File h2o.changes of Package h2o
Mon Sep 09 14:00 UTC 2019 - abang@t-ipnet.net
- update to 2.2.6
- [security fix][http2] fix HTTP/2 DoS attack vectors
CVE-2019-9512 CVE-2019-9514 CVE-2019-9515
#2090 (Kazuho Oku)
-------------------------------------------------------------------
Sun Jan 29 14:16:10 UTC 2019 - s.or.59.3@gmail.com
- add logrotate stuff
- change development library packages group to
Development/Libraries/C and C++
the former is a non-standard group.
-------------------------------------------------------------------
Sun Jan 27 17:40 UTC 2019 - abang@t-ipnet.net
- add development library packages
- enabled Ruby scripting using mruby
-------------------------------------------------------------------
Mon Jun 19 14:16:10 UTC 2018 - s.or.59.3@gmail.com
- change the Productivity/Networking/Web/Server
in Group to Productivity/Networking/Web/Servers.
the former is a non-standard group.
- add 02-fix-c99-compile-error.patch
fix building on gcc 4.8.5
- update to 2.2.5
- [security fix][access-log] fix buffer overflow CVE-2018-0608
#1775 (Frederik Deweerdt)
- [fastcgi] index file name must be part of SCRIPT_NAME #1650
(Ichito Nagata)
- [http2] do not compress cookies less than 20 bytes long #1389
(Julien Benoist)
- [http2] stop opening new push streams after receiving GOAWAY
#1555 (Ichito Nagata)
- [http2] fix conformance issues #1579 #1582 #1599 (Kazuho Oku)
- [mruby] drop the link rel=preload header with a x-http2-push-only
attribute #1310 (Frederik Deweerdt)
- [mruby] allow loading a file that shares the basename with one of
the preloaded files #1662 (Ichito Nagata)
- [proxy] fix I/O error when receiving multiple informational
responses #1716 (Frederik Deweerdt)
- [ssl] fix bug that prevents record size growing to maximum when
latency optimization is disabled #1545 (Ichito Nagata)
- [ssl] fix compatibility issues with libressl 2.7 #1707
(AIZAWA Hina)
- [ssl] update picotls to support TLS 1.3 draft-26 #1718
(Kazuho Oku)
-------------------------------------------------------------------
Sun Apr 8 00:25:13 UTC 2018 - s.or.59.3@gmail.com
- update to 2.2.4 (boo#1073952)
- [security fix][access-log][ssl] fix crash when logging TLS 1.3
properties CVE-2017-10872 #1543 (MITSUNARI Shigeo)
- [security fix][http2] fix crash when handling malformed HTTP/2
request CVE-2017-10908 #1544 (Kazuho Oku)
- [access-log][compress] %b should log the amount of data sent
after compression #1478 (Ichito Nagata)
- [fastcgi][misc] respect H2O_PERL environment variable in
share/h2o/setuidgid #1518 (Kazuho Oku)
- [mime] fix Opus mimetype #1522 (Alex)
- [mruby] fix runtime issue that prevents a closed variable from
getting updated #1464 (Tatsushi Demachi)
- [mruby] keep PATH_INFO undecoded #1480 (Ichito Nagata)
- [mruby] fix keepalive not being used when the response to
http_request is directly returned #1489 (Ichito Nagata)
- [mruby] fix offset overflow of SCRIPT_INFO and PATH_INFO #1502
(Ichito Nagata)
- [proxy][ssl] fix pointer corruption when connecting to origin via
https (big-endian only) #1475 (Kazuho Oku)
- [proxy] omit network I/O when handling internal redirect between
hosts mapped to different ports #1498 (Ichito Nagata)
- [ssl] fix crash on s390 (and possibly on other big-endian machines)
#1474 (Apollon Oikonomopoulos)
- [websocket] do not send upgrade header twice #1463
(Yamagishi Kazutoshi)
- changes from 2.2.3
- [security fix][http1] fix crash when receiving request with
invalid framing CVE-2017-10868 #1459 (Frederik Deweerdt)
- [security fix][proxy] fix stack overflow when sending huge request
body to upstream CVE-2017-10869 #1460 (Frederik Deweerdt)
- [core] disable buffering of stdout, stderr #1347
(Yannick Koechlin)
- [expires] fix incorrect header emitted when units: month or
