Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
litespeed_wiki:changelog [2022/09/13 15:36] Michael Alegre Split RC releases out of build sections and into their own "version" entries. |
litespeed_wiki:changelog [2024/03/19 21:03] Michael Alegre Added release log info for LSWS v6.2.1 builds [1,2]. |
||
---|---|---|---|
Line 2: | Line 2: | ||
**Note:** If a build is missing, you're always able to find it here as well: https://groups.google.com/g/litespeed-edge-users | **Note:** If a build is missing, you're always able to find it here as well: https://groups.google.com/g/litespeed-edge-users | ||
+ | ===== Version 6.2.1 ===== | ||
+ | === Build 2 === | ||
+ | [Bug Fix] Address compatibility issues with older versions of nodejs. | ||
+ | [Bug Fix] Apply server level log rotation setting to modsec audit log. | ||
+ | [Bug Fix] Address a few corner cases in HTTP/3 (lsquic). | ||
+ | === Build 1 === | ||
+ | [Bug Fix] Addressed an HTTP/3 0-RTT packet validation issue. | ||
+ | === Build 0 === | ||
+ | [New Feature] Add hCaptcha support for reCAPTCHA validation. | ||
+ | [Improvement] Add support for .mjs nodeJS application startup file. | ||
+ | [Bug Fix] Address a crash related to SecRemoteRules handling. | ||
+ | [Bug Fix] Address a rare corner case causing HTTP/3 responses to hang. | ||
+ | |||
+ | ===== Version 6.2 ===== | ||
+ | === Build 7 === | ||
+ | [Bug Fix] Address a crash related to SecRemoteRules handling. | ||
+ | === Build 6 === | ||
+ | [Bug Fix] Address broken auto index script introduced in build 5. | ||
+ | [Bug Fix] Address a potential HTTP/3 CPU spinning issue. | ||
+ | [Bug Fix] Address a false positive in install script that reports a port is in use. | ||
+ | === Build 5 === | ||
+ | [Bug Fix] Do not force override LSAPI_MAX_IDLE_CHILDREN if set explicitly. | ||
+ | [Bug Fix] Address PHP 8.2 warning in directory auto index script. | ||
+ | [Bug Fix] Address an issue in handling custom status code. | ||
+ | [Bug Fix] Increase rewrite engine PCRE match limit to avoid PCRE_ERROR_MATCHLIMIT. | ||
+ | [Tuning] Add dark mode for server generated error page and directory index page. | ||
+ | === Build 4 === | ||
+ | [Bug Fix] Fix a rare corner case in HTTP/3. | ||
+ | [Bug Fix] Fix "RewriteOptions IngoreInherit" | ||
+ | [Bug Fix] enable suEXEC for PHP 8.3 by default. | ||
+ | === Build 3 === | ||
+ | [Bug Fix] Fix no-abort for CGI script. | ||
+ | [Bug Fix] Fix Redirect 410 handling. | ||
+ | [Bug Fix] Fix python application with long vhost name. | ||
+ | [Bug Fix] Fix CPU spinning caused by HTTP/3 corner case. | ||
+ | === Build 2 === | ||
+ | [Bug Fix] Fix HTTP/3 session resumption bug introduced in 6.2 Build 1. | ||
+ | === Build 1 === | ||
+ | [Security] Disable HTTP/2 when detecting a rapid reset attack. | ||
+ | [Improvement] Override server level per client connection soft limit with vhost level limit. | ||
+ | [Tuning] Limit pipe logger buffer size to 1MB. | ||
+ | [Bug Fix] Fix RackRunner.rb bug introduced in 6.1.2 build 8. | ||
+ | [Bug Fix] Fix minor mod_security issues. | ||
+ | === Build 0 === | ||
+ | [New Feature] Update HTTP/3 implementation to support QUICv2 protocol. | ||
+ | [New Feature] mod_security engine now has an option to use RE2 instead PCRE regex engine. | ||
+ | [New Feature] Add vhost level max request body length and max dynamic response length configurations. | ||
+ | [New Feature] Add vhost level dedicated PHP handler configuration option. | ||
+ | [New Feature] Add support for rewrite flags "BNP", "backrefnoplus", "BCTLS", and "BNE". | ||
+ | [Improvement] Improve reCAPTCHA custom error page handling to avoid expensive dynamic processing. | ||
+ | [Improvement] Add missing access log format following Apache spec. | ||
+ | [Improvement] Enhance Apache expression support with dynamic regular expression matching. | ||
+ | [Improvement] Apache expression support in RewriteCond. | ||
+ | [Improvement] Virtual host level reCAPTCHA trigger by concurrent connections. | ||
+ | [Security] More strict request header validation. | ||
