d64139
#############
d64139
Upgrade notes
d64139
#############
d64139
d64139
To resolve numerous security flaws, the nginx package was updated to 1.10.x.
d64139
d64139
You should review your configuration files in /etc/nginx to determine if there
d64139
are any incompatibilities. Below is a summary of the main incompatible changes.
d64139
Some nginx directives have been changed or removed, so you may need to modify
d64139
your configuration.
d64139
d64139
Please see upstream release notes for a complete list of new features,
d64139
bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
d64139
One notable feature is support for HTTP/2.
d64139
d64139
Nginx gained support for dynamic modules. As part of this update, dynamic
d64139
modules have been split into subpackages. For the time being these are hard
d64139
dependencies to aid the upgrade path. When you install nginx, all of these
d64139
modules are installed and enabled by default:
d64139
  - nginx-mod-http-geoip
d64139
  - nginx-mod-http-image-filter
d64139
  - nginx-mod-http-perl
d64139
  - nginx-mod-http-xslt-filter
d64139
  - nginx-mod-mail
d64139
  - nginx-mod-stream
d64139
d64139
Changes with nginx 1.10.x
d64139
d64139
    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
d64139
       passed to the next server by default if a request has been sent to a
d64139
       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
d64139
       directive explicitly allows retrying such requests.
d64139
d64139
    *) Change: now the "output_buffers" directive uses two buffers by
d64139
       default.
d64139
d64139
    *) Change: now nginx limits subrequests recursion, not simultaneous
d64139
       subrequests.
d64139
d64139
    *) Change: now nginx checks the whole cache key when returning a
d64139
       response from cache.
d64139
       Thanks to Gena Makhomed and Sergey Brester.
d64139
d64139
    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
d64139
       directives of the stream module are replaced with the
d64139
       "proxy_buffer_size" directive.
d64139
d64139
    *) Change: duplicate "http", "mail", and "stream" blocks are now
d64139
       disallowed.
d64139
d64139
    *) Change: now SSLv3 protocol is disabled by default.
d64139
d64139
    *) Change: some long deprecated directives are not supported anymore.
d64139
d64139
    *) Change: obsolete aio and rtsig event methods have been removed.
d64139
d64139
Changes with nginx 1.8.x
d64139
d64139
    *) Change: the "sendfile" parameter of the "aio" directive is
d64139
       deprecated; now nginx automatically uses AIO to pre-load data for
d64139
       sendfile if both "aio" and "sendfile" directives are used.
d64139
d64139
    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
d64139
       header lines are passed to a backend while caching if nginx knows in
d64139
       advance that the response will not be cached (e.g., when using
d64139
       proxy_cache_min_uses).
d64139
d64139
    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
d64139
       backend with caching disabled; the new directives
d64139
       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
d64139
       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
d64139
       after which the lock will be released and another attempt to cache a
d64139
       response will be made.
d64139
d64139
    *) Change: the "log_format" directive can now be used only at http
d64139
       level.
d64139
d64139
    *) Change: now nginx takes into account the "Vary" header line in a
d64139
       backend response while caching.
d64139
d64139
    *) Change: the deprecated "limit_zone" directive is not supported
d64139
       anymore.
d64139
d64139
    *) Change: now the "stub_status" directive does not require a parameter.
d64139
d64139
    *) Change: URI escaping now uses uppercase hexadecimal digits.
d64139
       Thanks to Piotr Sikora.
d64139