year were used #1406 (Frederik Deweerdt)
- [fastcgi] never return 304 if the file is a dynamic handler
#1385 (Kazuho Oku)
- [mime] flush all existing mapping when file.mime.settypes
is used #1416 (Ichito Nagata)
- [mruby] update mruby and modules #1320 #1338 #1413
- [mruby] expose SERVER_PROTOCOL #1353 (Frederik Deweerdt)
- [mruby] properly handle content-less response #1430
(Ichito Nagata)
- [proxy] do not drop the Date request header #1408
(Ichito Nagata)
- [ssl] fix deadlock during lazy initialzation #1425
(Apollon Oikonomopoulos)
- [ssl] fix epoll-related crashes on OSCP updates #1427
(Apollon Oikonomopoulos)
- [ssl] avoid spurious session ticket renewals #1444
(Apollon Oikonomopoulos)
- [websocket] fix bug that might drop the first websocket frame
#1276 (wuhanck)
- [libh2o] clear OpenSSL's error queue before using it #1448
(Apollon Oikonomopoulos)
- [doc] add documentation of duration-stats #1306
(Frederik Deweerdt)
- [misc] fix build issues on OpenIndiana #1300 (David Carlier)
- [misc] build on platforms without 64-bit atomics #1433
(Apollon Oikonomopoulos)
- changes from 2.2.2
- [ssl] fix OCSP stapling error when LibreSSL is used #1275
(Ian Moone)
- changes from 2.2.1
- [mruby] correct the line number reported on an exception
#1239 #1251 (Ichito Nagata)
- [mruby] retain the order of request headers sharing a single name
#1271 (Kazuho Oku)
- [ssl] fix assertion failure in decode_ssl_input #1264 (Kazuho Oku)
- [ssl] fix OCSP stapling error when OpenSSL 1.1.0 is used #1270
(Kazuho Oku)
- [libh2o] fix crash when abruptly closing an HTTP/2 connection
on libuv #1250 (Kazuho Oku)
- [libh2o] fix memory leak of _timestamp_cache #1255 (Kazuho Oku)
- [doc] restore doc of %{...}e #1252 (Kazuho Oku)
- [doc] fix typo suggesting using brotli instead of br #1263
(Bogdan Khomutsky)
- [misc] fix undefined behaviors detected by ubsan #1246
(Frederik Deweerdt)
- changes from 2.2.0
- [core] add crash-handler.wait-pipe-close parameter #1092
(Frederik Deweerdt)
- [core] introduce an option to bypass the server header sent
from upstream #1226 (Frederik Deweerdt)
- [core] apply global- and host-level configuration to requests
not applicable to any of the path-level configurations #1231 (Kazuho Oku)
- [access-log] add %{remote}p for logging the remote port
#1166 (Kazuho Oku)
- [access-log] add support for JSON-style escapes and null
#1208 (Kazuho Oku)
- [access-log] add specifier for logging per-request environment
variables #1221 (Yannick Koechlin)
- [access-log] add support for <, > modifiers for logging either
the original or the final response #1238 (Kazuho Oku)
- [access-log] do not emit request-total-time twice #1017
(Kazuho Oku)
- [fastcgi] fix a bug that closes the FastCGI listener socket
during startup #1203 (Frederik Deweerdt)
- [file] add directive for serving gzipped files,
decompressing them on-the-fly #1140 (Ichito Nagata)
- [headers] fix buffer overrun during startup #1180
(Frederik Deweerdt)
- [http1][proxy] preserve the cases of characters used in
header names #1194 (Frederik Deweerdt)
- [http1][proxy] fix undefined behavior in HTTP/1 parser
#1189 (Frederik Deweerdt)
- [http1] stop reading from socket after sending 400 to avoid
the risk of assertion failure #1223 (Frederik Deweerdt)
- [http2] recognize x-http2-push-only attribute on link header
#1169 (Frederik Deweerdt)
- [http2] add optional timeout for closing connections upon
graceful shutdown #1108 (Frederik Deweerdt)
- [http2] do not ack an acked PING frame #1175 (Moto Ishisawa)
- [http2] reject requests exceeding the maximum allowed size
more efficiently #1183 (Frederik Deweerdt)
- [mruby] remove dependenty to mkmf #1197 (Yuki Kurihara)
- [mruby] correct the line number reported on an exception
