfix: nginx could not be built by the icc 12.1 compiler.

    *) Bugfix: nginx could not be built by gcc on Solaris; the bug had
       appeared in 1.1.15.


Changes with nginx 1.1.15                                        15 Feb 2012

    *) Feature: the "disable_symlinks" directive.

    *) Feature: the "proxy_cookie_domain" and "proxy_cookie_path"
       directives.

    *) Bugfix: nginx might log incorrect error "upstream prematurely closed
       connection" instead of correct "upstream sent too big header" one.
       Thanks to Feibo Li.

    *) Bugfix: nginx could not be built with the ngx_http_perl_module if the
       --with-openssl option was used.

    *) Bugfix: the number of internal redirects to named locations was not
       limited.

    *) Bugfix: calling $r->flush() multiple times might cause errors in the
       ngx_http_gzip_filter_module.

    *) Bugfix: temporary files might be not removed if the "proxy_store"
       directive was used with SSI includes.

    *) Bugfix: in some cases non-cacheable variables (such as the $args
       variable) returned old empty cached value.

    *) Bugfix: a segmentation fault might occur in a worker process if too
       many SSI subrequests were issued simultaneously; the bug had appeared
       in 0.7.25.


Changes with nginx 1.1.14                                        30 Jan 2012

    *) Feature: multiple "limit_req" limits may be used simultaneously.

    *) Bugfix: in error handling while connecting to a backend.
       Thanks to Piotr Sikora.

    *) Bugfix: in AIO error handling on FreeBSD.

    *) Bugfix: in the OpenSSL library initialization.

    *) Bugfix: the "proxy_redirect" directives might be inherited
       incorrectly.

    *) Bugfix: memory leak during reconfiguration if the "pcre_jit"
       directive was used.


Changes with nginx 1.1.13                                        16 Jan 2012

    *) Feature: the "TLSv1.1" and "TLSv1.2" parameters of the
       "ssl_protocols" directive.

    *) Bugfix: the "limit_req" directive parameters were not inherited
       correctly; the bug had appeared in 1.1.12.

    *) Bugfix: the "proxy_redirect" directive incorrectly processed
       "Refresh" header if regular expression were used.

    *) Bugfix: the "proxy_cache_use_stale" directive with "error" parameter
       did not return answer from cache if there were no live upstreams.

    *) Bugfix: the "worker_cpu_affinity" directive might not work.

    *) Bugfix: nginx could not be built on Solaris; the bug had appeared in
       1.1.12.

    *) Bugfix: in the ngx_http_mp4_module.


Changes with nginx 1.1.12                                        26 Dec 2011

    *) Change: a "proxy_pass" directive without URI part now uses changed
       URI after redirection with the "error_page" directive.
       Thanks to Lanshun Zhou.

    *) Feature: the "proxy/fastcgi/scgi/uwsgi_cache_lock",
       "proxy/fastcgi/scgi/uwsgi_cache_lock_timeout" directives.

    *) Feature: the "pcre_jit" directive.

    *) Feature: the "if" SSI command supports captures in regular
       expressions.

    *) Bugfix: the "if" SSI command did not work inside the "block" command.

    *) Bugfix: the "limit_conn_log_level" and "limit_req_log_level"
       directives might not work.

    *) Bugfix: the "limit_rate" directive did not allow to use full
       throughput, even if limit value was very high.

    *) Bugfix: the "sendfile_max_chunk" directive did not work, if the
       "limit_rate" directive was used.

    *) Bugfix: a "proxy_pass" directive without URI part always used
       original request URI if variables were used.

    *) Bugfix: a "proxy_pass" directive without URI part might use original
       request after redirection with the "try_files" directive.
       Thanks to Lanshun Zhou.

    *) Bugfix: in the ngx_http_scgi_module.

    *) Bugfix: in the ngx_http_mp4_module.

    *) Bugfix: nginx could not be built on Solaris; the bug had appeared in
       1.1.9.


Changes with nginx 1.1.11                                        12 Dec 2011

    *) Feature: the "so_keepalive" parameter of the "listen" directive.
       Thanks to Vsevolod Stakhov.

    *) Feature: the "if_not_empty" parameter of the
       "fastcgi/scgi/uwsgi_param" directives.

    *) Feature: the $https variable.

    *) Feature: the "proxy_redirect" directive supports variables in the
       first parameter.

    *) Feature: the "proxy_redirect" directive supports regular expressions.

    *) Bugfix: the $sent_http_cache_control variable might contain a wrong
       value if the "expires" directive was used.
       Thanks to Yichun Zhang.

    *) Bugfix: the "read_ahead" directive might not work combined with
       "try_files" and "open_file_cache".