+ | [Bug Fix] Fix a compatibility issue with Rack version >3.0 for Ruby applications. | ||
+ | [Bug Fix] Allow use of stdout/stderr as log file names. | ||
+ | [Bug Fix] Address large request header compatibility issue with PHP-FPM. | ||
+ | [Tuning] Add PHP 8.3 support. | ||
+ | [Tuning] Lift default virtual memory limit for external applications. | ||
+ | [Bug Fix] Minor bug fixes to cache engine, mod_security engine, and request handling. | ||
+ | |||
+ | ===== Version 6.1.2 ===== | ||
+ | === Build 8 === | ||
+ | [New Feature] Add support for rewrite flags "BNP", "backrefnoplus", "BCTLS", and "BNE". | ||
+ | [Bug Fix] Fix cp_switch_ws.sh switch back to Apache failure. | ||
+ | [Bug Fix] Fix a compatibility issue with Rack version >3.0 for Ruby applications. | ||
+ | [Bug Fix] Allow use of stdout/stderr as log file names. | ||
+ | [Bug Fix] Fix a mod_security engine Multi-thread race condition. | ||
+ | === Build 7 === | ||
+ | [Bug Fix] Address a bug in expression parser introduced in build 5. | ||
+ | === Build 6 === | ||
+ | [Bug Fix] Address a bug in RewriteCond expression parser. | ||
+ | [Bug Fix] Address a bug in SSI engine. | ||
+ | === Build 5 === | ||
+ | [Improvement] Enhance Apache expression support with dynamic regular expression matching. | ||
+ | [Improvement] Apache expression support in RewriteCond. | ||
+ | [Improvement] Virtual host level reCAPTCHA trigger by concurrent connections. | ||
+ | [Bug Fix] Fix FreeBSD + ZFS crash due to unsupported posix_fallocate() syscall. | ||
+ | [Tuning] Add PHP 8.3 support. | ||
+ | [Tuning] Tweak graceful restart to avoid being killed by systemd during service restart. | ||
+ | === Build 4 === | ||
+ | [Security] Properly handle multiple HOST headers. | ||
+ | [Tuning] Lift default virtual memory limit for external applications. | ||
+ | [Improvement] Add "wordpress_logged_in_*" session cookie detection. | ||
+ | [Bug Fix] Address two rare crashes relating to ESI handling. | ||
+ | === Build 3 === | ||
+ | [Improvement] Improve reCAPTCHA custom error page handling to avoid expensive dynamic processing. | ||
+ | [Bug Fix] Address broken Plesk feature "deny access to the site". | ||
+ | [Bug Fix] Improve install script to now automatically install missing dependencies. | ||
+ | === Build 2 === | ||
+ | [Security] Address request header smuggling over HTTP/2 and HTTP/3. | ||
+ | [Bug Fix] Address broken FastCGI POST for large request body, introduced in 6.1.2 build 1. | ||
+ | === Build 1 === | ||
+ | [New Feature] Add vhost level max request body length and max dynamic response length configurations. | ||
+ | [New Feature] Add vhost level dedicated PHP handler configuration option. | ||
+ | [Improvement] Install necessary ruby-lsapi gem package for alt-ruby 3.1+. | ||
+ | [Bug Fix] Address large request header compatibility issue with PHP-FPM. | ||
+ | [Bug Fix] Address a false positive for per client soft limit blocking. | ||
+ | === Build 0 === | ||
+ | [Improvement] Allow total header sizes > 64KB. | ||
+ | [Improvement] Add support for websocket upgrade using <LocationMatch> and ProxyPassMatch (used by Plesk). | ||
+ | [Improvement] Add support for Unix domain socket proxy target address (used by DirectAdmin). | ||
+ | [Bug Fix] Address a corner case in LSAPI 304 response handling. | ||
+ | [Bug Fix] Address unique ID duplication in mod_security audit log. | ||
+ | [Bug Fix] Address a corner case in mod_security request header matching. | ||
+ | [Bug Fix] Address a license key verification issue during server reboot. | ||
+ | [Bug Fix] Update ls-qpack to address a corner case. | ||
+ | [Bug Fix] Address a request header parser corner case for a look-alike header. | ||
+ | [Bug Fix] Address broken mailman support for Plesk | ||
+ | [Bug Fix] Address two corner cases in layer 4 proxy. | ||
+ | [Bug Fix] Address an issue with proxy forwarding to the Plesk admin panel. | ||
+ | [Tuning] Better handling of buggy HTTP/2 clients with poor flow control implementations. | ||
+ | |||
+ | ===== Version 6.1.1 ===== | ||
+ | === Build 0 === | ||