#1239 (Ichito Nagata)
- [proxy] add directives for tweaking headers sent to upstream
#1126 (Justin Zhu)
- [proxy] retain case-sensitivity of unix socket paths #1131
(Frederik Deweerdt)
- [proxy] add directive for controlling the via request header
#1225 (Frederik Deweerdt)
- [ssl] add directive for logging session ID #1164
(Yannick Koechlin)
- [ssl] add support for TLS 1.3 draft-18 #1204 (Kazuho Oku)
- [ssl] stop evicting session entries in memcached when they are
removed from internal cache #1185 (Ichito Nagata)
- [ssl] fix crash when a secp384r1, secp521r1 certificate is
used with TLS 1.3 #1214 (Kazuho Oku)
- [ssl] fix build failure with OpenSSL 1.1.0 #1216 (Kazuho Oku)
- [ssl] add doc for handshake-timeout #1233 (Kazuho Oku)
- [status] fix race condition during start-up #1242
(Frederik Deweerdt)
- [libh2o] implement h2o_evloop_destroy #1200 (kazan417)
- [misc] add test code for fuzzing #1174 #1182 #1191 #1192
(Frederik Deweerdt, Jonathan Foote)
- [misc] fix issues reported by Coverity #1168 #1172 #1179
(Harrison Bowden, Frederik Deweerdt)
- changes from 2.2.0-beta3
- [core] introduce an option to bypass the server header
sent from upstream #1226 (Frederik Deweerdt)
- [core] apply global- and host-level configuration to
requests not applicable to any of the path-level
configurations #1231 (Kazuho Oku)
- [access-log] in JSON logging, remove surrounding quotes
arround null #1229 (Kazuho Oku)
- [ssl] add doc for handshake-timeout #1233 (Kazuho Oku)
- changes from 2.2.0-beta2
- [access-log] add support for JSON-style escapes and null
#1208 (Kazuho Oku)
- [access-log] add specifier for logging per-request environment
variables #1221 (Yannick Koechlin)
- [http1] stop reading from socket after sending 400 to avoid
the risk of assertion failure #1223 (Frederik Deweerdt)
- [proxy] add directive for controlling the via request header
#1225 (Frederik Deweerdt)
- [ssl] fix crash when a secp384r1, secp521r1 certificate
is used with TLS 1.3 #1214 (Kazuho Oku)
- [ssl] fix build failure with OpenSSL 1.1.0 #1216 (Kazuho Oku)
- changes from 2.2.0-beta1
- [core] add crash-handler.wait-pipe-close parameter #1092
(Frederik Deweerdt)
- [access-log] do not emit request-total-time twice #1017
(Kazuho Oku)
- [fastcgi] fix a bug that closes the FastCGI listener socket
during startup #1203 (Frederik Deweerdt)
- [file] add directive for serving gzipped files, decompressing
them on-the-fly #1140 (Ichito Nagata)
- [headers] fix buffer overrun during startup #1180
(Frederik Deweerdt)
- [http1][proxy] preserve the cases of characters used in header
names #1194 (Frederik Deweerdt)
- [http1][proxy] fix undefined behavior in HTTP/1 parser #1189
(Frederik Deweerdt)
- [http2] recognize x-http2-push-only attribute on link header
#1169 (Frederik Deweerdt)
- [http2] add optional timeout for closing connections upon
graceful shutdown #1108 (Frederik Deweerdt)
- [http2] do not ack an acked PING frame #1175 (Moto Ishisawa)
- [http2] reject requests exceeding the maximum allowed size
more efficiently #1183 (Frederik Deweerdt)
- [mruby] remove dependenty to mkmf #1197 (Yuki Kurihara)
- [proxy] add directives for tweaking headers sent to upstream
#1126 (Justin Zhu)
- [proxy] retain case-sensitivity of unix socket paths #1131
(Frederik Deweerdt)
- [ssl] add directive for logging session ID #1164
(Yannick Koechlin)
- [ssl] add support for TLS 1.3 draft-18 #1204 (Kazuho Oku)
- [ssl] stop evicting session entries in memcached when they are
removed from internal cache #1185 (Ichito Nagata)
- [libh2o] implement h2o_evloop_destroy #1200 (kazan417)
- [misc] add test code for fuzzing #1174 #1182 #1191 #1192
(Frederik Deweerdt, Jonathan Foote)
- [misc] fix issues reported by Coverity #1168 #1172 #1179