    *) Bugfix: a segmentation fault might occur in a worker process if small
       time was used in the "inactive" parameter of the "proxy_cache_path"
       directive.

    *) Bugfix: responses from cache might hang.


Changes with nginx 1.1.10                                        30 Nov 2011

    *) Bugfix: a segmentation fault occured in a worker process if AIO was
       used on Linux; the bug had appeared in 1.1.9.


Changes with nginx 1.1.9                                         28 Nov 2011

    *) Change: now double quotes are encoded in an "echo" SSI-command
       output.
       Thanks to Zaur Abasmirzoev.

    *) Feature: the "valid" parameter of the "resolver" directive. By
       default TTL returned by a DNS server is used.
       Thanks to Kirill A. Korinskiy.

    *) Bugfix: nginx might hang after a worker process abnormal termination.

    *) Bugfix: a segmentation fault might occur in a worker process if SNI
       was used; the bug had appeared in 1.1.2.

    *) Bugfix: in the "keepalive_disable" directive; the bug had appeared in
       1.1.8.
       Thanks to Alexander Usov.

    *) Bugfix: SIGWINCH signal did not work after first binary upgrade; the
       bug had appeared in 1.1.1.

    *) Bugfix: backend responses with length not matching "Content-Length"
       header line are no longer cached.

    *) Bugfix: in the "scgi_param" directive, if complex parameters were
       used.

    *) Bugfix: in the "epoll" event method.
       Thanks to Yichun Zhang.

    *) Bugfix: in the ngx_http_flv_module.
       Thanks to Piotr Sikora.

    *) Bugfix: in the ngx_http_mp4_module.

    *) Bugfix: IPv6 addresses are now handled properly in a request line and
       in a "Host" request header line.

    *) Bugfix: "add_header" and "expires" directives did not work if a
       request was proxied and response status code was 206.

    *) Bugfix: nginx could not be built on FreeBSD 10.

    *) Bugfix: nginx could not be built on AIX.


Changes with nginx 1.1.8                                         14 Nov 2011

    *) Change: the ngx_http_limit_zone_module was renamed to the
       ngx_http_limit_conn_module.

    *) Change: the "limit_zone" directive was superseded by the
       "limit_conn_zone" directive with a new syntax.

    *) Feature: support for multiple "limit_conn" limits on the same level.

    *) Feature: the "image_filter_sharpen" directive.

    *) Bugfix: a segmentation fault might occur in a worker process if
       resolver got a big DNS response.
       Thanks to Ben Hawkes.

    *) Bugfix: in cache key calculation if internal MD5 implementation was
       used; the bug had appeared in 1.0.4.

    *) Bugfix: the "If-Modified-Since", "If-Range", etc. client request
       header lines might be passed to backend while caching; or not passed
       without caching if caching was enabled in another part of the
       configuration.

    *) Bugfix: the module ngx_http_mp4_module sent incorrect
       "Content-Length" response header line if the "start" argument was
       used.
       Thanks to Piotr Sikora.


Changes with nginx 1.1.7                                         31 Oct 2011

    *) Feature: support of several DNS servers in the "resolver" directive.
       Thanks to Kirill A. Korinskiy.

    *) Bugfix: a segmentation fault occurred on start or during
       reconfiguration if the "ssl" directive was used at http level and
       there was no "ssl_certificate" defined.

    *) Bugfix: reduced memory consumption while proxying big files if they
       were buffered to disk.

    *) Bugfix: a segmentation fault might occur in a worker process if
       "proxy_http_version 1.1" directive was used.

    *) Bugfix: in the "expires @time" directive.


Changes with nginx 1.1.6                                         17 Oct 2011

    *) Change in internal API: now module context data are cleared while
       internal redirect to named location.
       Requested by Yichun Zhang.

    *) Change: if a server in an upstream failed, only one request will be
       sent to it after fail_timeout; the server will be considered alive if
       it will successfully respond to the request.

    *) Change: now the 0x7F-0x1F characters are escaped as \xXX in an
       access_log.

    *) Feature: "proxy/fastcgi/scgi/uwsgi_ignore_headers" directives support
       the following additional values: X-Accel-Limit-Rate,
       X-Accel-Buffering, X-Accel-Charset.

    *) Feature: decrease of memory consumption if SSL is used.

    *) Bugfix: some UTF-8 characters were processed incorrectly.
       Thanks to Alexey Kuts.

    *) Bugfix: the ngx_http_rewrite_module directives specified at "server"
       level were executed twice if no matching locations were defined.

    *) Bugfix: a socket leak might occurred if "aio sendfile" was used.

