From mdounin at mdounin.ru Wed Feb 14 17:59:10 2024 From: mdounin at mdounin.ru (Maxim Dounin) Date: Wed, 14 Feb 2024 20:59:10 +0300 Subject: [nginx-announce] announcing freenginx.org Message-ID: Hello! As you probably know, F5 closed Moscow office in 2022, and I no longer work for F5 since then. Still, we?ve reached an agreement that I will maintain my role in nginx development as a volunteer. And for almost two years I was working on improving nginx and making it better for everyone, for free. Unfortunately, some new non-technical management at F5 recently decided that they know better how to run open source projects. In particular, they decided to interfere with security policy nginx uses for years, ignoring both the policy and developers? position. That?s quite understandable: they own the project, and can do anything with it, including doing marketing-motivated actions, ignoring developers position and community. Still, this contradicts our agreement. And, more importantly, I no longer able to control which changes are made in nginx within F5, and no longer see nginx as a free and open source project developed and maintained for the public good. As such, starting from today, I will no longer participate in nginx development as run by F5. Instead, I?m starting an alternative project, which is going to be run by developers, and not corporate entities: http://freenginx.org/ The goal is to keep nginx development free from arbitrary corporate actions. Help and contributions are welcome. Hope it will be beneficial for everyone. -- Maxim Dounin http://freenginx.org/ From mdounin at mdounin.ru Tue Feb 20 17:45:21 2024 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 20 Feb 2024 20:45:21 +0300 Subject: [nginx-announce] nginx-1.25.4 Message-ID: Changes with freenginx 1.25.4 20 Feb 2024 *) Change: now the "freenginx" name is used in responses. *) Bugfix: "open socket left" alerts might appear in logs during worker processes shutdown when using AIO. *) Bugfix: a segmentation fault might occur in a worker process if AIO was used in subrequests. *) Bugfix: a segmentation fault might occur in a worker process if the "image_filter" directive was used, and errors with code 415 were redirected with the "error_page" directive. *) Bugfix: a segmentation fault might occur in a worker process when handling cached responses with the "X-Accel-Redirect" header. Thanks to Ji?? Setni?ka. *) Bugfix: a segmentation fault might occur in a worker process when using HTTP/3. *) Bugfixes and improvements in HTTP/3. -- Maxim Dounin http://freenginx.org/ From mdounin at mdounin.ru Tue Apr 2 18:51:32 2024 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 2 Apr 2024 21:51:32 +0300 Subject: [nginx-announce] freenginx-1.25.5 Message-ID: Changes with freenginx 1.25.5 02 Apr 2024 *) Change: MIME type for the "bmp" extension has been changed to "image/bmp", for the "rar" extension to "application/vnd.rar", and the "deb" and "udeb" extensions now use the "application/vnd.debian.binary-package" MIME type. Thanks to Yuriy Izorkin. *) Change: the "client_max_body_size" directive is now used to limit total size of ignored chunk extensions and trailer headers when reading a request body using chunked transfer encoding. Thanks to Bartek Nowotarski. *) Change: now at most one empty line is allowed before a request. *) Feature: logging to syslog errors are now reported at most once per second. *) Feature: the "max_commands" directive in the mail proxy module. *) Bugfix: incorrect server name might be returned in responses when using the "server_tokens off" directive. Thanks to Tatsuya Kaneko and Antanas Pata?ius. *) Bugfix: when reading a request body from a fast connection reading for a long time was possible. -- Maxim Dounin http://freenginx.org/ From mdounin at mdounin.ru Tue Apr 9 13:30:49 2024 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 9 Apr 2024 16:30:49 +0300 Subject: [nginx-announce] freenginx-1.26.0 Message-ID: Changes with freenginx 1.26.0 09 Apr 2024 *) 1.26.x stable branch. -- Maxim Dounin http://freenginx.org/ From mdounin at mdounin.ru Tue May 14 15:03:26 2024 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 14 May 2024 18:03:26 +0300 Subject: [nginx-announce] freenginx-1.27.0 Message-ID: Changes with freenginx 1.27.0 14 May 2024 *) Feature: updated descriptions of HTTP status codes. Thanks to Michiel W. Beijen. *) Change: