8f9dab
#############
8f9dab
Upgrade notes
8f9dab
#############
8f9dab
8f9dab
To resolve numerous security flaws, the nginx package was updated to 1.10.x.
8f9dab
8f9dab
You should review your configuration files in /etc/nginx to determine if there
8f9dab
are any incompatibilities. Below is a summary of the main incompatible changes.
8f9dab
Some nginx directives have been changed or removed, so you may need to modify
8f9dab
your configuration.
8f9dab
8f9dab
Please see upstream release notes for a complete list of new features,
8f9dab
bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
8f9dab
One notable feature is support for HTTP/2.
8f9dab
8f9dab
Nginx gained support for dynamic modules. As part of this update, dynamic
8f9dab
modules have been split into subpackages. For the time being these are hard
8f9dab
dependencies to aid the upgrade path. When you install nginx, all of these
8f9dab
modules are installed and enabled by default:
8f9dab
  - nginx-mod-http-geoip
8f9dab
  - nginx-mod-http-image-filter
8f9dab
  - nginx-mod-http-perl
8f9dab
  - nginx-mod-http-xslt-filter
8f9dab
  - nginx-mod-mail
8f9dab
  - nginx-mod-stream
8f9dab
8f9dab
Changes with nginx 1.10.x
8f9dab
8f9dab
    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
8f9dab
       passed to the next server by default if a request has been sent to a
8f9dab
       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
8f9dab
       directive explicitly allows retrying such requests.
8f9dab
8f9dab
    *) Change: now the "output_buffers" directive uses two buffers by
8f9dab
       default.
8f9dab
8f9dab
    *) Change: now nginx limits subrequests recursion, not simultaneous
8f9dab
       subrequests.
8f9dab
8f9dab
    *) Change: now nginx checks the whole cache key when returning a
8f9dab
       response from cache.
8f9dab
       Thanks to Gena Makhomed and Sergey Brester.
8f9dab
8f9dab
    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
8f9dab
       directives of the stream module are replaced with the
8f9dab
       "proxy_buffer_size" directive.
8f9dab
8f9dab
    *) Change: duplicate "http", "mail", and "stream" blocks are now
8f9dab
       disallowed.
8f9dab
8f9dab
    *) Change: now SSLv3 protocol is disabled by default.
8f9dab
8f9dab
    *) Change: some long deprecated directives are not supported anymore.
8f9dab
8f9dab
    *) Change: obsolete aio and rtsig event methods have been removed.
8f9dab
8f9dab
Changes with nginx 1.8.x
8f9dab
8f9dab
    *) Change: the "sendfile" parameter of the "aio" directive is
8f9dab
       deprecated; now nginx automatically uses AIO to pre-load data for
8f9dab
       sendfile if both "aio" and "sendfile" directives are used.
8f9dab
8f9dab
    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
8f9dab
       header lines are passed to a backend while caching if nginx knows in
8f9dab
       advance that the response will not be cached (e.g., when using
8f9dab
       proxy_cache_min_uses).
8f9dab
8f9dab
    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
8f9dab
       backend with caching disabled; the new directives
8f9dab
       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
8f9dab
       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
8f9dab
       after which the lock will be released and another attempt to cache a
8f9dab
       response will be made.
8f9dab
8f9dab
    *) Change: the "log_format" directive can now be used only at http
8f9dab
       level.
8f9dab
8f9dab
    *) Change: now nginx takes into account the "Vary" header line in a
8f9dab
       backend response while caching.
8f9dab
8f9dab
    *) Change: the deprecated "limit_zone" directive is not supported
8f9dab
       anymore.
8f9dab
8f9dab
    *) Change: now the "stub_status" directive does not require a parameter.
8f9dab
8f9dab
    *) Change: URI escaping now uses uppercase hexadecimal digits.
8f9dab
       Thanks to Piotr Sikora.
8f9dab