9f2907
#############
9f2907
Upgrade notes
9f2907
#############
9f2907
9f2907
To resolve numerous security flaws, the nginx package was updated to 1.10.x.
9f2907
9f2907
You should review your configuration files in /etc/nginx to determine if there
9f2907
are any incompatibilities. Below is a summary of the main incompatible changes.
9f2907
Some nginx directives have been changed or removed, so you may need to modify
9f2907
your configuration.
9f2907
9f2907
Please see upstream release notes for a complete list of new features,
9f2907
bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
9f2907
One notable feature is support for HTTP/2.
9f2907
9f2907
Nginx gained support for dynamic modules. As part of this update, dynamic
9f2907
modules have been split into subpackages. For the time being these are hard
9f2907
dependencies to aid the upgrade path. When you install nginx, all of these
9f2907
modules are installed and enabled by default:
9f2907
  - nginx-mod-http-geoip
9f2907
  - nginx-mod-http-image-filter
9f2907
  - nginx-mod-http-perl
9f2907
  - nginx-mod-http-xslt-filter
9f2907
  - nginx-mod-mail
9f2907
  - nginx-mod-stream
9f2907
9f2907
Changes with nginx 1.10.x
9f2907
9f2907
    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
9f2907
       passed to the next server by default if a request has been sent to a
9f2907
       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
9f2907
       directive explicitly allows retrying such requests.
9f2907
9f2907
    *) Change: now the "output_buffers" directive uses two buffers by
9f2907
       default.
9f2907
9f2907
    *) Change: now nginx limits subrequests recursion, not simultaneous
9f2907
       subrequests.
9f2907
9f2907
    *) Change: now nginx checks the whole cache key when returning a
9f2907
       response from cache.
9f2907
       Thanks to Gena Makhomed and Sergey Brester.
9f2907
9f2907
    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
9f2907
       directives of the stream module are replaced with the
9f2907
       "proxy_buffer_size" directive.
9f2907
9f2907
    *) Change: duplicate "http", "mail", and "stream" blocks are now
9f2907
       disallowed.
9f2907
9f2907
    *) Change: now SSLv3 protocol is disabled by default.
9f2907
9f2907
    *) Change: some long deprecated directives are not supported anymore.
9f2907
9f2907
    *) Change: obsolete aio and rtsig event methods have been removed.
9f2907
9f2907
Changes with nginx 1.8.x
9f2907
9f2907
    *) Change: the "sendfile" parameter of the "aio" directive is
9f2907
       deprecated; now nginx automatically uses AIO to pre-load data for
9f2907
       sendfile if both "aio" and "sendfile" directives are used.
9f2907
9f2907
    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
9f2907
       header lines are passed to a backend while caching if nginx knows in
9f2907
       advance that the response will not be cached (e.g., when using
9f2907
       proxy_cache_min_uses).
9f2907
9f2907
    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
9f2907
       backend with caching disabled; the new directives
9f2907
       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
9f2907
       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
9f2907
       after which the lock will be released and another attempt to cache a
9f2907
       response will be made.
9f2907
9f2907
    *) Change: the "log_format" directive can now be used only at http
9f2907
       level.
9f2907
9f2907
    *) Change: now nginx takes into account the "Vary" header line in a
9f2907
       backend response while caching.
9f2907
9f2907
    *) Change: the deprecated "limit_zone" directive is not supported
9f2907
       anymore.
9f2907
9f2907
    *) Change: now the "stub_status" directive does not require a parameter.
9f2907
9f2907
    *) Change: URI escaping now uses uppercase hexadecimal digits.
9f2907
       Thanks to Piotr Sikora.
9f2907