+ | [New Feature] Add SSL strict SNI mode option to fail SSL connections when there is no vhost level SSL certificate. | ||
+ | [New Feature] Add a vhost level AllowBlockedUrl option to allow blocked URL passthrough. | ||
+ | [Improvement] Add support for unix domain socket for redis dynamic vhost. | ||
+ | [Improvement] Update WebAdmin Console login to use BCRYPT password hash. | ||
+ | [Improvement] Add support for "Require local" configuration directive. | ||
+ | [Bug Fix] Avoid blocking on socket read for internal fetcher. | ||
+ | [Bug Fix] Address broken "RewriteOption inherit" corner case. | ||
+ | [Bug Fix] Address duplicate unique ID field in mod_security audit log. | ||
+ | [Bug Fix] Address a python application frequent restart issue. | ||
+ | [Bug Fix] Address a python application upload hang issue. | ||
+ | [Bug Fix] Fix SecRemoteRules certificate verification failure. | ||
+ | [Bug Fix] Fix broken sub-directory password protection configuration for Plesk WordPress toolkit. | ||
+ | [Bug Fix] Address an issue switching apache/lsws systemd unit file for Plesk. | ||
+ | [Bug Fix] Address an issue with Plesk watchdog monitoring httpd service. | ||
+ | |||
+ | ===== Version 6.1 ===== | ||
+ | === Build 6 === | ||
+ | [Bug Fix] Adjust unix domain socket address length for PHP suEXEC handler. | ||
+ | === Build 5 === | ||
+ | [Bug Fix] Address a python application upload hanging issue. | ||
+ | [Bug Fix] Fix SecRemoteRules certificate verification failure. | ||
+ | [Bug Fix] Fix broken sub-directory password protection configuration for Plesk WordPress toolkit. | ||
+ | === Build 4 === | ||
+ | [Bug Fix] Address a crash when handling .htaccess updates. | ||
+ | === Build 3 === | ||
+ | [Bug Fix] Address an issue switching apache/lsws systemd unit file for Plesk. | ||
+ | [Bug Fix] Address an issue with Plesk watchdog monitoring httpd service. | ||
+ | === Build 2 === | ||
+ | [Improvement] ARM64 (aarch64) package is now available. | ||
+ | [Improvement] Update WebAdmin Console login to use BCRYPT password hash. | ||
+ | [Bug Fix] Update php3_mode and php4_mode for DirectAdmin panel in script cp_switch_lsws.sh. | ||
+ | === Build 1 === | ||
+ | [Improvement] Add support for "Require local" configuration directive. | ||
+ | [Bug Fix] Avoid blocking on socket read for internal fetcher. | ||
+ | [Bug Fix] Address broken "RewriteOption inherit" corner case. | ||
+ | [Bug Fix] Update lsquic to v3.3.1 to address a corner case hang caused by flow control congestion. | ||
+ | === Build 0 === | ||
+ | [New Feature] Add PROXY protocol support. | ||
+ | [New Feature] Add custom response status code support. | ||
+ | [New Feature] Apply OOMScoreAdjust for lsws service to avoid being OOM killed. | ||
+ | [New Feature] Trigger reCAPTCHA through mod_security engine via an environment variable. | ||
+ | [Improvement] Inherit .htaccess belonging to parent context. | ||
+ | [Improvement] Make SSI environment available to included CGIs/scripts. | ||
+ | [Improvement] Add conditional access logging using Expression. | ||
+ | [Improvement] Configurable reCAPTCHA timeout. | ||
+ | [Improvement] Add "DisableForwardedIpBan" Apache style configuration directive to avoid blocking IPs forwarded by front-end proxies. | ||
+ | [Improvement] Enhance 'disableCgiOverride' to cover options +ExecCGI and +Include. | ||
+ | [Improvement] Add Apache style configurations "LogKeepDays" and "LogCompressArchive". | ||
+ | [Improvement] Escape multiline STDERR messages. | ||
+ | [Improvement] Detect update failures in lsup.sh. | ||
+ | [Improvement] Improve WebAdmin Console realtime stats with a new JavaScript library. | ||
+ | [Bug Fix] Set "HOME" environment for CGI/External apps when possible. | ||
+ | [Bug Fix] Fix connection timeout false-positives for active HTTP3 connections. | ||
+ | [Bug Fix] Fix domain limited licensing for Plesk servers. | ||
+ | [Bug Fix] Update lsquic to v3.3.0 . | ||
+ | [Tuning] Disable TLSv1.1 by default. | ||
+ | |||
+ | ===== Version 6.1RC3 ===== | ||
+ | === Build 0 === | ||
+ | [New Feature] Add custom response status code support. | ||
