67ea6c
#############
67ea6c
Upgrade notes
67ea6c
#############
67ea6c
67ea6c
To resolve numerous security flaws, the nginx package was updated to 1.10.x.
67ea6c
67ea6c
You should review your configuration files in /etc/nginx to determine if there
67ea6c
are any incompatibilities. Below is a summary of the main incompatible changes.
67ea6c
Some nginx directives have been changed or removed, so you may need to modify
67ea6c
your configuration.
67ea6c
67ea6c
Please see upstream release notes for a complete list of new features,
67ea6c
bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
67ea6c
One notable feature is support for HTTP/2.
67ea6c
67ea6c
Nginx gained support for dynamic modules. As part of this update, dynamic
67ea6c
modules have been split into subpackages. For the time being these are hard
67ea6c
dependencies to aid the upgrade path. When you install nginx, all of these
67ea6c
modules are installed and enabled by default:
67ea6c
  - nginx-mod-http-geoip
67ea6c
  - nginx-mod-http-image-filter
67ea6c
  - nginx-mod-http-perl
67ea6c
  - nginx-mod-http-xslt-filter
67ea6c
  - nginx-mod-mail
67ea6c
  - nginx-mod-stream
67ea6c
67ea6c
Changes with nginx 1.10.x
67ea6c
67ea6c
    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
67ea6c
       passed to the next server by default if a request has been sent to a
67ea6c
       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
67ea6c
       directive explicitly allows retrying such requests.
67ea6c
67ea6c
    *) Change: now the "output_buffers" directive uses two buffers by
67ea6c
       default.
67ea6c
67ea6c
    *) Change: now nginx limits subrequests recursion, not simultaneous
67ea6c
       subrequests.
67ea6c
67ea6c
    *) Change: now nginx checks the whole cache key when returning a
67ea6c
       response from cache.
67ea6c
       Thanks to Gena Makhomed and Sergey Brester.
67ea6c
67ea6c
    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
67ea6c
       directives of the stream module are replaced with the
67ea6c
       "proxy_buffer_size" directive.
67ea6c
67ea6c
    *) Change: duplicate "http", "mail", and "stream" blocks are now
67ea6c
       disallowed.
67ea6c
67ea6c
    *) Change: now SSLv3 protocol is disabled by default.
67ea6c
67ea6c
    *) Change: some long deprecated directives are not supported anymore.
67ea6c
67ea6c
    *) Change: obsolete aio and rtsig event methods have been removed.
67ea6c
67ea6c
Changes with nginx 1.8.x
67ea6c
67ea6c
    *) Change: the "sendfile" parameter of the "aio" directive is
67ea6c
       deprecated; now nginx automatically uses AIO to pre-load data for
67ea6c
       sendfile if both "aio" and "sendfile" directives are used.
67ea6c
67ea6c
    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
67ea6c
       header lines are passed to a backend while caching if nginx knows in
67ea6c
       advance that the response will not be cached (e.g., when using
67ea6c
       proxy_cache_min_uses).
67ea6c
67ea6c
    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
67ea6c
       backend with caching disabled; the new directives
67ea6c
       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
67ea6c
       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
67ea6c
       after which the lock will be released and another attempt to cache a
67ea6c
       response will be made.
67ea6c
67ea6c
    *) Change: the "log_format" directive can now be used only at http
67ea6c
       level.
67ea6c
67ea6c
    *) Change: now nginx takes into account the "Vary" header line in a
67ea6c
       backend response while caching.
67ea6c
67ea6c
    *) Change: the deprecated "limit_zone" directive is not supported
67ea6c
       anymore.
67ea6c
67ea6c
    *) Change: now the "stub_status" directive does not require a parameter.
67ea6c
67ea6c
    *) Change: URI escaping now uses uppercase hexadecimal digits.
67ea6c
       Thanks to Piotr Sikora.
67ea6c