    *) Bugfix: connections with fast clients might be closed after
       send_timeout if file AIO was used.

    *) Bugfix: in the ngx_http_autoindex_module.

    *) Bugfix: the module ngx_http_mp4_module did not support seeking on
       32-bit platforms.


Changes with nginx 1.1.5                                         05 Oct 2011

    *) Feature: the "uwsgi_buffering" and "scgi_buffering" directives.
       Thanks to Peter Smit.

    *) Bugfix: non-cacheable responses might be cached if
       "proxy_cache_bypass" directive was used.
       Thanks to John Ferlito.

    *) Bugfix: in HTTP/1.1 support in the ngx_http_proxy_module.

    *) Bugfix: cached responses with an empty body were returned
       incorrectly; the bug had appeared in 0.8.31.

    *) Bugfix: 201 responses of the ngx_http_dav_module were incorrect; the
       bug had appeared in 0.8.32.

    *) Bugfix: in the "return" directive.

    *) Bugfix: the "ssl_session_cache builtin" directive caused segmentation
       fault; the bug had appeared in 1.1.1.


Changes with nginx 1.1.4                                         20 Sep 2011

    *) Feature: the ngx_http_upstream_keepalive module.

    *) Feature: the "proxy_http_version" directive.

    *) Feature: the "fastcgi_keep_conn" directive.

    *) Feature: the "worker_aio_requests" directive.

    *) Bugfix: if nginx was built --with-file-aio it could not be run on
       Linux kernel which did not support AIO.

    *) Bugfix: in Linux AIO error processing.
       Thanks to Hagai Avrahami.

    *) Bugfix: reduced memory consumption for long-lived requests.

    *) Bugfix: the module ngx_http_mp4_module did not support 64-bit MP4
       "co64" atom.


Changes with nginx 1.1.3                                         14 Sep 2011

    *) Feature: the module ngx_http_mp4_module.

    *) Bugfix: in Linux AIO combined with open_file_cache.

    *) Bugfix: open_file_cache did not update file info on retest if file
       was not atomically changed.

    *) Bugfix: nginx could not be built on MacOSX 10.7.


Changes with nginx 1.1.2                                         05 Sep 2011

    *) Change: now if total size of all ranges is greater than source
       response size, then nginx disables ranges and returns just the source
       response.

    *) Feature: the "max_ranges" directive.

    *) Bugfix: the "ssl_verify_client", "ssl_verify_depth", and
       "ssl_prefer_server_ciphers" directives might work incorrectly if SNI
       was used.

    *) Bugfix: in the "proxy/fastcgi/scgi/uwsgi_ignore_client_abort"
       directives.


Changes with nginx 1.1.1                                         22 Aug 2011

    *) Change: now cache loader processes either as many files as specified
       by "loader_files" parameter or works no longer than time specified by
       the "loader_threshold" parameter during each iteration.

    *) Change: now SIGWINCH signal works only in daemon mode.

    *) Feature: now shared zones and caches use POSIX semaphores on Solaris.
       Thanks to Den Ivanov.

    *) Feature: accept filters are now supported on NetBSD.

    *) Bugfix: nginx could not be built on Linux 3.0.

    *) Bugfix: nginx did not use gzipping in some cases; the bug had
       appeared in 1.1.0.

    *) Bugfix: request body might be processed incorrectly if client used
       pipelining.

    *) Bugfix: in the "request_body_in_single_buf" directive.

    *) Bugfix: in "proxy_set_body" and "proxy_pass_request_body" directives
       if SSL connection to backend was used.

    *) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
       "down".

    *) Bugfix: a segmentation fault might occur during reconfiguration if
       ssl_session_cache was defined but not used in previous configuration.

    *) Bugfix: a segmentation fault might occur in a worker process if many
       backup servers were used in an upstream.

    *) Bugfix: a segmentation fault might occur in a worker process if
       "fastcgi/scgi/uwsgi_param" directives were used with values starting
       with "HTTP_"; the bug had appeared in 0.8.40.


Changes with nginx 1.1.0                                         01 Aug 2011

    *) Feature: cache loader run time decrease.

    *) Feature: "loader_files", "loader_sleep", and "loader_threshold"
       options of the "proxy/fastcgi/scgi/uwsgi_cache_path" directives.

    *) Feature: loading time decrease of configuration with large number of
       HTTPS sites.

    *) Feature: now nginx supports ECDHE key exchange ciphers.
       Thanks to Adrian Kotelba.

    *) Feature: the "lingering_close" directive.
       Thanks to Maxim Dounin.

    *) Bugfix: in closing connection for pipelined requests.
       Thanks to Maxim Dounin.

