File: CHANGES-FCGID

package info (click to toggle)
libapache2-mod-fcgid 1:2.3.9-4
  • links: PTS, VCS
  • area: main
  • in suites: buster, sid
  • size: 1,456 kB
  • sloc: ansic: 5,912; xml: 1,052; sh: 118; sed: 64; awk: 37; makefile: 21
file content (278 lines) | stat: -rw-r--r-- 13,043 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
                                                         -*- coding: utf-8 -*-
Changes with mod_fcgid 2.3.9

  *) Revert fix for PR 53693, added in 2.3.8 but undocumented.  Fix
     issues with a minor optimization added in 2.3.8.  [Jeff Trawick]

Changes with mod_fcgid 2.3.8

  *) SECURITY: CVE-2013-4365 (cve.mitre.org)
     Fix possible heap buffer overwrite.  Reported and solved by:
     [Robert Matthews <rob tigertech.com>]

  *) Add experimental cmake-based build system for Windows.  [Jeff Trawick]

  *) Correctly parse quotation and escaped spaces in FcgidWrapper and the
     AAA Authenticator/Authorizor/Access directives' command line argument,
     as currently documented.  PR 51194  [William Rowe]

  *) Honor quoted FcgidCmdOptions arguments (notably for InitialEnv
     assignments).  PR 51657  [William Rowe]

  *) Conform script response parsing with mod_cgid and ensure no response
     body is sent when ap_meets_conditions() determines that request
     conditions are met.  [Chris Darroch]

  *) Improve logging in access control hook functions.  [Chris Darroch]

  *) Avoid making internal sub-requests and processing Location headers
     when in FCGI_AUTHORIZER mode, as the auth hook functions already
     treat Location headers returned by scripts as an error since
     redirections are not meaningful in this mode.  [Chris Darroch]
     
Changes with mod_fcgid 2.3.7

  *) Introduce FcgidWin32PreventOrphans directive on Windows to use OS
     Job Control Objects to terminate all running fcgi's when the worker
     process has been abruptly terminated. PR: 51078
     [Thangaraj AntonyCrouse <thangaraj gmail.com>]

  *) Periodically clean out the brigades which are pulling in the request 
     body for handoff to the fcgid child. PR: 51749
     [Dominic Benson <dominic.benson thirdlight.com>]

  *) Resolve crash during graceful restarts. PR 50309
     [Mario Brandt <JBlond gmail.com>]

  *) Solve latency/cogestion of resolving effective user file access rights
     when no such info is desired, for config related filename stats. 
     PR: 51020 [Thangaraj AntonyCrouse <thangaraj gmail.com>, William Rowe]

  *) Fix regression in 2.3.6 which broke process controls when using vhost-
     specific configuration.  [Jeff Trawick]

  *) Account for first process in class in the spawn score.  [Jeff Trawick]

Changes with mod_fcgid 2.3.6

  *) SECURITY: CVE-2010-3872 (cve.mitre.org)
     Fix possible stack buffer overwrite.  Diagnosed by the reporter.
     PR 49406.  [Edgar Frank <ef-lists email.de>]

  *) Change the default for FcgidMaxRequestLen from 1GB to 128K.
     Administrators should change this to an appropriate value based on
     site requirements.  [Jeff Trawick]

  *) Allow FastCGI apps more time to exit at shutdown before being
     forcefully killed.  [Jeff Trawick]

  *) Correct a problem that resulted in FcgidMaxProcesses being ignored
     in some situations.  PR 48981.  [<rkosolapov gmail.com>]

  *) Fix the search for processes with the proper vhost config when
     ServerName isn't set in every vhost or a module updates 
     r->server->server_hostname dynamically (e.g., mod_vhost_cdb)
     or a module updates r->server dynamically (e.g., mod_vhost_ldap).
     [Jeff Trawick]

  *) FcgidPassHeader now maps header names to environment variable names
     in the usual manner: The header name is converted to upper case and
     is prefixed with HTTP_.  An additional environment variable is 
     created with the legacy name.  PR 48964.  [Jeff Trawick]

  *) Allow processes to be reused within multiple phases of a request
     by releasing them into the free list as soon as possible.
     [Chris Darroch]

  *) Fix lookup of process command lines when using FcgidWrapper or
     access control directives, including within .htaccess files.
     [Chris Darroch]

  *) Resolve a regression in 2.3.5 with httpd 2.0.x on some Unix platforms;
     ownership of mutex files was incorrect, resulting in a startup failure.
     PR 48651.  [Jeff Trawick, <pservit gmail.com>]

