Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
litespeed_wiki:changelog [2019/03/22 08:05]
Lucas Rolff
litespeed_wiki:changelog [2019/08/18 17:58]
Lucas Rolff 5.4.1
Line 1: Line 1:
 ====== LiteSpeed Web Server Changelog ====== ====== LiteSpeed Web Server Changelog ======
 +
 +===== Version 5.4.1 =====
 +
 +=== Build 0 ===
 +
 +  [Security] Addressed recent HTTP/2 DoS advisories (https://​github.com/​Netflix/​security-bulletins/​blob/​master/​advisories/​third-party/​2019-002.md). Fixed CVE-2019-9516 ""​0-Length Headers Leak""​ vulnerability. Completely blocks unaffected attacks: ​ CVE-2019-9511 ""​Data Dribble"",​ CVE-2019-9512 ""​Ping Flood"",​ CVE-2019-9513 ""​Resource Loop"",​ CVE-2019-9514 ""​Reset Flood"",​ CVE-2019-9515 ""​Settings Flood"",​ CVE-2019-9517 ""​Internal Data Buffering"",​ and CVE-2019-9518 ""​Empty Frames Flood""​.
 +  [New Feature] Updated HTTP/3 support to Internet Draft 22.
 +  [New Feature] Smart server PUSH uses cookies to track pushed assets, avoiding pushing the same asset repeatedly.
 +  [Improvement] reCAPTCHA engine has been improved to reduce false positives. ​
 +  [Bug fix] Fixed a chunk encoding bug that could cause data corruption.
 +  [Bug Fix] Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services.
 +  [Bug Fix] Fixed a regression that prevented Apache vhosts from using PHP daemon mode.
 +  [Bug Fix] Fixed a cache engine bug that failed to forward the `X-Litespeed-purge2` response header to front-end ADC cache engines. ​
 +  [Bug Fix] Fixed a bug that causes Python WSGI applications to fork child processes frequently.
  
 ===== Version 5.4 ===== ===== Version 5.4 =====
 +
 +=== Build 3 ===
 +
 +  [Bug Fix] Fixed a bug that could cause truncated response bodies to be transferred over non-keepalive HTTPS connections. This usually affects front-end CDN services.
 +
 +=== Build 2 ===
 +
 +  [New Feature] Updated HTTP/3 support to Internet Draft 22 .
 +  [New Feature] Smart server PUSH uses cookies to track pushed assets, avoiding pushing the same asset repeatedly.
 +  [Improvement] Re-enabled PHP graceful shutdown now that the PHP LiteSpeed SAPI 7.5 package is ready.
 +  [Improvement] Tuned reCAPTCHA verification to avoid requesting verification on image/​css/​js files.
 +  [Bug Fix] Minor bug fixes for 404 logging and some rare crashes.
 +
 +=== Build 1 ===
 +
 +  [Update] Updated cPanel/WHM plugins to v1.2.3.3 and v3.3.3.5 respectively.
 +  [Bug fix] Fixed a chunk encoding bug that could cause data corruption.
 +  [Bug fix] Fixed a bug with customized reCAPTCHA pages.
 +  [Bug fix] Fixed a QUIC engine bug that affected graceful restarts.
 +  [Bug fix] Fixed a BAN request method parsing bug.
 +
 +=== Build 0 ===
 +
 +  [Major Improvement] Massive HTTP/2 HTTPS performance boost (up to 5x faster than LSWS v5.3.x).
 +  [Major New Feature] Experimental HTTP/3 draft 20 support.
 +  [Major New Feature] Redis and rewrite based dynamic virtual hosting.
 +  [Major New Feature] Server level reCAPTCHA protection efficiently defends against layer-7 DDoS attacks of any size.
 +  [New Feature] Added support for Q046 in QUIC engine.
 +  [New Feature] HTTPS accelerator with direct dynamic TLS record packaging, improving both HTTPS throughput and TTFB without compromise.
 +  [New Feature] HTTPS handshake offloading, improving HTTPS handshake speed and avoiding clogging the server'​s main event loop. (No extra configuration required)
 +  [New Feature] SO_REUSEPORT support, improving multi-worker scalability for high traffic deployments.
 +  [New Feature] HTTPS certificate compression,​ reducing the size of HTTPS handshake exchange data.
 +  [Improvement] Improved HTTP/2 stream prioritization for a better user browsing experience.
 +
 +=== RC4 ===
 +
 +  [New Feature] Support for SO_REUSEPORT for multi-worker license.
 +  [New Feature] HTTPS/QUIC handshake offloading.
 +  [New Feature] TLSv1.3 certificate compression.
 +  [New Feature] High Availability for Redis dynamic vhost setup.
 +  [New Feature] Support for Google QUIC 046.
 +  [New Feature] Experimental IETF QUIC draft-20.
  
