638e8a
#############
638e8a
Upgrade notes
638e8a
#############
638e8a
638e8a
To resolve numerous security flaws, the nginx package was updated to 1.10.x.
638e8a
638e8a
You should review your configuration files in /etc/nginx to determine if there
638e8a
are any incompatibilities. Below is a summary of the main incompatible changes.
638e8a
Some nginx directives have been changed or removed, so you may need to modify
638e8a
your configuration.
638e8a
638e8a
Please see upstream release notes for a complete list of new features,
638e8a
bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
638e8a
One notable feature is support for HTTP/2.
638e8a
638e8a
Nginx gained support for dynamic modules. As part of this update, dynamic
638e8a
modules have been split into subpackages. For the time being these are hard
638e8a
dependencies to aid the upgrade path. When you install nginx, all of these
638e8a
modules are installed and enabled by default:
638e8a
  - nginx-mod-http-geoip
638e8a
  - nginx-mod-http-image-filter
638e8a
  - nginx-mod-http-perl
638e8a
  - nginx-mod-http-xslt-filter
638e8a
  - nginx-mod-mail
638e8a
  - nginx-mod-stream
638e8a
638e8a
Changes with nginx 1.10.x
638e8a
638e8a
    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
638e8a
       passed to the next server by default if a request has been sent to a
638e8a
       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
638e8a
       directive explicitly allows retrying such requests.
638e8a
638e8a
    *) Change: now the "output_buffers" directive uses two buffers by
638e8a
       default.
638e8a
638e8a
    *) Change: now nginx limits subrequests recursion, not simultaneous
638e8a
       subrequests.
638e8a
638e8a
    *) Change: now nginx checks the whole cache key when returning a
638e8a
       response from cache.
638e8a
       Thanks to Gena Makhomed and Sergey Brester.
638e8a
638e8a
    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
638e8a
       directives of the stream module are replaced with the
638e8a
       "proxy_buffer_size" directive.
638e8a
638e8a
    *) Change: duplicate "http", "mail", and "stream" blocks are now
638e8a
       disallowed.
638e8a
638e8a
    *) Change: now SSLv3 protocol is disabled by default.
638e8a
638e8a
    *) Change: some long deprecated directives are not supported anymore.
638e8a
638e8a
    *) Change: obsolete aio and rtsig event methods have been removed.
638e8a
638e8a
Changes with nginx 1.8.x
638e8a
638e8a
    *) Change: the "sendfile" parameter of the "aio" directive is
638e8a
       deprecated; now nginx automatically uses AIO to pre-load data for
638e8a
       sendfile if both "aio" and "sendfile" directives are used.
638e8a
638e8a
    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
638e8a
       header lines are passed to a backend while caching if nginx knows in
638e8a
       advance that the response will not be cached (e.g., when using
638e8a
       proxy_cache_min_uses).
638e8a
638e8a
    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
638e8a
       backend with caching disabled; the new directives
638e8a
       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
638e8a
       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
638e8a
       after which the lock will be released and another attempt to cache a
638e8a
       response will be made.
638e8a
638e8a
    *) Change: the "log_format" directive can now be used only at http
638e8a
       level.
638e8a
638e8a
    *) Change: now nginx takes into account the "Vary" header line in a
638e8a
       backend response while caching.
638e8a
638e8a
    *) Change: the deprecated "limit_zone" directive is not supported
638e8a
       anymore.
638e8a
638e8a
    *) Change: now the "stub_status" directive does not require a parameter.
638e8a
638e8a
    *) Change: URI escaping now uses uppercase hexadecimal digits.
638e8a
       Thanks to Piotr Sikora.
638e8a