now, if an error occurs during reading a request body, the request body is automatically discarded, and for complex error processing, such as proxying, it is no longer needed to explicitly disable passing of the request body to the proxied server. *) Change: the logging level of the "SSL alert number N" and "invalid alert" SSL errors has been lowered from "crit" to "info". *) Change: now freenginx always returns an error if a header name is not followed by a colon. Thanks to Maksim Yevmenkin. *) Feature: the "off" parameter of the "pid" directive. *) Feature: now during reconfiguration no attempt to recreate the PID file is made if the name in the "pid" directive was changed, but points to the same file via symlinks. *) Workaround: "PID file ... not readable (yet?) after start" and "Failed to parse PID from file..." errors might appear when starting with systemd. *) Bugfix: no error was written to the error log when a timeout occurred during reading a request body. *) Bugfix: redirecting errors with code 413 with the "error_page" directive worked incorrectly when using HTTP/2 and HTTP/3. *) Bugfix: freenginx could not be built on NetBSD 10.0. *) Bugfix: in HTTP/3. -- Maxim Dounin http://freenginx.org/ From mdounin at mdounin.ru Tue Jun 4 14:09:02 2024 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 4 Jun 2024 17:09:02 +0300 Subject: [nginx-announce] freenginx-1.27.1 Message-ID: Changes with freenginx 1.27.1 04 Jun 2024 *) Feature: the "max_headers" directive. Thanks to Maksim Yevmenkin. *) Feature: the $upstream_cache_key variable. Thanks to Kirill A. Korinsky. *) Feature: XOAUTH2 and OAUTHBEARER authentication mechanisms support in the mail proxy module. Thanks to Rob Mueller. *) Bugfix: graceful shutdown of old worker processes might be delayed when using HTTP/2. Thanks to Kasei Wang. *) Bugfix: a segmentation fault might occur in a worker process when using HTTP/3. *) Bugfix: in HTTP/3. *) Bugfix: in the mail proxy module. -- Maxim Dounin http://freenginx.org/ From mdounin at mdounin.ru Tue Jul 9 14:57:00 2024 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 9 Jul 2024 17:57:00 +0300 Subject: [nginx-announce] freenginx-1.27.2 Message-ID: Changes with freenginx 1.27.2 09 Jul 2024 *) Feature: now maximum error logging rate can be limited with the "rate" parameter of the "error_log" directive; by default the limit is 1000 messages per second. *) Bugfix: in resolver. Thanks to Kirill A. Korinsky. *) Bugfix: the "proxy_no_cache" directive was not checked when caching errors. *) Bugfix: a block used in the "stub" parameter of the "include" SSI directive might be sent twice. -- Maxim Dounin http://freenginx.org/ From mdounin at mdounin.ru Tue Aug 13 14:49:56 2024 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 13 Aug 2024 17:49:56 +0300 Subject: [nginx-announce] freenginx-1.27.3 Message-ID: Changes with freenginx 1.27.3 13 Aug 2024 *) Change: now the "Age" backend response header line is taken into account when caching. Thanks to Hiroaki Nakamura. *) Feature: the $upstream_cache_age variable. *) Change: during graceful shutdown of old worker processes keepalive connections are now closed only after timeout specified with the "lingering_timeout" directive expires. *) Feature: improvements in building on Windows. -- Maxim Dounin http://freenginx.org/ From mdounin at mdounin.ru Tue Sep 3 10:22:24 2024 From: mdounin at mdounin.ru (Maxim Dounin) Date: Tue, 3 Sep 2024 13:22:24 +0300 Subject: [nginx-announce] freenginx-1.27.4 Message-ID: Changes with freenginx 1.27.4 03 Sep 2024 *) Feature: the $ssl_client_fingerprint_sha256 variable. *) Feature: the "Auth-SSL-Fingerprint-SHA256 header line is now passed to the mail proxy authentication server. *) Change: MIME type for the "js" extension has been changed to "text/javascript", the "mjs" extension now uses the "text/javascript" MIME type, and the "md" and "markdown" extensions now use the "text/markdown" MIME type; the default value of the "charset_types" directive now includes "text/javascript" and "text/markdown". *) Bugfix: a segmentation fault might occur in a worker process if the ngx_http_mp4_module was used; the bug had appeared in 1.5.13. *) Bugfix: a segmentation fault might occur in a worker process when handling requests with the "Expect: 100-continue" request header line; the bug had appeared in 1.27.0. -- Maxim Dounin http://freenginx.org/