(Harrison Bowden, Frederik Deweerdt)
- changes from 2.1.0
- [core] TCP latency optimization #873 #1076 (Kazuho Oku)
- [core] provide tag to include other YAML files from the
configuration file #1022 (Ichito Nagata)
- [core] accept sequence of mappings for path-level configuration
#1042 (Ichito Nagata)
- [core] fix broken support for TCP Fast Open in OS X #1065
(Ichito Nagata)
- [access-log] provide directive to emit request-level errors
#1075 (Kazuho Oku)
- [access-log] emit values of all set-cookie headers concatenated
#1161 (Kazuho Oku)
- [fastcgi] fix connection failure when fastcgi.spawn is used with
an uid #1119 (Kazuho Oku)
- [file] more pre-defined MIME types #1103 (Joe Duarte)
- [http2][proxy] recognize link rel=preload headers in interim
response as a trigger to push resources #916 (Kazuho Oku)
- [http1][http2] validate characters used in the headers
#974 #1044 (Frederik Deweerdt, Kazuho Oku)
- [http1][http2] notify error downstream when an error occurred
while generating a response #1031 (Frederik Deweerdt)
- [http1][http2] fix resource leak upon upgrade failure to HTTP/2
#1161 (Frederik Deweerdt)
- [http2] add http2-push-preload directive to turn off H2 push
being initiated by link rel=preload header #929 (Kazuho Oku)
- [http2] add support for cache-digest header #967 #988
(Kazuho Oku)
- [http2] drop host header in HTTP/2 layer #973 #998
(Frederik Deweerdt, Kazuho Oku)
- [http2] don't use etag for calculating casper cookie #986
(Kazuho Oku)
- [http2] add support for H2 debug state #1019 (Ichito Nagata)
- [mruby] add dos_detector mruby handler #1013 (Ichito Nagata)
- [mruby] add DSL for access control lists (acl) #1016
(Ichito Nagata)
- [mruby] share mruby state and constants between handlers #1032
(Ichito Nagata)
- [mruby] add library for address-block-based access control
#1038 (Ichito Nagata)
- [proxy] add an option to connect to upstream using PROXY
protocol #930 (Kazuho Oku)
- [proxy] don't escape : in URI path #977 (Frederik Deweerdt)
- [proxy] preserve received URLs as much as possible #985 #1071
(Frederik Deweerdt)
- [proxy] add an option to prevent emiting x-forwarded-* headers
#999 (Frederik Deweerdt)
- [proxy] cache TLS session used for upstream connections #1053
(Ichito Nagata)
- [proxy] turn on/off on-the-fly compression based on the
x-compress-hint header #1085 (Frederik Deweerdt)
- [ssl] set add_lock callback to prevent unnecessary
lock-add-unlock #983 (Roberto Guimaraes)
- [ssl] add support for OpenSSL 1.1.0 #1064 (Kazuho Oku)
- [status] collect and report HTTP statistics #893
(Frederik Deweerdt)
- [status] report additional stats when jemalloc is used #1017
(Frederik Deweerdt)
- [throttle] add new handler for throttling the response bandwidth
#917 (Justin Zhu)
- [libh2o] provide h2o_rand that calls the appropriate random
function depending on the OS #927 (David CARLIER)
- [libh2o] do not require use of picohttpparser.h when using the
HTTP/1 client #946 (Kazuho Oku)
- [libh2o] install library files to the correct location #1116
(Frederik Deweerdt)
- [misc] provide crash-handler directive to customize crash
logging #935 (Frederik Deweerdt)
- [misc] guess the default location of h2o.conf #969
(Davsid Carlier)
- [misc] allow to disable libuv even when it is found #995
(Frederik Deweerdt)
- [misc] add font/woff2 to the default mime-type mapping #1066
(Andy Davies)
- [misc] mark JavaScript and JSON files as compressible by default
#1067 (Kazuho Oku)
-------------------------------------------------------------------
Sat Jan 7 01:14:28 UTC 2017 - mrueckert@suse.de
- update to 2.0.6
- [compress] fix the compression quality being ignored #1154
(Yannick Koechlin)
- [mruby] stop GIT access during build #1149 (parly)