 === RC3 === === RC3 ===
Line 7: Line 63:
   [Major New Feature] Dynamic Virtual Host configuration through REDIS backend.   [Major New Feature] Dynamic Virtual Host configuration through REDIS backend.
   [Major Improvement] Greatly improved HTTP/2 performance -- up to 7x faster than previous implementations.   [Major Improvement] Greatly improved HTTP/2 performance -- up to 7x faster than previous implementations.
-  [Bug Fix] Improved QUIC engine performance and stability. +  [Bug fix] Improved QUIC engine performance and stability. 
-  [Bug Fix] All bug fixes and enhancements on 5.3.x branch included.+  [Bug fix] All bug fixes and enhancements on 5.3.x branch included.
  
 === RC2 === === RC2 ===
Line 14: Line 70:
   [Major New Feature] Dynamic virtual hosting through rewrite rules.   [Major New Feature] Dynamic virtual hosting through rewrite rules.
   [Improvement] Improved HTTP/2 performance.   [Improvement] Improved HTTP/2 performance.
-  [Bug Fix] All applicable bug fixes from the 5.3 branch. +  ​[New Feature] QUIC proxy backend support for backend communication through QUIC. 
-  [Bug Fix] Fixed a few server crash bugs.+  ​[Bug fix] All applicable bug fixes from the 5.3 branch. 
 +  [Bug fix] Fixed a few server crash bugs.
  
-=== RC1 Build 3 === +=== RC1 ===
- +
-  [Bug Fix] Fixed a bug causing the default error page to hang on some HTTP/2 connections. +
-  [Bug Fix] Fixed a bug that causing some HTTPS connections to hang. +
-  [Bug Fix] Fixed an infinite recursion bug that caused a stack overflow when triggered. +
- +
-=== RC1 Build 1 === +
- +
-  [Bug fix] QUIC Transport fix +
- +
-=== RC1 Build 0 ===+
  
   [New Feature] Recaptcha verification for DDoS attack mitigation.   [New Feature] Recaptcha verification for DDoS attack mitigation.
Line 34: Line 81:
   [Major Improvement] Added LiteSpeed TLS Accelerator,​ maximizing HTTPS & HTTP/2 performance.   [Major Improvement] Added LiteSpeed TLS Accelerator,​ maximizing HTTPS & HTTP/2 performance.
   [Major Improvement] HTTP/2 performance has been improved with a better header compression/​decompression work flow.   [Major Improvement] HTTP/2 performance has been improved with a better header compression/​decompression work flow.
-  [Bug Fix] All bug fixes from LSWS 5.3.5 incremental builds included.+  [Bug fix] All bug fixes from LSWS 5.3.5 incremental builds included.
  