    *) Bugfix: nginx did not disable gzipping if client sent "gzip;q=0" in
       "Accept-Encoding" request header line.

    *) Bugfix: in timeout in unbuffered proxied mode.
       Thanks to Maxim Dounin.

    *) Bugfix: memory leaks when a "proxy_pass" directive contains variables
       and proxies to an HTTPS backend.
       Thanks to Maxim Dounin.

    *) Bugfix: in parameter validaiton of a "proxy_pass" directive with
       variables.
       Thanks to Lanshun Zhou.

    *) Bugfix: SSL did not work on QNX.
       Thanks to Maxim Dounin.

    *) Bugfix: SSL modules could not be built by gcc 4.6 without
       --with-debug option.

Revision 1.23 / (download) - annotate - [select for diffs], Tue Aug 7 08:21:53 2012 UTC (11 years, 7 months ago) by imil
Branch: MAIN
Changes since 1.22: +2 -1 lines
Diff to previous 1.22 (colored) to selected 1.122 (colored)

While we are not supposed to revbump for a module that does not affect
standard package, that naxsi update is rather critical, people using that
option should upgrade.

Revision 1.22 / (download) - annotate - [select for diffs], Sat Apr 21 10:32:47 2012 UTC (11 years, 11 months ago) by imil
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base, pkgsrc-2012Q2
Changes since 1.21: +12 -4 lines
Diff to previous 1.21 (colored) to selected 1.122 (colored)

Added the naxsi (http://code.google.com/p/naxsi/) module, an applicative
firewall for nginx.

Revision 1.21 / (download) - annotate - [select for diffs], Tue Apr 17 21:12:42 2012 UTC (11 years, 11 months ago) by shattered
Branch: MAIN
Changes since 1.20: +3 -3 lines
Diff to previous 1.20 (colored) to selected 1.122 (colored)

Update to 1.0.15 and delint.  Changes:

    *) Security: specially crafted mp4 file might allow to overwrite memory
       locations in a worker process if the ngx_http_mp4_module was used,
       potentially resulting in arbitrary code execution (CVE-2012-2089).

Revision 1.20 / (download) - annotate - [select for diffs], Fri Mar 16 11:28:09 2012 UTC (12 years ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1
Changes since 1.19: +2 -3 lines
Diff to previous 1.19 (colored) to selected 1.122 (colored)

Update to nginx 1.0.14.


Changes with nginx 1.0.14

    *) Security: content of previously freed memory might be sent to a
       client if backend returned specially crafted response.
       Thanks to Matthew Daley.


Changes with nginx 1.0.13

    *) Feature: the "return" and "error_page" directives can now be used to
       return 307 redirections.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "resolver" directive was used and there was no "error_log" directive
       specified at global level.
       Thanks to Roman Arutyunyan.

    *) Bugfix: memory leaks.
       Thanks to Lanshun Zhou.

    *) Bugfix: nginx might log incorrect error "upstream prematurely closed
       connection" instead of correct "upstream sent too big header" one.
       Thanks to Feibo Li.

    *) Bugfix: on ZFS filesystem disk cache size might be calculated
       incorrectly; the bug had appeared in 1.0.1.

    *) Bugfix: the number of internal redirects to named locations was not
       limited.

    *) Bugfix: temporary files might be not removed if the "proxy_store"
       directive was used with SSI includes.

    *) Bugfix: in some cases non-cacheable variables (such as the $args
       variable) returned old empty cached value.

    *) Bugfix: the "proxy_redirect" directives might be inherited
       incorrectly.

    *) Bugfix: nginx could not be built with the ngx_http_perl_module if the
       --with-openssl option was used.

    *) Bugfix: nginx could not be built by the icc 12.1 compiler.


Changes with nginx 1.0.12

    *) Feature: the "TLSv1.1" and "TLSv1.2" parameters of the
       "ssl_protocols" directive.

    *) Feature: the "if" SSI command supports captures in regular
       expressions.

    *) Bugfix: the "if" SSI command did not work inside the "block" command.

    *) Bugfix: in AIO error handling on FreeBSD.

    *) Bugfix: in the OpenSSL library initialization.

    *) Bugfix: the "worker_cpu_affinity" directive might not work.

    *) Bugfix: the "limit_conn_log_level" and "limit_req_log_level"
       directives might not work.

    *) Bugfix: the "read_ahead" directive might not work combined with
       "try_files" and "open_file_cache".

    *) Bugfix: the "proxy_cache_use_stale" directive with "error" parameter
       did not return answer from cache if there were no live upstreams.

