Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
litespeed_wiki:changelog [2019/07/31 04:42] Lucas Rolff Update changelog |
litespeed_wiki:changelog [2019/08/18 17:58] Lucas Rolff 5.4.1 |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== LiteSpeed Web Server Changelog ====== | ====== LiteSpeed Web Server Changelog ====== | ||
+ | |||
+ | ===== Version 5.4.1 ===== | ||
+ | |||
+ | === Build 0 === | ||
+ | |||
+ | [Security] Addressed recent HTTP/2 DoS advisories (https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md). Fixed CVE-2019-9516 ""0-Length Headers Leak"" vulnerability. Completely blocks unaffected attacks: CVE-2019-9511 ""Data Dribble"", CVE-2019-9512 ""Ping Flood"", CVE-2019-9513 ""Resource Loop"", CVE-2019-9514 ""Reset Flood"", CVE-2019-9515 ""Settings Flood"", CVE-2019-9517 ""Internal Data Buffering"", and CVE-2019-9518 ""Empty Frames Flood"". | ||
+ | [New Feature] Updated HTTP/3 support to Internet Draft 22. | ||
+ | [New Feature] Smart server PUSH uses cookies to track pushed assets, avoiding pushing the same asset repeatedly. | ||
+ | [Improvement] reCAPTCHA engine has been improved to reduce false positives. | ||
+ | [Bug fix] Fixed a chunk encoding bug that could cause data corruption. | ||
+ | [Bug Fix] Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services. | ||
+ | [Bug Fix] Fixed a regression that prevented Apache vhosts from using PHP daemon mode. | ||
+ | [Bug Fix] Fixed a cache engine bug that failed to forward the `X-Litespeed-purge2` response header to front-end ADC cache engines. | ||
+ | [Bug Fix] Fixed a bug that causes Python WSGI applications to fork child processes frequently. | ||
===== Version 5.4 ===== | ===== Version 5.4 ===== | ||
+ | |||
+ | === Build 3 === | ||
+ | |||
+ | [Bug Fix] Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services. | ||
+ | |||
+ | === Build 2 === | ||
+ | |||
+ | [New Feature] Updated HTTP/3 support to Internet Draft 22 . | ||
+ | [New Feature] Smart server PUSH uses cookies to track pushed assets, avoiding pushing the same asset repeatedly. | ||
+ | [Improvement] Re-enabled PHP graceful shutdown now that the PHP LiteSpeed SAPI 7.5 package is ready. | ||
+ | [Improvement] Tuned reCAPTCHA verification to avoid requesting verification on image/css/js files. | ||
+ | [Bug Fix] Minor bug fixes for 404 logging and some rare crashes. | ||
=== Build 1 === | === Build 1 === | ||
Line 19: | Line 45: | ||
[New Feature] Added support for Q046 in QUIC engine. | [New Feature] Added support for Q046 in QUIC engine. | ||
[New Feature] HTTPS accelerator with direct dynamic TLS record packaging, improving both HTTPS throughput and TTFB without compromise. | [New Feature] HTTPS accelerator with direct dynamic TLS record packaging, improving both HTTPS throughput and TTFB without compromise. | ||
- | [New Feature] HTTPS handshake offloading, improving HTTPS handshake speed and avoiding clogging the server's main event loop. | + | [New Feature] HTTPS handshake offloading, improving HTTPS handshake speed and avoiding clogging the server's main event loop. (No extra configuration required) |
[New Feature] SO_REUSEPORT support, improving multi-worker scalability for high traffic deployments. | [New Feature] SO_REUSEPORT support, improving multi-worker scalability for high traffic deployments. | ||
[New Feature] HTTPS certificate compression, reducing the size of HTTPS handshake exchange data. | [New Feature] HTTPS certificate compression, reducing the size of HTTPS handshake exchange data. |