daa24a
#############
daa24a
Upgrade notes
daa24a
#############
daa24a
daa24a
To resolve numerous security flaws, the nginx package was updated to 1.10.x.
daa24a
daa24a
You should review your configuration files in /etc/nginx to determine if there
daa24a
are any incompatibilities. Below is a summary of the main incompatible changes.
daa24a
Some nginx directives have been changed or removed, so you may need to modify
daa24a
your configuration.
daa24a
daa24a
Please see upstream release notes for a complete list of new features,
daa24a
bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
daa24a
One notable feature is support for HTTP/2.
daa24a
daa24a
Nginx gained support for dynamic modules. As part of this update, dynamic
daa24a
modules have been split into subpackages. For the time being these are hard
daa24a
dependencies to aid the upgrade path. When you install nginx, all of these
daa24a
modules are installed and enabled by default:
daa24a
  - nginx-mod-http-geoip
daa24a
  - nginx-mod-http-image-filter
daa24a
  - nginx-mod-http-perl
daa24a
  - nginx-mod-http-xslt-filter
daa24a
  - nginx-mod-mail
daa24a
  - nginx-mod-stream
daa24a
daa24a
Changes with nginx 1.10.x
daa24a
daa24a
    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
daa24a
       passed to the next server by default if a request has been sent to a
daa24a
       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
daa24a
       directive explicitly allows retrying such requests.
daa24a
daa24a
    *) Change: now the "output_buffers" directive uses two buffers by
daa24a
       default.
daa24a
daa24a
    *) Change: now nginx limits subrequests recursion, not simultaneous
daa24a
       subrequests.
daa24a
daa24a
    *) Change: now nginx checks the whole cache key when returning a
daa24a
       response from cache.
daa24a
       Thanks to Gena Makhomed and Sergey Brester.
daa24a
daa24a
    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
daa24a
       directives of the stream module are replaced with the
daa24a
       "proxy_buffer_size" directive.
daa24a
daa24a
    *) Change: duplicate "http", "mail", and "stream" blocks are now
daa24a
       disallowed.
daa24a
daa24a
    *) Change: now SSLv3 protocol is disabled by default.
daa24a
daa24a
    *) Change: some long deprecated directives are not supported anymore.
daa24a
daa24a
    *) Change: obsolete aio and rtsig event methods have been removed.
daa24a
daa24a
Changes with nginx 1.8.x
daa24a
daa24a
    *) Change: the "sendfile" parameter of the "aio" directive is
daa24a
       deprecated; now nginx automatically uses AIO to pre-load data for
daa24a
       sendfile if both "aio" and "sendfile" directives are used.
daa24a
daa24a
    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
daa24a
       header lines are passed to a backend while caching if nginx knows in
daa24a
       advance that the response will not be cached (e.g., when using
daa24a
       proxy_cache_min_uses).
daa24a
daa24a
    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
daa24a
       backend with caching disabled; the new directives
daa24a
       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
daa24a
       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
daa24a
       after which the lock will be released and another attempt to cache a
daa24a
       response will be made.
daa24a
daa24a
    *) Change: the "log_format" directive can now be used only at http
daa24a
       level.
daa24a
daa24a
    *) Change: now nginx takes into account the "Vary" header line in a
daa24a
       backend response while caching.
daa24a
daa24a
    *) Change: the deprecated "limit_zone" directive is not supported
daa24a
       anymore.
daa24a
daa24a
    *) Change: now the "stub_status" directive does not require a parameter.
daa24a
daa24a
    *) Change: URI escaping now uses uppercase hexadecimal digits.
daa24a
       Thanks to Piotr Sikora.
daa24a