- changes from 2.0.5
- [security fix] fix use-after-free vulnerability CVE-2016-7835
#1144 (Frederik Deweerdt, Kazuho Oku)
- [core] fix busy loop after receiving SIGTERM (linux) #1100
(Kazuho Oku, Frederik Deweerdt)
- [core] don't try to register kevent changes more than once
(*BSD, OS X) #1113 (Ichito Nagata)
- [compress] set `vary: accept-encoding` upon negotiation failure
of the compression method #1083 (Frederik Deweerdt)
- [file] add missing `</ul>` #1106 (Kazuho Oku)
- [http2] fix a bug that left connections open #1090 (Kazuho Oku)
- [http2] ignore PRIORITY frames that reference closed pushed
streams #1105 (Frederik Deweerdt)
- [http2] add `Secure` attribute to the casper cookie #1134
(Kazuho Oku)
- [http2] permit use of HEADERS with a smaller stream ID than a
preceding PRIORITY #1136 (Frederik Deweerdt, Kazuho Oku)
- [mruby] update mruby to HEAD #1135 (Kazuho Oku)
- [proxy] set `content-length: 0` when receiving a zero-byte POST
or PUT #1080 (Frederik Deweerdt)
- [ssl] update libressl to 2.4.4 #1127 (Kazuho Oku)
- [ssl] erase OCSP stapling data when the stapling updater
returns a permanent failure #1117 (Kazuho Oku)
- changes from 2.0.4
- [security fix][core] fix DoS attack vector CVE-2016-4864 #1077
(Frederik Deweerdt, Kazuho Oku)
- [libh2o] fix crash on connect timeout #960 (disigma)
- changes from 2.0.3
- [file] don't use `readdir_r` on Linux, Solaris #1046 #1052
(Frederik Deweerdt, Kazuho Oku)
- [http2] fix negative error code sent when cancelling a pushed
stream #1039 (Frederik Deweerdt)
- [http2] fix a bug that may cause a stream to stall #1040
(Frederik Deweerdt)
- [http2] fix a bug that reset the stream when receiving HEADERS
after PRIORITY #1043 (Frederik Deweerdt)
- [mruby] fix mruby handler becoming unusable after failed
connection in http_request on FreeBSD #1062 (Kazuho Oku)
- changes from 2.0.2
- [fastcgi] setenv should displace HTTP headers #996 (Kazuho Oku)
- [http2] fix buffer overrun #972 (Frederik Deweerdt)
- [misc] fix build error when libuv is not found #1008
(nextgenthemes)
- [misc] fix assertion failure when YAML alias and merge is used
in certain way #1011 (Kazuho Oku)
- changes from 2.0.1
- [fastcgi] fix internal server error when PHP returns a huge
header #958 (Kazuho Oku)
- [http2] recognize link header containing multiple links #950
(Frederik Deweerdt)
- [libh2o] fix resource leaks upon startup failure #936 (David
CARLIER)
- [libh2o] do not require linking to libbrotli externally #941
(Kazuho Oku)
- changes from 2.0.0
- [core][breaking change] do not automatically append `/` to
path-level configuration #820 (Kazuho Oku)
- [core] support `<<` in configuration file #786 (Kazuho Oku)
- [core] configurable server: header #877 (Frederik Deweerdt)
- [core] add directive for customizing the path of temporary
buffer files #911 (Kazuho Oku)
- [core] fix crash when receiving SIGTERM during start-up #878
(Frederik Deweerdt)
- [core] spawn the configured number of DNS client threads #880
(Sean McArthur)
- [access-log] add directive for logging protocol-specific values
#801 (Kazuho Oku)
- [access-log][fastcgi][mruby] per-request environment variables
#868 (Kazuho Oku)
- [access-log] fix memory leak during start-up #864 (Frederik
Deweerdt)
- [compress] on-the-fly compression using brotli, as well as
directives to tune the compression parameters #802, #924
(Kazuho Oku, Frederik Deweerdt)
- [compress][expires] refrain from setting redundant
`cache-control` tokens #846 (Kazuho Oku)
- [file] `file.file` directive for mapping specific file #822
(Kazuho Oku)
- [file] `send-compress` directive (renamed from `send-gzip`) to
support pre-compressed files using brotli #802 (Kazuho Oku)
- [file] cache open failures #836 (Kazuho Oku)