    *) Bugfix: a segmentation fault might occur in a worker process if small
       time was used in the "inactive" parameter of the "proxy_cache_path"
       directive.

    *) Bugfix: responses from cache might hang.

    *) Bugfix: in error handling while connecting to a backend.
       Thanks to Piotr Sikora.

    *) Bugfix: in the "epoll" event method.
       Thanks to Yichun Zhang.

    *) Bugfix: the $sent_http_cache_control variable might contain a wrong
       value if the "expires" directive was used.
       Thanks to Yichun Zhang.

    *) Bugfix: the "limit_rate" directive did not allow to use full
       throughput, even if limit value was very high.

    *) Bugfix: the "sendfile_max_chunk" directive did not work, if the
       "limit_rate" directive was used.

    *) Bugfix: nginx could not be built on Solaris; the bug had appeared in
       1.0.11.

    *) Bugfix: in the ngx_http_scgi_module.

    *) Bugfix: in the ngx_http_mp4_module.


Changes with nginx 1.0.11

    *) Change: now double quotes are encoded in an "echo" SSI-command
       output.
       Thanks to Zaur Abasmirzoev.

    *) Feature: the "image_filter_sharpen" directive.

    *) Bugfix: a segmentation fault might occur in a worker process if SNI
       was used; the bug had appeared in 1.0.9.

    *) Bugfix: SIGWINCH signal did not work after first binary upgrade; the
       bug had appeared in 1.0.9.

    *) Bugfix: the "If-Modified-Since", "If-Range", etc. client request
       header lines might be passed to backend while caching; or not passed
       without caching if caching was enabled in another part of the
       configuration.

    *) Bugfix: in the "scgi_param" directive, if complex parameters were
       used.

    *) Bugfix: "add_header" and "expires" directives did not work if a
       request was proxied and response status code was 206.

    *) Bugfix: in the "expires @time" directive.

    *) Bugfix: in the ngx_http_flv_module.
       Thanks to Piotr Sikora.

    *) Bugfix: in the ngx_http_mp4_module.

    *) Bugfix: nginx could not be built on FreeBSD 10.

    *) Bugfix: nginx could not be built on AIX.

Revision 1.19 / (download) - annotate - [select for diffs], Sat Mar 3 12:54:22 2012 UTC (12 years ago) by wiz
Branch: MAIN
Changes since 1.18: +2 -1 lines
Diff to previous 1.18 (colored) to selected 1.122 (colored)

More pcre PKGREVISION bumps.

Revision 1.18 / (download) - annotate - [select for diffs], Sun Dec 4 14:41:01 2011 UTC (12 years, 3 months ago) by shattered
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base, pkgsrc-2011Q4
Changes since 1.17: +4 -4 lines
Diff to previous 1.17 (colored) to selected 1.122 (colored)

Update to 1.0.10 and delint.  Partially resolves PR/45317, PR/45612 and
PR/45506.  No new options added.  Notable changes:

    *) Bugfix: a segmentation fault might occur in a worker process if
       resolver got a big DNS response.

    *) Feature: accept filters are now supported on NetBSD.

    *) Bugfix: a segmentation fault occurred on start or while
       reconfiguration if the "ssl" directive was used at http level and
       there was no "ssl_certificate" defined.

    *) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
       "down".

    *) Bugfix: a segmentation fault might occur during reconfiguration if
       ssl_session_cache was defined but not used in previous configuration.

    *) Bugfix: a segmentation fault might occur in a worker process if many
       backup servers were used in an upstream.

    *) Feature: now nginx supports ECDHE key exchange ciphers.

    *) Change: now default SSL ciphers are "HIGH:!aNULL:!MD5".

    *) Bugfix: a segmentation fault might occur in a worker process, if a
       caching was used.

    *) Bugfix: worker processes may got caught in an endless loop during
       reconfiguration, if a caching was used; the bug had appeared in 0.8.48.

Revision 1.17 / (download) - annotate - [select for diffs], Sun Nov 20 12:37:14 2011 UTC (12 years, 4 months ago) by shattered
Branch: MAIN
Changes since 1.16: +2 -2 lines
Diff to previous 1.16 (colored) to selected 1.122 (colored)

Delint only.

Revision 1.16 / (download) - annotate - [select for diffs], Fri Jun 10 10:36:18 2011 UTC (12 years, 9 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2
Changes since 1.15: +5 -3 lines
Diff to previous 1.15 (colored) to selected 1.122 (colored)

Update to nginx-1.0.4 on the release branch. Many bug fixes, improvements
for dealing with many clients under load, support for in-unmodified-since
and a shiny new manual page.