+ | [New Feature] Apply OOMScoreAdjust for lsws service to avoid having the server killed when low on memory. | ||
+ | [Improvement] Escape multiline STDERR messages. | ||
+ | [Improvement] Add "DisableForwardedIpBan" Apache style configuration directive to avoid blocking IPs forwarded by front-end proxies. | ||
+ | [Bug Fix] Address a few corner cases in HTTP/3 implementation. | ||
+ | [Bug Fix] Address an HTTP/2 decoder bug. | ||
+ | [Bug Fix] Include all bug fixes applied to 6.0.12 stable releases. | ||
+ | |||
+ | ===== Version 6.1RC2 ===== | ||
+ | === Build 0 === | ||
+ | [New Feature] PROXY protocol support. | ||
+ | [Improvement] Make SSI environment available to included CGIs/scripts. | ||
+ | [Improvement] Enhance 'disableCgiOverride' to cover options +ExecCGI and +Include. | ||
+ | [Improvement] Better handling of content-type with charset. | ||
+ | [Improvement] Add "x-frame-options" header for reCAPTCHA page. | ||
+ | [Bug Fix] Inherit .htaccess belonging to parent context. | ||
+ | [Bug Fix] Address bad target URL with native proxy configuration for '/' context. | ||
+ | [Bug Fix] Avoid installing Ruby Rack 3.0 gem to avoid compatibility issues. | ||
+ | [Bug Fix] Avoid using IPv6 mapped IPv4 addresses for HTTP/3 connections. | ||
+ | [Bug Fix] Address memory leak in QUIC SHM. | ||
===== Version 6.1RC1 ===== | ===== Version 6.1RC1 ===== | ||
+ | === Build 1 === | ||
+ | [New Feature] Add "LSPHP_ProcessGroup unmanaged" mode to support php-fpm like services for Apache vhost. | ||
+ | [Bug Fix] Address an HTTP/2 header value compliance corner case that caused broken curl HTTP/2 connections. | ||
+ | [Improvement] Add support for alt-python 3.10. | ||
+ | [Bug Fix] Address HTTP/3 corner cases with lsquic v3.1.4 update. | ||
=== Build 0 === | === Build 0 === | ||
[New Feature] Trigger reCAPTCHA through mod_security engine via an environment variable. | [New Feature] Trigger reCAPTCHA through mod_security engine via an environment variable. | ||
Line 16: | Line 216: | ||
===== Version 6.0.12 ===== | ===== Version 6.0.12 ===== | ||
+ | === Build 13 === | ||
+ | [Bug Fix] Detect and ignore truncated log file path for DirectAdmin. | ||
+ | [Bug Fix] Fix broken server switching script for cPanel + Ubuntu. | ||
+ | [Bug Fix] Do not count Plesk internal Virtual Hosts against license domain limit. | ||
+ | [Bug Fix] Fix broken connection timeout for HTTP/3 connections. | ||
+ | === Build 12 === | ||
+ | [Bug Fix] Address default charset issue for static files. (Introduced in v6.0.12 build 4) | ||
+ | [Bug Fix] Address a mod_security corner case. | ||
+ | === Build 11 === | ||
+ | [Improvement] Add support for PHP 8.2 handler auto-detection. | ||
+ | [Bug Fix] Address broken lowercase transformation for certain mod_security variables. | ||
+ | === Build 10 === | ||
+ | [Bug Fix] Properly handle "%{local}p" access log format. | ||
+ | [Bug Fix] Handle white spaces when detecting existing header values. | ||
+ | [Bug Fix] Fix broken "Trusted" IP configuration in .htaccess. | ||
+ | [Improvement] Add "x-frame-options" header for reCAPTCHA page. | ||
+ | [Improvement] Make SSI environment available to included CGIs/scripts. | ||
+ | [Bug Fix] Address crash in parsing bad rewrite map data. | ||
+ | [Bug Fix] Address memory leak in QUIC SHM. | ||
+ | === Build 9 === | ||
+ | [Bug Fix] Address a response header bug introduced in build 8 that causes errors serving from cached page. | ||
+ | === Build 8 === | ||
+ | [Bug Fix] Address malformed HTTP/1.1 response header caused by header value modification operations introduced in build 7. | ||
+ | [Bug Fix] Address bad target URL with native proxy configuration for '/' context. | ||
+ | [Bug Fix] Avoid installing Ruby Rack 3.0 gem (compatibility issues). | ||
+ | [Bug Fix] Avoid using IPv6 mapped IPv4 addresses for HTTP/3 connections. | ||
=== Build 7 === | === Build 7 === | ||
[Bug Fix] Address an HTTP/2 header value compliance corner case that caused broken curl HTTP/2 connections. | [Bug Fix] Address an HTTP/2 header value compliance corner case that caused broken curl HTTP/2 connections. |