  *) Return 500 instead of segfaulting when the application returns no output.
     [Tatsuki Sugiura <sugi nemui.org>, Jeff Trawick]

  *) In FCGI_AUTHORIZER role, avoid spawning a new process for every
     different HTTP request.  [Chris Darroch]

Changes with mod_fcgid 2.3.5

  *) Stop using the unsuppressable "notice" log level for debug and 
     informational messages.  PR 48536.  [Jeff Trawick]

  *) Respect DEFAULT_REL_RUNTIMEDIR for default values of FcgidIPCDir and 
     FcgidProcessTableFile.  [Jeff Trawick]

  *) Resolve fatal EDEADLK errors with threaded MPMs on Solaris.  [Jeff Trawick]

  *) Display information about active processes in the server-status page.
     [Ryan Pan]

  *) Fix compatibility of httpd.conf-editing logic with non-GNU awk.  PR 48067.
     [Hans Werner Strube <strube physik3.gwdg.de>]

  *) Fix startup errors creating shared memory in constrained systems, such
     as OS X in its default configuration.  This is a regression since mod_fcgid
     2.2.  [Jeff Trawick]

  *) Recover from most "Resource temporarily unavailable" errors writing the
     request to the FastCGI application.  These were common with large request
     bodies on Mac OS X and intermittent on Solaris.  PR 48025.  [Jeff Trawick]

  *) Fix a bug in fixconf.sed that resulted in a prefix of "FcgidFcgid" on the
     updated directives.  [Dan Hulme <dhulme gmail.com>]

  *) Fix possible corruption or truncation of request bodies which exceed
     FcgidMaxRequestInMem.  This is a regression since mod_fcgid 2.2, which
     effectively ignored FcgidMaxRequestInMem if larger than 8K.  PR 48021.
     [Jeff Trawick]

  *) Fix handling of the request body when a FastCGI access checker/
     authenticator/authorizer (AAA) was configured.  The body wasn't available
     for the request handler.  PR 47973.
     [Jeff Trawick, Barry Scott <barry.scott onelan.co.uk>]

  *) Fix handling of FcgidCmdOptions so that it can apply to wrapper scripts
     which were defined with command-line arguments on the FcgidWrapper
     directive.  [Jeff Trawick]

Changes with mod_fcgid 2.3.4

  *) Corrected unix 'make install' target regression in 2.3.3.  [Jeff Trawick]

Changes with mod_fcgid 2.3.3

  *) Add FcgidCmdOptions directive to associate some of the existing
     configuration settings with a specific command.  [Jeff Trawick]

  *) Allow/respect virtual host settings for the following directives:
     FcgidBusyTimeout, FcgidMaxProcessesPerClass, FcgidMinProcessesPerClass,
     FcgidIdleTimeout, and FcgidProcessLifetime.  [Jeff Trawick]

Changes with mod_fcgid 2.3.2

  *) Fix a make install DESTDIR problem handling the reference manual and
     potentially other files (specific to 2.3.1).
     [Paul Howarth <paul city-fan.org>]

  *) Fix a mod_fcgid 2.3.1 failure with <sys/mutex.h> when building for
     httpd 2.0.x on some platforms.  [Paul Howarth <paul city-fan.org>]

  *) Termination of idle processes after inactivity timeout can now be 
     disabled by setting FcgidIdleTimeout to 0.  Termination of idle 
     processes based on the process lifetime can now be disabled by setting
     FcgidProcessLifeTime to 0.  FcgidMaxRequestsPerProcess now accepts 0
     for unlimited.  [Ricardo Cantu <ricardo smartcsc.com>]

  *) All directives have been renamed in order to use a common prefix "Fcgid".
     Underscores in directive names have been eliminated in favor of
     CamelCase. The old directive names will still work but are deprecated.
     To fix your configuration you can use the sed script build/fixconf.sed.
     The following tables contains old and new directive names.