Revision 1.15 / (download) - annotate - [select for diffs], Sat Nov 13 22:30:56 2010 UTC (13 years, 4 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4
Changes since 1.14: +2 -2 lines
Diff to previous 1.14 (colored) to selected 1.122 (colored)

Update to nginx-0.8.53:
- Allow the "error_page" directive to change the status code in a
  redirect
- Support special "degration" mask in "gzip_disable" directive
- Fix a socket leak with file AIO
- Fix bug that made a server the default if none was explicitly set and
  the first server has no "listen" directive

Revision 1.14 / (download) - annotate - [select for diffs], Tue Oct 12 16:16:40 2010 UTC (13 years, 5 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base, pkgsrc-2010Q3
Changes since 1.13: +2 -2 lines
Diff to previous 1.13 (colored) to selected 1.122 (colored)

Update to nginx-0.8.52 which is the new stable branch:
*) Change: the "secure_link_expires" directive has been canceled.
*) Change: a logging level of resolver errors has been lowered from
   "alert" to "error".
*) Feature: now a listen socket "ssl" parameter may be set several
   times.

Revision 1.13 / (download) - annotate - [select for diffs], Mon Sep 6 16:00:55 2010 UTC (13 years, 6 months ago) by joerg
Branch: MAIN
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored) to selected 1.122 (colored)

nginx 0.8.50:
    *) Feature: the "secure_link", "secure_link_md5", and
       "secure_link_expires" directives of the ngx_http_secure_link_module.

    *) Feature: the -q switch.
       Thanks to Gena Makhomed.

    *) Bugfix: worker processes may got caught in an endless loop during
       reconfiguration, if a caching was used; the bug had appeared in
       0.8.48.

    *) Bugfix: in the "gzip_disable" directive.
       Thanks to Derrick Petzold.

    *) Feature: the "image_filter_jpeg_quality" directive supports
       variables.

    *) Bugfix: a segmentation fault might occur in a worker process, if the
       $geoip_region_name variables was used; the bug had appeared in
       0.8.48.

    *) Bugfix: errors intercepted by error_page were cached only for next
       request; the bug had appeared in 0.8.48.

    *) Change: now the "server_name" directive default value is an empty
       name "".
       Thanks to Gena Makhomed.

    *) Change: now the "server_name_in_redirect" directive default value is
       "off".

    *) Feature: the $geoip_dma_code, $geoip_area_code, and
       $geoip_region_name variables.
       Thanks to Christine McGonagle.

    *) Bugfix: the "proxy_pass", "fastcgi_pass", "uwsgi_pass", and
       "scgi_pass" directives were not inherited inside "limit_except"
       blocks.

    *) Bugfix: the "proxy_cache_min_uses", "fastcgi_cache_min_uses"
       "uwsgi_cache_min_uses", and "scgi_cache_min_uses" directives did not
       work; the bug had appeared in 0.8.46.

    *) Bugfix: the "fastcgi_split_path_info" directive used incorrectly
       captures, if only parts of an URI were captured.
       Thanks to Yuriy Taraday and Frank Enderle.

    *) Bugfix: the "rewrite" directive did not escape a ";" character
       during copying from URI to query string.
       Thanks to Daisuke Murase.

    *) Bugfix: the ngx_http_image_filter_module closed a connection, if an
       image was larger than "image_filter_buffer" size.


    *) Bugfix: $request_time variable had invalid values for subrequests.

    *) Bugfix: errors intercepted by error_page could not be cached.

    *) Bugfix: a cache manager process may got caught in an endless loop,
       if max_size parameter was used; the bug had appeared in 0.8.46.

    *) Change: now the "proxy_no_cache", "fastcgi_no_cache",
       "uwsgi_no_cache", and "scgi_no_cache" directives affect on a cached
       response saving only.

    *) Feature: the "proxy_cache_bypass", "fastcgi_cache_bypass",
       "uwsgi_cache_bypass", and "scgi_cache_bypass" directives.

    *) Bugfix: nginx did not free memory in cache keys zones if there was
       an error during working with backend: the memory was freed only
       after inactivity time or on memory low condition.

    *) Feature: ngx_http_xslt_filter improvements.
       Thanks to Laurence Rowe.

    *) Bugfix: SSI response might be truncated after include with
       wait="yes"; the bug had appeared in 0.7.25.
       Thanks to Maxim Dounin.

    *) Bugfix: the "listen" directive did not support the "setfib=0"
       parameter.

    *) Change: now nginx does not cache by default backend responses, if
       they have a "Set-Cookie" header line.

    *) Feature: the "listen" directive supports the "setfib" parameter.
       Thanks to Andrew Filonov.

    *) Bugfix: the "sub_filter" directive might change character case on
       partial match.