 +===== Version 5.3.8 =====
 +
 +=== Build 6 ===
 +
 +  [Update] Updated cPanel/WHM plugins v1.2.3.2 and v3.3.3.4 respectively.
 +  [Bug fix] Temporarily stop PHP processes with SIGKILL as a workaround for problems caused by clean shutdown logic added to PHP LiteSpeed SAPI v7.4.3.
 +  [Bug fix] Added websocket proxy support for cPanel and webmail subdomains in addition to WHM subdomains.
 +  [Bug fix] Fixed a QUIC engine bug and made QUIC more DoS attack resistant.
 +
 +=== Build 5 ===
 +
 +  [Bug Fix] Updated WHM plugin to v3.3.3.2 to fix a bug introduced in the previous version that caused most plugin actions to result in a PHP fatal error.
 +  [Bug Fix] To avoid server crash, PCLMUL will be disabled in the zlib library if the server CPU does not support PCLMUL instructions.
 +
 +=== Build 4 ===
 +
 +  [New feature] Web Cache Manager CLI support for DirectAdmin.
 +  [Bug fix] Fixed websocket proxy from https to ws:// backend; made WHM terminal work properly through proxy.
 +  [Bug fix] Improved compatibility with Apache; "​Require ip xxx" can bypass HTTP authentication.
 +  [Bug fix] Added support for "​AddEncoding br ..." to avoid double compression.
 +  [Bug fix] Updated WebAdmin code to avoid some E_STRICT warnings.
 +  [Bug fix] Fixed server PUSH parsing problem when '​Link'​ header contains multiple URLs.
 +
 +=== Build 3 ===
 +
 +  [Bug fix] Fixed an ACL bug occurring when environment variables are used in Allow/Deny configurations.
 +  [Bug fix] Fixed a request parser bug which caused the server to crash when a partition holding a temp file is out of space.
 +  [Bug fix] Fixed a cache engine bug that caused requests to certain URLs to hang.
 +
 +=== Build 2 ===
 +
 +  [Bug fix] Fixed a regression in PHP daemon mode that causes 503 errors.
 +
 +=== Build 1 ===
 +
 +  [Bug fix] Fixed an IP2Location configuration bug that could cause the server to crash during startup.
 +  [Bug fix] Fixed a bug with nested ESI subrequests that caused random crashes.
 +
 +=== Build 0 ===
 +
 +  [Security] Added built-in filter to block attempts at hacking LiteMage with crafted ESI requests.
 +  [New Feature] lscmctl script can now be used to install/​uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel. ​
 +  [New Feature] Recommend a plugin or broadcast a message to all discovered WordPress installations with the dash notify feature, available in both the lscmctl script and WHM plugin.
 +  [Improvement] Bundled WHM and user-end cPanel plugins have been updated to v3.3.1 and v1.2.0.2 respectively.
 +  [Improvement] Support request header sizes of up to 64K.
 +  [Improvement] Ignore <if> <​else>​ <​elseif>​ configuration contexts.
 +  [Improvement] Added support for Apache configuration directive ""​Require ip ...""​.
 +  [Improvement] Improved lsup.sh with stable release tier.
 +  [Improvement] Improved rc-inst.sh to install systemd unit file for Plesk + Debain/​Ubuntu.
 +  [Improvement] Improved NodeJS application compatibility and mod_passenger configuration handling.
 +  [Improvement] Added autoconfig for PHP 7.4.
 +  [Improvement] Improved compatibility with LSAPI 7.3 .
 +  [Improvement] Improved HPACK encoding performance.
 +  [Improvement] Cache engine now updates ""​X-LiteSpeed-Cache-Control max-age""​ value based on actual expire time when a front-end lscache proxy exists. ​
 +  [Improvement] Improved compatibility with Apache mod_security on variables REQUEST_BODY,​ REQUEST_FILENAME and LAST_UPDATE_TIME.
 +  [Improvement] Fixed PHP handler compatibility issues with Plesk'​s updated configuration template.
 +  [Improvement] Improved WordPress brute force detection IP logging.
 +  [Bug fix] Fixed an Apache SSL vhost SNI configuration bug.
 +  [Bug fix] Fixed a QuicEngine bug that could cause broken responses.
 +  [Bug fix] Fixed a cache + ESI engine bug that caused random server crashes.
 +  [Bug fix] Fixed rewrite engine infinite loop when rewrite map file is stored in an NFS mount.
 +  [Bug fix] Improved detached mode process manager to accurately stop detached processes when requested.
 +  [Bug Fix] Added User-Agent and Referer headers to server pushed requests to avoid failing possible checks in a user's custom configuration.
 +  [Bug Fix] Fixed FreeBSD 100% cpu usage for kqueue event loops when AIO logging is enabled.
 +  [Bug Fix] Fixed an SSL OCSP stapling bug.
 +  [Bug Fix] Fixed broken server restart when port offset had been set.
 +  [Bug Fix] Fixed a memory leak in the GeoIP module.
  