     Old Name                           New Name
     ...................................................................
     BusyScanInterval                   FcgidBusyScanInterval
     BusyTimeout                        FcgidBusyTimeout
     DefaultInitEnv                     FcgidInitialEnv
     DefaultMaxClassProcessCount        FcgidMaxProcessesPerClass
     DefaultMinClassProcessCount        FcgidMinProcessesPerClass
     ErrorScanInterval                  FcgidErrorScanInterval
     FastCgiAccessChecker               FcgidAccessChecker
     FastCgiAccessCheckerAuthoritative  FcgidAccessCheckerAuthoritative
     FastCgiAuthenticator               FcgidAuthenticator
     FastCgiAuthenticatorAuthoritative  FcgidAuthenticatorAuthoritative
     FastCgiAuthorizer                  FcgidAuthorizer
     FastCgiAuthorizerAuthoritative     FcgidAuthorizerAuthoritative
     FCGIWrapper                        FcgidWrapper
     IdleScanInterval                   FcgidIdleScanInterval
     IdleTimeout                        FcgidIdleTimeout
     IPCCommTimeout                     FcgidIOTimeout
     IPCConnectTimeout                  FcgidConnectTimeout
     MaxProcessCount                    FcgidMaxProcesses
     MaxRequestInMem                    FcgidMaxRequestInMem
     MaxRequestLen                      FcgidMaxRequestLen
     MaxRequestsPerProcess              FcgidMaxRequestsPerProcess
     OutputBufferSize                   FcgidOutputBufferSize
     PassHeader                         FcgidPassHeader
     PHP_Fix_Pathinfo_Enable            FcgidFixPathinfo
     ProcessLifeTime                    FcgidProcessLifeTime
     SharememPath                       FcgidProcessTableFile
     SocketPath                         FcgidIPCDir
     SpawnScore                         FcgidSpawnScore
     SpawnScoreUpLimit                  FcgidSpawnScoreUpLimit
     TerminationScore                   FcgidTerminationScore
     TimeScore                          FcgidTimeScore
     ZombieScanInterval                 FcgidZombieScanInterval

  *) Separate classes by virtual host also on Windows.  [Rainer Jung]

  *) Log client IP address with many more error log messages.  [Jeff Trawick]

  *) Fix basic implementation of FcgidMaxRequestInMem and FcgidMaxRequestLen
     directives.  [Jeff Trawick]

  *) Merge per-directory directives so that they can be inherited or
     overridden within other containers as expected.  Merge server config/
     virtual host directives so that they can be inherited or overridden
     within a virtual host as expected. [Jeff Trawick]

  *) Use the virtual host settings for the request being processed instead
     of those of the first FastCGI request handled by this httpd child process.
     Affected directives: FcgidBusyTimeout, FcgidIOTimeout,
     FcgidConnectTimeout, FcgidMaxRequestsPerProcess, and FcgidOutputBufferSize.
     [Jeff Trawick]

  *) Directives which previously were ignored in a virtual host context are no
     longer allowed.  [Jeff Trawick]

  *) Add an optional flag "virtual" to FcgidWrapper.
     If virtual is set, the URLs passed to the wrapper are not
     checked, whether they resolve to a file.  [Rainer Jung]

  *) Make the second argument (suffix) for FcgidWrapper optional.
     A wrapper defined without a suffix applies to all URLs, unless
     there is another more specific wrapper with a suffix.  [Rainer Jung]

Changes with mod_fcgid 2.3.1

  *) Suppress "need AuthType to note auth failure" error-level messages when a
     FastCGIAccessChecker fails without any other kind of authentication 
     (Basic, Digest) configured.  [Eric Covener]
  
  *) Complete the unix port to 2.3-dev trunk.  [William Rowe]

  *) Provide a default, mandatory environment as with mod_cgi (with the
     inclusion of LD_LIBRARY_PATH or similar variables on other platforms),
     unless overridden by DefaultInitEnv.  [William Rowe]

  *) Handle DefaultInitEnv for case-insensitive platforms by forcing the env
     variable names to uppercase on Win32, OS2 and Netware.  [William Rowe]

  *) Don't try to set the ownership of the socket directory unless running
     as root and the directory was just created.  This allows the default
     httpd.conf (with some daemon User/Group) to be used by non-root.
     [Jeff Trawick]

  *) Fix formatting of several messages, including the oft-seen "mod_fcgid: 
     Can't create shared memory for size %zu byte".  [Jeff Trawick]

  *) Fix declared names of FastCgiAuthenticator and FastCgiAuthenticator-
     Authoritative directives, allowing them to be used.  [Ulf Haueisen
     <ulf dvlp.de>]

  *) Fix vhost-specific DefaultInitEnv settings.  Previously, when setting 
     multiple virtual hosts with the same SuexecUserGroup user and group, the
     process manager use the same process pool for both virtual hosts. This 
     means if one virtual host has a DefaultInitEnv and the other has 
     different values set, a fastcgi request from any of these virtual host
     can go to the same processes, which is inconsistent (a request from 
     virtualhost a with DefaultInitEnv VAL "a", can go to a process spawned 
     with virtualhost b with DefaultInitEnv VAL "b" set).  [Gabriel Barazer
     <gabriel oxeva.fr>]

Note: A log of changes released before moving to the ASF (releases 2.2 and 
earlier) is in the file ChangeLog.