    *) Bugfix: compatibility with HP/UX.

    *) Bugfix: compatibility with AIX xcl_r compiler.

    *) Bugfix: nginx treated large SSLv2 packets as plain requests.
       Thanks to Miroslaw Jaworski.

    *) Feature: large geo ranges base loading speed-up.

    *) Bugfix: an error_page redirection to "location /zero {return 204;}"
       without changing status code kept the error body; the bug had
       appeared in 0.8.42.

    *) Bugfix: nginx might close IPv6 listen socket during
       reconfiguration.
       Thanks to Maxim Dounin.

    *) Bugfix: the $uid_set variable may be used at any request processing
       stage.

    *) Change: now nginx tests locations given by regular expressions, if
       request was matched exactly by a location given by a prefix string.
       The previous behavior has been introduced in 0.7.1.

    *) Feature: the ngx_http_scgi_module.
       Thanks to Manlio Perillo.

    *) Feature: a text answer may be added to a "return" directive.

Revision 1.12 / (download) - annotate - [select for diffs], Sun Jul 18 01:33:20 2010 UTC (13 years, 8 months ago) by joerg
Branch: MAIN
Changes since 1.11: +2 -2 lines
Diff to previous 1.11 (colored) to selected 1.122 (colored)

MAKE_DIRS, not MAKE_DIR.

Revision 1.11 / (download) - annotate - [select for diffs], Sun Jul 18 01:28:43 2010 UTC (13 years, 8 months ago) by joerg
Branch: MAIN
Changes since 1.10: +2 -1 lines
Diff to previous 1.10 (colored) to selected 1.122 (colored)

Add pid directory to MAKE_DIR, in case non-default VARBASE is used.

Revision 1.10 / (download) - annotate - [select for diffs], Tue Jun 15 20:05:48 2010 UTC (13 years, 9 months ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2010Q2-base, pkgsrc-2010Q2
Changes since 1.9: +5 -6 lines
Diff to previous 1.9 (colored) to selected 1.122 (colored)

nginx-0.8.41:
- New http_uwsgi_module, replacing the (optional) external one
- New ngx_http_split_clients module
- Support "map" directive with keys longer than 255 charecters
- Allow overriding client request header in fastcgi_param
- New "proxy_no_cache" and "fastcgi_no_cache" directives
- Automatically redirect from "rewrite" if $scheme is used
- Various bugfixes

Revision 1.9 / (download) - annotate - [select for diffs], Mon Mar 8 13:54:47 2010 UTC (14 years ago) by joerg
Branch: MAIN
CVS Tags: pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored) to selected 1.122 (colored)

nginx-0.8.34:
- Support all ciphers and digests typically used in client certificates
- Fix caching of FastCGI reponses with large stderr output
- Support HTTPS referrers
- Fix $date_local variable with "%s" format
- Fix client certificate verification error with ssl_session_cache=none
- Fix matching error with geo ranges
- Fix SSI issue with stub parameter
- Fix $r->sleep

Revision 1.8 / (download) - annotate - [select for diffs], Mon Feb 8 14:25:44 2010 UTC (14 years, 1 month ago) by joerg
Branch: MAIN
Changes since 1.7: +3 -2 lines
Diff to previous 1.7 (colored) to selected 1.122 (colored)

nginx-0.8.33:
- fix issues with Keep-Alive in various clients
- fix issue with internal redirects between proxy/fastcgi locations
- fix a bug with discarding request bodies

Add optional uwsgi backend.

Revision 1.7 / (download) - annotate - [select for diffs], Sat Jan 23 16:32:11 2010 UTC (14 years, 2 months ago) by joerg
Branch: MAIN
Changes since 1.6: +38 -9 lines
Diff to previous 1.6 (colored) to selected 1.122 (colored)

Update to nginx-0.8.32. Way too many changes to list after two years of
development. Based on wip/nginx.

Revision 1.6 / (download) - annotate - [select for diffs], Fri Jan 22 13:44:06 2010 UTC (14 years, 2 months ago) by ghen
Branch: MAIN
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored) to selected 1.122 (colored)

Release maintainership, so someone else can update this to the current decade.

Revision 1.5 / (download) - annotate - [select for diffs], Fri Jan 18 05:09:52 2008 UTC (16 years, 2 months ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, pkgsrc-2008Q1-base, pkgsrc-2008Q1, cwrapper, cube-native-xorg-base, cube-native-xorg
Changes since 1.4: +2 -1 lines
Diff to previous 1.4 (colored) to selected 1.122 (colored)

Per the process outlined in revbump(1), perform a recursive revbump
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@

Revision 1.4 / (download) - annotate - [select for diffs], Wed Jan 9 14:42:54 2008 UTC (16 years, 2 months ago) by ghen
Branch: MAIN
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored) to selected 1.122 (colored)

Update to nginx-0.5.35.

