675c6e
#############
675c6e
Upgrade notes
675c6e
#############
675c6e
675c6e
To resolve numerous security flaws, the nginx package was updated to 1.10.x.
675c6e
675c6e
You should review your configuration files in /etc/nginx to determine if there
675c6e
are any incompatibilities. Below is a summary of the main incompatible changes.
675c6e
Some nginx directives have been changed or removed, so you may need to modify
675c6e
your configuration.
675c6e
675c6e
Please see upstream release notes for a complete list of new features,
675c6e
bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
675c6e
One notable feature is support for HTTP/2.
675c6e
675c6e
Nginx gained support for dynamic modules. As part of this update, dynamic
675c6e
modules have been split into subpackages. For the time being these are hard
675c6e
dependencies to aid the upgrade path. When you install nginx, all of these
675c6e
modules are installed and enabled by default:
675c6e
  - nginx-mod-http-geoip
675c6e
  - nginx-mod-http-image-filter
675c6e
  - nginx-mod-http-perl
675c6e
  - nginx-mod-http-xslt-filter
675c6e
  - nginx-mod-mail
675c6e
  - nginx-mod-stream
675c6e
675c6e
Changes with nginx 1.10.x
675c6e
675c6e
    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
675c6e
       passed to the next server by default if a request has been sent to a
675c6e
       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
675c6e
       directive explicitly allows retrying such requests.
675c6e
675c6e
    *) Change: now the "output_buffers" directive uses two buffers by
675c6e
       default.
675c6e
675c6e
    *) Change: now nginx limits subrequests recursion, not simultaneous
675c6e
       subrequests.
675c6e
675c6e
    *) Change: now nginx checks the whole cache key when returning a
675c6e
       response from cache.
675c6e
       Thanks to Gena Makhomed and Sergey Brester.
675c6e
675c6e
    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
675c6e
       directives of the stream module are replaced with the
675c6e
       "proxy_buffer_size" directive.
675c6e
675c6e
    *) Change: duplicate "http", "mail", and "stream" blocks are now
675c6e
       disallowed.
675c6e
675c6e
    *) Change: now SSLv3 protocol is disabled by default.
675c6e
675c6e
    *) Change: some long deprecated directives are not supported anymore.
675c6e
675c6e
    *) Change: obsolete aio and rtsig event methods have been removed.
675c6e
675c6e
Changes with nginx 1.8.x
675c6e
675c6e
    *) Change: the "sendfile" parameter of the "aio" directive is
675c6e
       deprecated; now nginx automatically uses AIO to pre-load data for
675c6e
       sendfile if both "aio" and "sendfile" directives are used.
675c6e
675c6e
    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
675c6e
       header lines are passed to a backend while caching if nginx knows in
675c6e
       advance that the response will not be cached (e.g., when using
675c6e
       proxy_cache_min_uses).
675c6e
675c6e
    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
675c6e
       backend with caching disabled; the new directives
675c6e
       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
675c6e
       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
675c6e
       after which the lock will be released and another attempt to cache a
675c6e
       response will be made.
675c6e
675c6e
    *) Change: the "log_format" directive can now be used only at http
675c6e
       level.
675c6e
675c6e
    *) Change: now nginx takes into account the "Vary" header line in a
675c6e
       backend response while caching.
675c6e
675c6e
    *) Change: the deprecated "limit_zone" directive is not supported
675c6e
       anymore.
675c6e
675c6e
    *) Change: now the "stub_status" directive does not require a parameter.
675c6e
675c6e
    *) Change: URI escaping now uses uppercase hexadecimal digits.
675c6e
       Thanks to Piotr Sikora.
675c6e