 ===== Version 5.3.7 ===== ===== Version 5.3.7 =====
 +
 +
 +=== Build 8 ===
 +
 +  [Bug Fix] Fixed a cache + ESI bug that could cause random crashes.
 +  [Bug Fix] Fixed a rewrite engine bug.
 +  [Bug Fix] Fixed a memory leak in the GeoIP module.
 +  [Bug Fix] Fixed a Plesk compatibility issue.
 +
 +=== Build 7 ===
 +
 +  [Improvement] Better WordPress brute force detection IP logging.
 +  [Improvement] Allow request header sizes greater than 32K.
 +  [Improvement] Added PID to error log messages for worker processes.
 +  [Bug fix] Fixed a Ruby selector regression introduced in v5.3.7 build 3.
 +  [Bug fix] Fixed an SSL OCSP stapling bug.
 +  [Bug Fix] Fixed broken server restart when port offset had been set.
 +
 +=== Build 6 ===
 +
 +  [New Feature] Added the ability to install/​uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel using the lscmctl script.
 +  [Improvement] Fixed PHP handler compatibility issues with Plesk'​s updated configuration template.
 +  [Improvement] Improved LSAPI compatibility with LSAPI 7.3 .
 +  [Improvement] Improved HPACK encoding performance.
 +  [Improvement] Cache engine now updates X-LiteSpeed-Cache-Control max-age value based on actual expire time when a front-end lscache proxy exists.
 +  [Improvement] Natively configured detached PHP process groups are now gracefully restarted. ​
 +
 +=== Build 5 ===
 +
 +  [New Feature] Recommend a plugin or broadcast a message to all discovered WordPress installations with the dash notify feature available in the lscmctl script and WHM plugin.
 +  [Improvement] Ignore <if> <​else>​ <​elseif>​ configuration contexts.
 +  [Improvement] Added autoconfig for PHP 7.4.
 +  [Update] Updated WHM plugin to v3.3 and user-end cPanel plugin to v1.2.
 +  [Bug Fix] ESI engine bug fix.
 +  [Bug Fix] Fixed freeBSD 100% cpu usage for kqueue event loops.
 +  [Bug Fix] Fixed a detached mode process manager bug that accidentally killed other lshttpd worker processes. ​
 +
 +=== Build 4 ===
 +
 +  [Improvement] Improved lsup.sh with stable tier.
 +  [Improvement] Improved NodeJS application compatibility and mod_passenger configuration handling.
 +  [Bug Fix] Fixed a bug in detached mode process manager that failed to stop running processes under certain server environments.
 +  [Bug Fix] Added User-Agent and Referer headers to server pushed requests to avoid failing possible checks in a user's custom configuration.
 +  [Bug Fix] Implemented mod_security REQUEST_BODY as a dedicate variable.
 +
 +=== Build 3 ===
 +
 +  [Improvement] Improved rc-inst.sh to install systemd unit file for Plesk + Debain/​Ubuntu.
 +  [Bug fix] Fixed an ESI engine memory management bug that caused random server crashes.
 +  [Bug fix] Fixed rewrite engine infinite loop when rewrite map file is stored in an NFS mount.
 +
 === Build 2 === === Build 2 ===
  
Line 240: Line 405:
   [BUGFIX] Fixed mod_security engine compatibility issue with latest COMODO ruleset.   [BUGFIX] Fixed mod_security engine compatibility issue with latest COMODO ruleset.
   [BUGFIX] Added "​Accept-Range:​ bytes" header back for static files.   [BUGFIX] Added "​Accept-Range:​ bytes" header back for static files.
-  [BUGFIX] Fixed bug in rewrite engine loop redirection detection. ​+  [BUGFIX] Fixed bug in rewrite engine loop redirection detection. 
 + 
 +===== Version 5.3.3 ===== 
 + 
 +=== Build 3 === 
 + 
 +  [Bug Fix]  Fixed a mod_security engine bug that caused incorrect behavior with the comodo ruleset. 
 + 
 +=== Build 2 === 
 + 
 +  [Bug Fix] Made adjustments to PHP handler configuration to fix broken PHP selector. 
 +  [Bug Fix] Fixed a memory leak in HTTP/2. 
 +  [Bug Fix] Fixed a crash when parsing Apache configuration. 
 + 
 +=== Build 0 === 
 + 
 +  [Bug Fix] Emergency release to ignore faulty rewrite rule introduced by cPanel
  • Admin
  • Last modified: 2024/03/19 21:03
  • by Michael Alegre