    *) Change: now the ngx_http_userid_module adds start time microseconds
       to the cookie field contains a pid value.

    *) Change: now the uname(2) is used on Linux instead of procfs.
       Thanks to Ilya Novikov.

    *) Feature: the "If-Range" request header line support.
       Thanks to Alexander V. Inyukhin.

    *) Bugfix: in HTTPS mode requests might fail with the "bad write retry"
       error; bug appeared in 0.5.13.

    *) Bugfix: the STARTTLS in SMTP mode did not work.
       Thanks to Oleg Motienko.

    *) Bugfix: large_client_header_buffers did not freed before going to
       keep-alive state.
       Thanks to Olexander Shtepa.

    *) Bugfix: the "limit_rate" directive did not allow to use full
       throughput, even if limit value was very high.

    *) Bugfix: the $status variable was equal to 0 if a proxied server
       returned response in HTTP/0.9 version.

    *) Bugfix: if the "?" character was in a "error_page" directive, then
       it was escaped in a proxied request; bug appeared in 0.5.32.

Revision 1.3 / (download) - annotate - [select for diffs], Mon Jan 7 10:42:01 2008 UTC (16 years, 2 months ago) by ghen
Branch: MAIN
Changes since 1.2: +2 -2 lines
Diff to previous 1.2 (colored) to selected 1.122 (colored)

Update to nginx 0.5.34

    *) Change: now the full request line instead of URI only is written to
       error_log.

    *) Feature: Cygwin compatibility.
       Thanks to Vladimir Kutakov.

    *) Feature: the "merge_slashes" directive.

    *) Feature: the "gzip_vary" directive.

    *) Feature: the "server_tokens" directive.

    *) Feature: the "access_log" directive may be used inside the
       "limit_except" block.

    *) Bugfix: if the $server_protocol was used in FastCGI parameters and a
       request line length was near to the "client_header_buffer_size"
       directive value, then nginx issued an alert "fastcgi: the request
       record is too big".

    *) Bugfix: if a plain text HTTP/0.9 version request was made to HTTPS
       server, then nginx returned usual response.

    *) Bugfix: URL double escaping in a redirect of the "msie_refresh"
       directive; bug appeared in 0.5.28.

    *) Bugfix: a segmentation fault might occur in worker process if
       subrequests were used.

    *) Bugfix: the big responses may be transferred truncated if SSL and
       gzip were used.

    *) Bugfix: compatibility with mget.

    *) Bugfix: nginx did not unescape URI in the "include" SSI command.

    *) Bugfix: the segmentation fault was occurred on start or while
       reconfiguration if variable was used in the "charset" or
       "source_charset" directives.

    *) Bugfix: nginx returned the 400 response on requests like
       "GET http://www.domain.com HTTP/1.0".
       Thanks to James Oakley.

    *) Bugfix: a segmentation fault occurred in worker process if
       $date_local and $date_gmt were used outside the
       ngx_http_ssi_filter_module.

    *) Bugfix: a segmentation fault might occur in worker process if debug
       log was enabled.
       Thanks to Andrei Nigmatulin.

    *) Bugfix: ngx_http_memcached_module did not set
       $upstream_response_time.
       Thanks to Maxim Dounin.

    *) Bugfix: a worker process may got caught in an endless loop, if the
       memcached was used.

Revision 1.2 / (download) - annotate - [select for diffs], Fri Jan 4 11:48:12 2008 UTC (16 years, 2 months ago) by ghen
Branch: MAIN
Changes since 1.1: +7 -5 lines
Diff to previous 1.1 (colored) to selected 1.122 (colored)

Full DESTDIR support.

Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Tue Dec 11 09:12:26 2007 UTC (16 years, 3 months ago) by ghen
Branch: TNF
CVS Tags: pkgsrc-base, pkgsrc-2007Q4-base, pkgsrc-2007Q4
Changes since 1.1: +0 -0 lines
Diff to previous 1.1 (colored) to selected 1.122 (colored)

Import nginx (pronounced "engine X") from pkgsrc-wip, a lightweight web (HTTP)
server/reverse proxy and mail (IMAP/POP3) proxy.

Revision 1.1 / (download) - annotate - [select for diffs], Tue Dec 11 09:12:26 2007 UTC (16 years, 3 months ago) by ghen
Branch: MAIN
Diff to selected 1.122 (colored)

Initial revision

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>