- [http2] support for nopush attribute in the link rel=preload
header #863 (Satoh Hiroh)
- [http2] support for push after delegation #866 (Kazuho Oku)
- [http2] ignore push indications made by a pushed response #897
(Kazuho Oku)
- [http2] accept `capacity-bits` attribute of the `http2-casper`
configuration directive #882 (Satoh Hiroh)
- [http2] avoid memcpy during HPACK huffman encoding #749 (Kazuho
Oku)
- [http2] fix potential stall when
http2-max-concurrent-requests-per-connection is set to a small
number #912 (Kazuho Oku)
- [http2] refuse push a single resource more than once #903
(Kazuho Oku)
- [http2] fix assertion failure when receiving more data than
expected during upgrade #922 (Frederik Deweerdt)
- [mruby] add $H2O_ROOT/share/h2o/mruby to the default load path
#851 (Kazuho Oku)
- [proxy] add support for HTTPS #875 (Kazuho Oku)
- [proxy] add an configuration option to pass through
`x-forwarded-proto` request header #883 (Kazuho Oku)
- [proxy] log error when upstream connection is unexpectedly
closed #895 (Frederik Deweerdt)
- [ssl] update libressl to 2.2.7 #898 (Kazuho Oku)
- [ssl] support ECDH curves other than P-256 #841 (Kazuho Oku)
- [ssl] add support for text-based memcache protocol #854 (Kazuho
Oku)
- [ssl] fix memory leak when using TLS resumption with the
memcached backend #856 (Kazuho Oku)
- [ssl] fix "undefined subroutine" error in the OCSP updater #872
(Masayuki Matsuki)
- [ssl] cap the number of OCSP updaters running concurrently #891
(Kazuho Oku)
- [ssl] fix use-after-free when using session resumption with
memcached backend #923 (Frederik Deweerdt)
- [libh2o] add API for obtaining the socket descriptor #886
(Frederik Deweerdt)
- [libh2o] add API to selectively disable automated I/O on reads
and writes #890 (Frederik Deweerdt)
- [libh2o] bugfix: h2o_mem_swap swaps only the first 256 bytes
#924 (Frederik Deweerdt)
- [status] introduce the status handler #848 (Kazuho Oku)
- [misc] install examples #850 (James Rouzier)
- changes from 1.7.3
- [security fix][http2] fix use-after-free on premature
connection close (CVE-2016-4817) #920 (Frederik Deweerdt)
- [core] fix SIGBUS when temporary disk space is full #910
(Kazuho Oku)
- [mruby] do not drop `link` header #913 (Kazuho Oku)
- [mruby] fix memory leak during initialization #906 (Frederik
Deweerdt)
- [mruby] fix race condition in mruby regex handler #908 (Kazuho
Oku)
- [libh2o] fix crash in h2o_url_stringify #918 (Kazuho OKu)
- changes from 1.7.2
- [core] fix crash when receiving SIGTERM during start-up #878
(Frederik Deweerdt)
- [core] spawn the configured number of DNS client threads #880
(Sean McArthur)
- [http2] accept `capacity-bits` attribute of the `http2-casper`
configuration directive #882 (Satoh Hiroh)
- [ssl] update libressl to 2.2.7 #898 (Kazuho Oku)
- [ssl] fix memory leak when using TLS resumption with the
memcached backend #856 (Kazuho Oku)
- [ssl] fix "undefined subroutine" error in the OCSP updater #872
(Masayuki Matsuki)
-------------------------------------------------------------------
Wed Feb 10 23:52:31 UTC 2016 - mrueckert@suse.de
- update to 1.7.0
- [core] support for wildcard hostnames #634 (Kazuho Oku)
- [core][file] preserve query paramaters upon redirection to a
directory #690 (Tatsuhiro Tsujikawa)
- [core] use uppercase letters in URI-escape sequence #695
(Kazuho Oku)
- [core] forbid duplicates in `hosts` section #709 (Kazuho Oku)
- [fastcgi] add support for CGI #618 (Kazuho Oku)
- [fastcgi] drop transfer-encoding header #641 (Kazuho Oku)
- [file] fix a bug that caused `file.mime.addtypes` to fail
setting the attributes of a content-type #731 (Kazuho Oku)
- [http2] fix broken `PUSH_PROMISE` frames being sent under high
pressure #734 #736 (Kazuho Oku)
