Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
litespeed_wiki:changelog [2019/08/07 19:02] Lucas Rolff Add 5.4 build 2 |
litespeed_wiki:changelog [2019/09/27 17:21] Lucas Rolff Add build 3 and 4 |
||
---|---|---|---|
Line 1: | Line 1: | ||
====== LiteSpeed Web Server Changelog ====== | ====== LiteSpeed Web Server Changelog ====== | ||
+ | |||
+ | ===== Version 5.4.1 ===== | ||
+ | |||
+ | === Build 4 === | ||
+ | [Improvement] Automatically restart running PHP processes after detecting PHP binary updates. | ||
+ | [Improvement] Automatically converted ea-phpXX handler configuration to phpXX handler when ea-php handler is not available. | ||
+ | [Improvement] Improved AIO access logging to minimize disk I/O. | ||
+ | [Bug Fix] Close unused REUSEPORT socket. | ||
+ | [Bug Fix] Make "requests processed" counter more accurate in real-time report. | ||
+ | [Bug Fix] Make per Apache vhost PHP 7.4 handler run in suEXEC mode. | ||
+ | [Bug Fix] Fixed a bug reading CGI 'umask' configuration as an octal number. | ||
+ | |||
+ | === Build 3 === | ||
+ | [Bug Fix] Fixed a .htaccess cache bug that caused the server's default PHP handler to be used instead of per-vhost suEXEC handlers. | ||
+ | [Bug Fix] Fixed a WP brute force protection bug that occasionally caused 100% CPU usage. | ||
+ | [Bug Fix] Fixed a divide by zero bug that was causing server crashes. | ||
+ | [Bug Fix] Fixed a mod_security engine bug where `@geolookup` would not work properly with new MaxMind DB files. | ||
+ | [Tuning] Reduced Brotli compression memory usage. | ||
+ | [Tuning] Allow mapping www.TLD.com and TLD.com to different native virtual hosts. | ||
+ | |||
+ | === Build 2 === | ||
+ | |||
+ | [New Feature] Added an option to allow generation of full real time status report, including idle virtual host and external app stats. | ||
+ | [Bug Fix] Fixed an RBL compatibility issue with modsecurity rules from Imunify360. | ||
+ | [Bug Fix] Fixed a Layer4 tunnel bug that caused random crashes. | ||
+ | [Bug Fix] Fixed Apache sometimes starting inside the lshttpd cgroup when switching from LSWS to Apache. | ||
+ | [Bug Fix] Fixed all LSPHP processes not being stopped when switching from LSWS to Apache. | ||
+ | [Bug Fix] Fixed a QuicEngine bug that sometimes caused a server crash. | ||
+ | |||
+ | === Build 1 === | ||
+ | |||
+ | [Improvement] Avoid reCAPTCHA verification on AJAX requests to minimize false positives. | ||
+ | [Improvement] Make built-in error and reCAPTCHA verification pages responsive. | ||
+ | [Improvement] Remove '[' ']' enclosure for IPv6 addresses in the access log and request environment variable REMOTE_ADDR. | ||
+ | [Bug Fix] Fixed a bug that caused HTTP/2 requests to stall under rare conditions. | ||
+ | [Bug Fix] Fixed a bug that caused broken non-keepalive HTTPS responses. | ||
+ | [Bug Fix] Fixed a bug that caused WordPress brute force protection false positive. | ||
+ | |||
+ | === Build 0 === | ||
+ | |||
+ | [Security] Addressed recent HTTP/2 DoS advisories (https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md). Fixed CVE-2019-9516 ""0-Length Headers Leak"" vulnerability. Completely blocks unaffected attacks: CVE-2019-9511 ""Data Dribble"", CVE-2019-9512 ""Ping Flood"", CVE-2019-9513 ""Resource Loop"", CVE-2019-9514 ""Reset Flood"", CVE-2019-9515 ""Settings Flood"", CVE-2019-9517 ""Internal Data Buffering"", and CVE-2019-9518 ""Empty Frames Flood"". | ||
+ | [New Feature] Updated HTTP/3 support to Internet Draft 22. | ||
+ | [New Feature] Smart server PUSH uses cookies to track pushed assets, avoiding pushing the same asset repeatedly. | ||
+ | [Improvement] reCAPTCHA engine has been improved to reduce false positives. | ||
+ | [Bug fix] Fixed a chunk encoding bug that could cause data corruption. | ||
+ | [Bug Fix] Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services. | ||
+ | [Bug Fix] Fixed a regression that prevented Apache vhosts from using PHP daemon mode. | ||
+ | [Bug Fix] Fixed a cache engine bug that failed to forward the `X-Litespeed-purge2` response header to front-end ADC cache engines. | ||
+ | [Bug Fix] Fixed a bug that causes Python WSGI applications to fork child processes frequently. | ||
===== Version 5.4 ===== | ===== Version 5.4 ===== | ||
+ | |||
+ | === Build 3 === | ||
+ | |||
+ | [Bug Fix] Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services. | ||
=== Build 2 === | === Build 2 === | ||
Line 27: | Line 80: | ||
[New Feature] Added support for Q046 in QUIC engine. | [New Feature] Added support for Q046 in QUIC engine. | ||
[New Feature] HTTPS accelerator with direct dynamic TLS record packaging, improving both HTTPS throughput and TTFB without compromise. | [New Feature] HTTPS accelerator with direct dynamic TLS record packaging, improving both HTTPS throughput and TTFB without compromise. | ||
- | [New Feature] HTTPS handshake offloading, improving HTTPS handshake speed and avoiding clogging the server's main event loop. | + | [New Feature] HTTPS handshake offloading, improving HTTPS handshake speed and avoiding clogging the server's main event loop. (No extra configuration required) |
[New Feature] SO_REUSEPORT support, improving multi-worker scalability for high traffic deployments. | [New Feature] SO_REUSEPORT support, improving multi-worker scalability for high traffic deployments. | ||
[New Feature] HTTPS certificate compression, reducing the size of HTTPS handshake exchange data. | [New Feature] HTTPS certificate compression, reducing the size of HTTPS handshake exchange data. |