Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
litespeed_wiki:changelog [2023/09/19 22:38] Michael Alegre Added info for v6.1.2 build 6. |
litespeed_wiki:changelog [2024/09/10 16:40] (current) Michael Alegre Added release log info for LSWS v6.3.1 builds [0,1]. |
||
---|---|---|---|
Line 2: | Line 2: | ||
**Note:** If a build is missing, you're always able to find it here as well: https://groups.google.com/g/litespeed-edge-users | **Note:** If a build is missing, you're always able to find it here as well: https://groups.google.com/g/litespeed-edge-users | ||
+ | ===== Version 6.3.1 ===== | ||
+ | === Build 1 === | ||
+ | [Bug Fix] Update lsquic to v4.0.11 to address some corner cases. | ||
+ | [Bug Fix] Fix outdated version number. | ||
+ | === Build 0 === | ||
+ | [Security] Block the "litespeed_role" cookie to shield LSCWP from potential brute force attempts. | ||
+ | [New Feature] Add "no-lscache" environment variable to allow the lscache engine to be disabled at the request level. | ||
+ | [New Feature] Load trusted IPs/subnets from standalone list "$SERVER_ROOT/conf/trusted-ip-list". | ||
+ | [Bug Fix] Address compatibility issues with Ruby 3.3 applications. | ||
+ | [Bug Fix] Make RackRunner.rb compatible with Rails 7.2. | ||
+ | [Bug Fix] Minor bug fixes. | ||
+ | |||
+ | ===== Version 6.3 ===== | ||
+ | === Build 3 === | ||
+ | [Bug Fix] Make RackRunner.rb compatible with Rails v7.2. | ||
+ | [Bug Fix] Address hanging ESI processing for page sizes > 1MB. | ||
+ | === Build 2 === | ||
+ | [Bug Fix] Address a v6.3 build 1 regression that caused random crashes. | ||
+ | === Build 1 === | ||
+ | [New Feature] Add "no-lscache" environment variable used to disable the lscache engine at the request level. | ||
+ | [New Feature] Load trusted IP/subnet from standalone list '$SERVER_ROOT/conf/trusted-ip-list'. | ||
+ | [Bug Fix] Address a compatibility issue with Ruby 3.3 applications. | ||
+ | [Bug Fix] Address bad auto index script path under chroot environments. | ||
+ | === Build 0 === | ||
+ | [New Feature] CGI/External app resource limits via cgroups. | ||
+ | [New Feature] CGI/External app file system restrictions via namespace containers. | ||
+ | [New Feature] Advanced anti-DDoS features to protect against request flooding. | ||
+ | [New Feature] Firewall controller to block detected robots at the firewall level. | ||
+ | [New Feature] Easy front end CDN (QUIC.cloud or Cloudflare) detection. | ||
+ | [Improvement] Avoid HTTP/2 stream I/O buffer bloating. | ||
+ | [Improvement] HTTP2/HTTP3 priority (RFC 9218) integration. | ||
+ | [Improvement] Drain request body to avoid browser errors in special cases. | ||
+ | [Improvement] Stop _recaptcha process after idling for 5 minutes. | ||
+ | [Bug Fix] Automatically fix apache2.service override for Plesk. | ||
+ | [Bug Fix] Address a ProxyPass corner case that resulted in redirection looping. | ||
+ | [Bug Fix] Avoid caching partial responses due to interrupted proxy connections. | ||
+ | [Bug Fix] Address rewrite rule compatibility issues with Plesk WP toolkit hotlink protection. | ||
+ | [Bug Fix] Address a corner case in multi-part POST parser. | ||
+ | [Bug Fix] Address a corner case in access logging. | ||
+ | |||
+ | ===== Version 6.2.2 ===== | ||
+ | === Build 4 === | ||
+ | [Bug Fix] Address a compatibility issue with Ruby 3.3 applications. | ||
+ | === Build 3 === | ||
+ | [Bug Fix] Address a corner case in multi-part POST parser. | ||
+ | [Bug Fix] Address a corner case in access logging. | ||
+ | === Build 2 === | ||
+ | [Bug Fix] Automatically fix apache2.service override for Plesk. | ||
+ | [Bug Fix] Address rewrite rule compatibility issues with Plesk WP toolkit hotlink protection. | ||
+ | === Build 1 === | ||
+ | [Bug Fix] Address compatibility issues with older versions of nodejs. | ||
+ | [Bug Fix] Apply server level log rotation setting to modsec audit log. | ||
+ | [Bug Fix] Address a few corner cases in HTTP/3 (lsquic). | ||
+ | === Build 0 === | ||
+ | [New Feature] Add chunked encoding support for proxying request body to backend. | ||
+ | [New Feature] Add cache vary on request header value, automatically vary on header 'X-Http-Method-Override'. | ||
+ | [New Feature] Add detection for flag file 'admin/tmp/.stay_with_lsws' used to prevent automatically switching back to Apache when encountering a licensing issue. | ||
+ | [Improvement] Apply server level log rotation setting to Modsec audit log. | ||
+ | [Improvement] Do not force URL trailing slash for requests to Node.js applications. | ||
+ | [Improvement] Make Node.js startup script compatible with older Node.js versions. | ||