- [mruby] provide `env["rack.input"]` #515 #638 #644 (Masayoshi
Takahashi, Kazuho Oku)
- [mruby] HTTP client API #637 #643 (Kazuho Oku)
- [mruby] dump the ruby source on error #631 (Kazuho Oku)
- [mruby] provide access to `$H2O_ROOT` #629 (Kazuho Oku)
- [mruby] change mrb_int to 64-bit on 64-bit systems #639 (Kazuho
Oku)
- [mruby] concatenate request headers having same name #666
(Kazuho Oku)
- [mruby] bundle mruby-errno, mruby-file-stat #675 (Kazuho Oku)
- [mruby] refrain from building mruby handler by default if mkmf
(part of ruby dev files) is not found #710 (Kazuho Oku)
- [proxy] detect upstream close of pooled socket before reuse
#679 (Kazuho Oku)
- [reproxy] add support for relative URI #712 (Kazuho Oku)
- [ssl] turn on neverbleed by default #633 (Kazuho Oku)
- [libh2o] fix memory leaks during destruction #724 (greatwar)
- [libh2o] simplify vector operations #715 #735 (Domingo Alvarez
Duarte)
- [misc] support basic authentication using .htpasswd #624
(Kazuho Oku)
- [misc] fix build error when an older version of H2O is
installed aside an external dependency #718 #722 #736 (Kazuho
Oku)
- changes from 1.6.3
- [fastcgi][proxy] fix double-free issue during configuration
phase #723 (Kazuho Oku)
- [proxy] fix response getting truncated when neither
content-length nor transfer-encoding is used #725 (Kazuho Oku)
- [websocket] fix crash when access-log is enabled #698 (Shota
Fukumori)
- changes from 1.6.2 2016-01-13 06:24:00+0000
- [security fix][redirect] uri-escape the user-supplied portion
of the redirect path (CVE-2016-1133) #682 #684 (Kazuho Oku)
- [core] fix error when trying to set multiple error documents
using one `error-doc` directive #676 (Yamagishi Kazutoshi)
- [file] fix a bug that incorrectly returns 403 when a file is
requested with a trailing slash #686 (Yamagishi Kazutoshi)
- [http2] fix HPACK encoder error (and crash) when trying to
encode a token wo. hpack index #640 (Kazuho Oku)
- [libh2o] fix race condition during multithread receiver
(un)registration #659 (Chul-Woong Yang)
- [libh2o] fix memory leak on dispose #683 (Kazuho Oku)
- changes from 1.6.1 2015-12-18 05:05:00+0000
- [misc] fix build error on armv8a #628 (Kazuho Oku)
- [misc] fix build error when libuv < 1.0.0 is installed #630
(Kazuho Oku)
- changes from 1.6.0 2015-12-04 05:47:00+0000
- [core] customized error pages #606 (Kazuho Oku)
- [core] fix busy loop when receiving RST packet under certain
conditions #603 (Kazuho Oku)
- [access-log] collect and log various timings #583 (Kazuho Oku)
- [access-log] support '%A' and '%p' #585 (Kazuho Oku)
- [access-log] support '%{...}t' compatibile with Apache HTTP
Server #587 (Kazuho Oku)
- [fastcgi] increase backlog size the bundled fastcgi server #588
(Kazuho Oku)
- [fastcgi] fix uninitialized memory access / memory leak during
startup #611 (Kazuho Oku)
- [file] implement file descriptor cache #596 (Kazuho Oku)
- [http2] increase incoming window size from 256KB to 16MB #582
(Kazuho Oku)
- [http2] decrease memory footprint (and speedup) #599 (Kazuho
Oku)
- [http2] start server push before the response headers for the
original request becomes ready #593 (Kazuho Oku)
- [http2] fix issues reported by h2spec 1.2.0 #595 (Kazuho Oku)
- [http2] fix NULL access when an error during upgrade from
HTTP/1 #607 (Kazuho Oku)
- [http2] fix too-many-streams error with h2load #608 (Kazuho
Oku)
- [websocket] support proxying websocket connections #581 (Justin
Zhu)
- [libh2o] fix compiler warnings #598 (Matt Clarkson, Kazuho Oku)
- [misc] downgrade required CMake version to 2.8.11 #594 (Kazuho
Oku)
- changes from 1.5.4
- [access-log] do not emit protocol and authority for `%U` #586
(Kazuho Oku)
- [ssl] fix handshake failure with older versions of Android
