Permalink
Browse files

releng work for v0.12.

  • Loading branch information...
1 parent ff6ef1f commit eac796e64afdc99c25bdd2698acd37352ab157e0 @agentzh agentzh committed Dec 14, 2009
Showing with 22 additions and 3 deletions.
  1. +15 −2 README
  2. +7 −1 doc/readme.wiki
View
@@ -6,9 +6,9 @@ Name
installation instructions.
Version
- This document describes chunkin-nginx-module v0.11
+ This document describes chunkin-nginx-module v0.12
(<http://github.com/agentzh/chunkin-nginx-module/downloads>) released on
- Dec 9, 2009.
+ Dec 14, 2009.
Synopsis
chunkin on;
@@ -197,6 +197,19 @@ Source Repository
(<http://github.com/agentzh/chunkin-nginx-module>).
ChangeLog
+ v0.12
+ * now we no longer skip those operations between the (interrupted)
+ ngx_http_process_request_header and the server rewrite phase. this
+ fixed the security issues regarding the internal directive as well
+ as SSL sessions.
+
+ * try to ignore CR/LF/SP/HT at the begining of the chunked body.
+
+ * now we allow HT as padding spaces and ignore leading CRLFs.
+
+ * improved diagnostic info in the error.log messages when parsefail
+ occurs.
+
v0.11
* added a random valid-chunked-request generator in t/random.t.
View
@@ -6,7 +6,7 @@
= Version =
-This document describes chunkin-nginx-module [http://github.com/agentzh/chunkin-nginx-module/downloads v0.11] released on Dec 9, 2009.
+This document describes chunkin-nginx-module [http://github.com/agentzh/chunkin-nginx-module/downloads v0.12] released on Dec 14, 2009.
= Synopsis =
@@ -168,6 +168,12 @@ Available on github at [http://github.com/agentzh/chunkin-nginx-module agentzh/c
= ChangeLog =
+== v0.12 ==
+* now we no longer skip those operations between the (interrupted) ngx_http_process_request_header and the server rewrite phase. this fixed the security issues regarding the [[NginxHttpCoreModule#internal|internal]] directive as well as SSL sessions.
+* try to ignore CR/LF/SP/HT at the begining of the chunked body.
+* now we allow HT as padding spaces and ignore leading CRLFs.
+* improved diagnostic info in the error.log messages when parsefail occurs.
+
== v0.11 ==
* added a random valid-chunked-request generator in t/random.t.
* fixed a new connection leak issue caught by t/random.t.

0 comments on commit eac796e

Please sign in to comment.