Assets 2

Security Patch Release

Recommended Action

  • Essential Upgrade -- All users strongly advised to upgrade
  • Recommended Upgrade -- Upgrade recommended but not essential
  • Optional Upgrade -- Upgrade only if convenient

Change Log

  • Fix basic/digest auth bypass #610
  • Upgrade to match new Pak release (0.12.4) and using pak.json instead of package.json
  • Update for OpenSSL 1.1.0, Mbedtls 2.8.0, Sqlite 3.23.1
  • Update for Alpine linux

Build Requirements

  • To build, requires MakeMe 0.10.8 or later
  • To install packages, use Pak 0.12.4 or later

See

Apr 14, 2018

@mobrien mobrien released this Feb 13, 2018 · 26 commits to master since this release

Assets 2

Security Patch Release

Recommended Action

  • Essential Upgrade -- All users strongly advised to upgrade
  • Recommended Upgrade -- Upgrade recommended but not essential
  • Optional Upgrade -- Upgrade only if convenient

Change Log

  • Fix denial of service #605

Build Requirements

  • To build, requires MakeMe 0.10.7 or later
  • To install packages, use Pak 0.12.4 or later

See

@mobrien mobrien released this Sep 28, 2017 · 51 commits to master since this release

Assets 2

Minor Patch Release

Recommended Action

  • Essential Upgrade -- All users strongly advised to upgrade
  • Recommended Upgrade -- Upgrade recommended but not essential
  • Optional Upgrade -- Upgrade only if convenient

Change Log

  • Improve Visual Studio 2017 support
  • Cleanup old code

Build Requirements

  • To build, requires MakeMe 0.10.7 or later
  • To install packages, use Pak 0.12.4 or later

See

@mobrien mobrien released this Sep 28, 2017 · 45 commits to master since this release

Assets 2

Major Release

Recommended Action

  • Essential Upgrade -- All users strongly advised to upgrade
  • Recommended Upgrade -- Upgrade recommended but not essential
  • Optional Upgrade -- Upgrade only if convenient

Change Log

  • Visual Studio 2017 support
  • Remove deprecated code

Build Requirements

  • To build, requires MakeMe 0.10.7 or later
  • To install packages, use Pak 0.12.4 or later

See

@mobrien mobrien released this Jun 8, 2017 · 82 commits to master since this release

Assets 2

Minor Patch Release

Recommended Action

  • Essential Upgrade -- All users strongly advised to upgrade
  • Recommended Upgrade -- Upgrade recommended but not essential
  • Optional Upgrade -- Upgrade only if convenient

Change Log

  • Add support for new build farm
  • Fix compiler warnings
  • Update MPR & HTTP
  • Fix MPR cache key pruning

Build Requirements

  • To build, requires MakeMe 0.10.4 or later
  • To install packages, use Pak 0.12.1 or later

See

@embedthis embedthis released this Jun 2, 2016 · 86 commits to master since this release

Assets 2

Minor Patch Release

Recommended Action

  • Essential Upgrade -- All users strongly advised to upgrade
  • Recommended Upgrade -- Upgrade recommended but not essential
  • Optional Upgrade -- Upgrade only if convenient

Change Log

  • Upgrade to mbedtls 2.2.1
  • Fix importing openssl libraries when building
  • Add openssl renegotiation controls via main.me: ssl.handshakes
  • Add issue template
  • Add VxWorks 7 support
  • Fix cross-compiling with sqlite support for esp
  • Fix cross compiling sleuthing the cross compiler options
  • Fix using --set compiler.has* configuration options
  • Added fortification to compiler options and ASLR

Build Requirements

  • To build, requires MakeMe 0.10.4 or later
  • To install packages, use Pak 0.12.1 or later

See

@embedthis embedthis released this Dec 28, 2015 · 126 commits to master since this release

Assets 2

Minor Patch Release

Recommended Action

  • Essential Upgrade -- All users strongly advised to upgrade
  • Recommended Upgrade -- Upgrade recommended but not essential
  • Optional Upgrade -- Upgrade only if convenient

Change Log

  • Fix JSON line number tracking for error reporting
  • Fix openssl support not clearing the buffered read data flag - causing high CPU usage

Build Requirements

  • To build, requires MakeMe 0.10.0 or later
  • To install packages, use Pak 0.12.0 or later

See

@embedthis embedthis released this Dec 28, 2015 · 448 commits to master since this release

Assets 2

Minor Patch Release

Recommended Action

  • Essential Upgrade -- All users strongly advised to upgrade
  • Recommended Upgrade -- Upgrade recommended but not essential
  • Optional Upgrade -- Upgrade only if convenient

Change Log

  • Fix JSON line number tracking for error reporting
  • Fix openssl support not clearing the buffered read data flag - causing high CPU usage

Build Requirements

  • To build, requires MakeMe 0.10.0 or later
  • To install packages, use Pak 0.12.0 or later

See

@embedthis embedthis released this Nov 30, 2015 · 133 commits to master since this release

Assets 2

Minor Feature Release

Recommended Action

  • Essential Upgrade -- All users strongly advised to upgrade
  • Recommended Upgrade -- Upgrade recommended but not essential
  • Optional Upgrade -- Upgrade only if convenient

Compatibility

ESP applications now require an esp.app and http.pipeline properties in their esp.json configuration file. This is to support optional loading esp.json files for stand-alone ESP pages. Previously, the presence of an esp.json file was used as an indicator that the ESP directory contained an ESP application. The http.pipeline property configures the espHandler to serve all requests to the ESP application.

esp: {
    app: true
},
http: {
    pipeline: {
        handlers: 'espHandler',
    }
}

ServerName

The optional ServerName appweb.conf directive defines the host names that will be accepted in client requests. In this version, the ServerName is strictly observed and requests for other host names will not be served.

In legacy Appweb versions, the ServerName also defined the canonical host name to use in redirection responses. This role was replaced by the CanonicalName directive, but the ServerName was only advisory in that requests for non-specified hosts would be served via the default host configuration. In this release, the ServerName directive is strictly enforced and Appweb will only respond to host names specified by the ServerName directive. If a ServerName directive is not specified, then all host names will be served. If a ServerName is specified, then only those host names will be served. If you are wanting to define a canonical name for redirections, use CanonicalName and not ServerName.

Change Log

  • Support loading esp.json files for stand-alone ESP pages
  • Improve esp loading diagnostics
  • Add esp.app and http.pipeline configuration properties
  • Simplify ESP loading code
  • Optimize loading ESP applications

Build Requirements

  • To build, requires MakeMe 0.10.0 or later
  • To install packages, use Pak 0.12.0 or later

See