(2.x) #591 (Kazuho Oku)
- changes from 1.5.3
- [core] decode url-encoded character at the end of path #567
(Kazuho Oku)
- [access-log] fix startup failure on OSX when configured to emit
to pipe #580 (Kazuho Oku)
- [http2] fix memory / state corruption in HPACK encoder #571
(Tatsuhiro Tsujikawa, Kazuho Oku)
- [http2] improve HPACK compression ratio #573 (Tatsuhiro
Tsujikawa, Kazuho Oku)
- [http2] fix behavior when HEADERS frame specifies a stream not
open as a dependency #575 (Kazuho Oku)
- [proxy] do not reset HTTP2 push paths when request is delegated
to proxy #579 (Kazuho Oku)
- [ssl] include "http/1.1" in ALPN / NPN protocol selection list
#578 (Kazuho Oku)
- changes from 1.5.2
- [http2] fix stall when only reprioritized streams are being
transferred #564 (Kazuho Oku)
- changes from 1.5.1
- [file] fixed directory listing not alphabetically sorted #412
#474 #539 (Kazuho Oku)
- [file] mime-type lookup should be case-insensitive #561 (Kazuho
Oku)
- [file] fix corrupt links in directory listing #562 (Kazuho Oku)
- [http1] preserve HTTP connection after redirect #552 (Kazuho
Oku)
- [http2] fixed reprioritized streams (to highest) sometimes
being interleaved with lower priority streams #550 (Kazuho Oku)
- [libh2o] add `-DWITHOUT_LIBS=ON` configuration option #551
(Kazuho Oku)
- [libh2o] adjustments to build libh2o in a subdirectory #556
(Futur Solo)
- [misc] rewrite setuidgid helper program in Perl #553 (Kazuho
Oku)
- [misc] fix doc issues #530 #547 #549 (Masaki TAGAWA, Kazuho
Oku, Kazu Yamamoto)
- drop h2o-1.4.4_compile.patch
-------------------------------------------------------------------
Fri Oct 16 14:02:59 UTC 2015 - mrueckert@suse.de
- update to 1.5.0
- [http2] enable `http2-reprioritize-blocking-assets` by default
#528 (Kazuho Oku)
- [ssl] fix issues with neverbleed #520 (Kazuho Oku)
- [mruby] provide `env['rack.errors']`, `env['SERVER_SOFTWARE']`
#517 #519 (Masayoshi Takahashi, Kazuho Oku)
- [ssl] add support for neverbleed - the OpenSSL / LibreSSL
privilege separation engine #520 (Kazuho Oku)
- [http2] fix crash when `http2-reprioritize-blocking-assets`,
`file.custom-handler` are used together #511 #514 (Kazuho Oku)
- [serurity fix][file] fix directory traversal (CVE-2015-5638)
(Kazuho Oku)
- [mruby] fix build failure when oniguruma is already installed
#501 #506 (Kazuho Oku)
- [mruby] update sample mruby app to use rack-based API #498
(Masayoshi Takahashi)
- [core] introduce `is_compressible` and `priority` attributes to
MIME map #436 #496 (Kazuho Oku)
- [access-log] fix bug that emitted unnecessary NUL char in
certain conditions #462 #463 (Kazuho Oku)
- [fastcgi] support for http2 server-push using `link:
rel=preload` header #446 (Kazuho Oku)
- [file] send `etag` and `vary` headers on 304 response #439
(Kazuho Oku)
- [file] sort directory listing #412 #474 (Kazuho Oku)
- [gzip] introduce support for on-the-fly gzip #413 #457 (Justin
Zhu)
- [http2] introduce cookie-based implementation of cache-aware
server-push #421 #432 (Kazuho Oku)
- [http2] improve HPACK compression ratio of server-push #450
(Kazuho Oku)
- [http2] never push if client requested not to #464 (Kazuho Oku)
- [http2] send `content-length` if possible #472 (Kazuho Oku)
- [mruby] production-level support using Rack-based interface
#467 #475 #489 (Kazuho Oku)
- [reproxy] support delegation using relative URL #468 (Kazuho
Oku)
- [reproxy] preserve method if status is 307 or 308 #491 (Kazuho
Oku)
- [ssl] improved error handling of `openssl ocsp` command #449
#454 (Tatsuhiro Tsujikawa)
- [ssl] use libressl on ARM as well #485 (Kazuho Oku)
-------------------------------------------------------------------
Sat Sep 5 19:14:03 UTC 2015 - mrueckert@suse.de
- initial package