+ | [Bug Fix] Address failure to switch back to Apache issue, "on-failure" restart for Systemd service is now disabled. | ||
+ | |||
+ | ===== Version 6.2.1 ===== | ||
+ | === Build 2 === | ||
+ | [Bug Fix] Address compatibility issues with older versions of nodejs. | ||
+ | [Bug Fix] Apply server level log rotation setting to modsec audit log. | ||
+ | [Bug Fix] Address a few corner cases in HTTP/3 (lsquic). | ||
+ | === Build 1 === | ||
+ | [Bug Fix] Addressed an HTTP/3 0-RTT packet validation issue. | ||
+ | === Build 0 === | ||
+ | [New Feature] Add hCaptcha support for reCAPTCHA validation. | ||
+ | [Improvement] Add support for .mjs nodeJS application startup file. | ||
+ | [Bug Fix] Address a crash related to SecRemoteRules handling. | ||
+ | [Bug Fix] Address a rare corner case causing HTTP/3 responses to hang. | ||
+ | |||
+ | ===== Version 6.2 ===== | ||
+ | === Build 7 === | ||
+ | [Bug Fix] Address a crash related to SecRemoteRules handling. | ||
+ | === Build 6 === | ||
+ | [Bug Fix] Address broken auto index script introduced in build 5. | ||
+ | [Bug Fix] Address a potential HTTP/3 CPU spinning issue. | ||
+ | [Bug Fix] Address a false positive in install script that reports a port is in use. | ||
+ | === Build 5 === | ||
+ | [Bug Fix] Do not force override LSAPI_MAX_IDLE_CHILDREN if set explicitly. | ||
+ | [Bug Fix] Address PHP 8.2 warning in directory auto index script. | ||
+ | [Bug Fix] Address an issue in handling custom status code. | ||
+ | [Bug Fix] Increase rewrite engine PCRE match limit to avoid PCRE_ERROR_MATCHLIMIT. | ||
+ | [Tuning] Add dark mode for server generated error page and directory index page. | ||
+ | === Build 4 === | ||
+ | [Bug Fix] Fix a rare corner case in HTTP/3. | ||
+ | [Bug Fix] Fix "RewriteOptions IngoreInherit" | ||
+ | [Bug Fix] enable suEXEC for PHP 8.3 by default. | ||
+ | === Build 3 === | ||
+ | [Bug Fix] Fix no-abort for CGI script. | ||
+ | [Bug Fix] Fix Redirect 410 handling. | ||
+ | [Bug Fix] Fix python application with long vhost name. | ||
+ | [Bug Fix] Fix CPU spinning caused by HTTP/3 corner case. | ||
+ | === Build 2 === | ||
+ | [Bug Fix] Fix HTTP/3 session resumption bug introduced in 6.2 Build 1. | ||
+ | === Build 1 === | ||
+ | [Security] Disable HTTP/2 when detecting a rapid reset attack. | ||
+ | [Improvement] Override server level per client connection soft limit with vhost level limit. | ||
+ | [Tuning] Limit pipe logger buffer size to 1MB. | ||
+ | [Bug Fix] Fix RackRunner.rb bug introduced in 6.1.2 build 8. | ||
+ | [Bug Fix] Fix minor mod_security issues. | ||
+ | === Build 0 === | ||
+ | [New Feature] Update HTTP/3 implementation to support QUICv2 protocol. | ||
+ | [New Feature] mod_security engine now has an option to use RE2 instead PCRE regex engine. | ||
+ | [New Feature] Add vhost level max request body length and max dynamic response length configurations. | ||
+ | [New Feature] Add vhost level dedicated PHP handler configuration option. | ||
+ | [New Feature] Add support for rewrite flags "BNP", "backrefnoplus", "BCTLS", and "BNE". | ||
+ | [Improvement] Improve reCAPTCHA custom error page handling to avoid expensive dynamic processing. | ||
+ | [Improvement] Add missing access log format following Apache spec. | ||
+ | [Improvement] Enhance Apache expression support with dynamic regular expression matching. | ||
+ | [Improvement] Apache expression support in RewriteCond. | ||
+ | [Improvement] Virtual host level reCAPTCHA trigger by concurrent connections. | ||
+ | [Security] More strict request header validation. | ||
+ | [Bug Fix] Fix a compatibility issue with Rack version >3.0 for Ruby applications. | ||
+ | [Bug Fix] Allow use of stdout/stderr as log file names. | ||
+ | [Bug Fix] Address large request header compatibility issue with PHP-FPM. | ||
+ | [Tuning] Add PHP 8.3 support. | ||
+ | [Tuning] Lift default virtual memory limit for external applications. | ||
+ | [Bug Fix] Minor bug fixes to cache engine, mod_security engine, and request handling. | ||
===== Version 6.1.2 ===== | ===== Version 6.1.2 ===== | ||
+ | === Build 8 === | ||
+ | [New Feature] Add support for rewrite flags "BNP", "backrefnoplus", "BCTLS", and "BNE". | ||
+ | [Bug Fix] Fix cp_switch_ws.sh switch back to Apache failure. | ||
+ | [Bug Fix] Fix a compatibility issue with Rack version >3.0 for Ruby applications. | ||
+ | [Bug Fix] Allow use of stdout/stderr as log file names. | ||
+ | [Bug Fix] Fix a mod_security engine Multi-thread race condition. | ||
+ | === Build 7 === | ||
+ | [Bug Fix] Address a bug in expression parser introduced in build 5. | ||
=== Build 6 === | === Build 6 === | ||
[Bug Fix] Address a bug in RewriteCond expression parser. | [Bug Fix] Address a bug in RewriteCond expression parser. |