a6d5b6
#############
a6d5b6
Upgrade notes
a6d5b6
#############
a6d5b6
a6d5b6
To resolve numerous security flaws, the nginx package was updated to 1.10.x.
a6d5b6
a6d5b6
You should review your configuration files in /etc/nginx to determine if there
a6d5b6
are any incompatibilities. Below is a summary of the main incompatible changes.
a6d5b6
Some nginx directives have been changed or removed, so you may need to modify
a6d5b6
your configuration.
a6d5b6
a6d5b6
Please see upstream release notes for a complete list of new features,
a6d5b6
bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
a6d5b6
One notable feature is support for HTTP/2.
a6d5b6
a6d5b6
Nginx gained support for dynamic modules. As part of this update, dynamic
a6d5b6
modules have been split into subpackages. For the time being these are hard
a6d5b6
dependencies to aid the upgrade path. When you install nginx, all of these
a6d5b6
modules are installed and enabled by default:
a6d5b6
  - nginx-mod-http-geoip
a6d5b6
  - nginx-mod-http-image-filter
a6d5b6
  - nginx-mod-http-perl
a6d5b6
  - nginx-mod-http-xslt-filter
a6d5b6
  - nginx-mod-mail
a6d5b6
  - nginx-mod-stream
a6d5b6
a6d5b6
Changes with nginx 1.10.x
a6d5b6
a6d5b6
    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
a6d5b6
       passed to the next server by default if a request has been sent to a
a6d5b6
       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
a6d5b6
       directive explicitly allows retrying such requests.
a6d5b6
a6d5b6
    *) Change: now the "output_buffers" directive uses two buffers by
a6d5b6
       default.
a6d5b6
a6d5b6
    *) Change: now nginx limits subrequests recursion, not simultaneous
a6d5b6
       subrequests.
a6d5b6
a6d5b6
    *) Change: now nginx checks the whole cache key when returning a
a6d5b6
       response from cache.
a6d5b6
       Thanks to Gena Makhomed and Sergey Brester.
a6d5b6
a6d5b6
    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
a6d5b6
       directives of the stream module are replaced with the
a6d5b6
       "proxy_buffer_size" directive.
a6d5b6
a6d5b6
    *) Change: duplicate "http", "mail", and "stream" blocks are now
a6d5b6
       disallowed.
a6d5b6
a6d5b6
    *) Change: now SSLv3 protocol is disabled by default.
a6d5b6
a6d5b6
    *) Change: some long deprecated directives are not supported anymore.
a6d5b6
a6d5b6
    *) Change: obsolete aio and rtsig event methods have been removed.
a6d5b6
a6d5b6
Changes with nginx 1.8.x
a6d5b6
a6d5b6
    *) Change: the "sendfile" parameter of the "aio" directive is
a6d5b6
       deprecated; now nginx automatically uses AIO to pre-load data for
a6d5b6
       sendfile if both "aio" and "sendfile" directives are used.
a6d5b6
a6d5b6
    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
a6d5b6
       header lines are passed to a backend while caching if nginx knows in
a6d5b6
       advance that the response will not be cached (e.g., when using
a6d5b6
       proxy_cache_min_uses).
a6d5b6
a6d5b6
    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
a6d5b6
       backend with caching disabled; the new directives
a6d5b6
       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
a6d5b6
       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
a6d5b6
       after which the lock will be released and another attempt to cache a
a6d5b6
       response will be made.
a6d5b6
a6d5b6
    *) Change: the "log_format" directive can now be used only at http
a6d5b6
       level.
a6d5b6
a6d5b6
    *) Change: now nginx takes into account the "Vary" header line in a
a6d5b6
       backend response while caching.
a6d5b6
a6d5b6
    *) Change: the deprecated "limit_zone" directive is not supported
a6d5b6
       anymore.
a6d5b6
a6d5b6
    *) Change: now the "stub_status" directive does not require a parameter.
a6d5b6
a6d5b6
    *) Change: URI escaping now uses uppercase hexadecimal digits.
a6d5b6
       Thanks to Piotr Sikora.
a6d5b6