Uwsgi

[20190209]

Maintenance release


Changes
-------

- Fixed support for Python 3.7 (Takumi Akiyama)
- Allow to use autoport (socket :0) with custom socket backlog (Pavel Patrin)
- pyuwsgi ported to python3 (thanks lincolnloop)
- pyuwsgi packages fixes (Peter Baumgartner)
- pyuwsginossl build configuration for building pyuwsgi without ssl support (Peter Baumgartner)
- Fix unix socket inheritance after reload on FreeBSD (Anton Yuzhaninov)
- Fix crashes with --wsgi-env-behavior=holy (#1950)
- Fix invalid free in python plugin (Riccardo Magliocchetti, #1942)
- Fix compilation warnings with gcc-8 (Riccardo Magliocchetti, Ruslan Bilovol #1819)
- Fix spooler python references (Brett Rosen)
- Don't generate build warnings in systemd_logger (Chris Mayo)
- Fix segmentation fault during worker shutdown (Allan Feldman, #1651)


Availability
------------

You can download uWSGI 2.0.18 from https://projects.unbit.it/downloads/uwsgi-2.0.18.tar.gz

[20180708]

Maintenance release


Changes
-------

- Fixed memory leak in HTTPS_CLIENT_CERTIFICATE
- TLSv1 is now disabled by default (you can re-enable it with ssl-enable-tlsv1 at your own risk)
- Improved daemons throttle system
- Add "secs" log formatting variable (André Cruz)
- Improved snprintf() usage to be OpenBSD-friendly (Henrik, http://50hz.ws/)
- Improved glibc crypt/crypt_r management (Jakub Jelen, afazekas)
- Fixed websocket pong timeout check (adrianbg)
- Add the "License" classifier to setup.py (Jon Dufresne)
- Add support for php user.ini (Jacco Koning)
- Official support for Python 3.7 (luchr)

Availability
------------

You can download uWSGI 2.0.17.1 from https://projects.unbit.it/downloads/uwsgi-2.0.17.1.tar.gz

============

[20180226]

Maintenance release


Changes
-------

- The Emperor throttling subsystem does not make use anymore of blocking functions, like usleep(), this should fix stats serving and should improve vassals startup time
- [Security/PHP] enforce DOCUMENT_ROOT check when using --php-docroot to avoid directory traversal (Marios Nicolaides)
- added --shutdown-sockets to improve graceful shutdowns (Andrew Wason)

Availability
------------

You can download uWSGI 2.0.17 from https://projects.unbit.it/downloads/uwsgi-2.0.17.tar.gz

[20180210]

Maintenance release

Security
------

- [CVE-2018-6758] Stack-based buffer overflow in core/utils.c:uwsgi_expand_path()

Changes
-------

- Backported early_post_jail plugin hook (Bjørnar Ness)
- Fixed ipv6 suupport for http-socket (James Brown)
- Enable execinfo on DragonFly BSD (Aaron LI)
- Fix inet_ntop buffer size (Orivej Desh)
- Add worker running time metrics (Serge/yasek)
- Backported safe-pidfile, safe-pidfile2 (Nate Coraor)
- Stop using libxml2 by default on osx
- Fixed uwsgi_kvlist_parse signature
- Backport http range fixes from master (Curtis Maloney, Sokolov Yura)
- relicensed mod_proxy_uwsgi to Apache 2.0
- logging: Add ${millis} support to json encode
- plugins/router_xmldir: fixup invalid locale check (Riccardo Magliocchetti)
- Add ssl-verify-depth flag to set the max Client CA chain length (Paul Tagliamonte)
- Allow to override build date (Bernhard M. Wiedemann)
- Python 3 plugin: improved thread names handling (Jyrki Muukkonen, Mark Meyer)
- Added uwsgi_resolve_ip for redis host (ahmbas)
- plugins/gevent: Fix signal handlers (Maslov Alexander)
- Write x509 DER to the uwsgi buffer (Paul Tagliamonte)
- plugin/http: Fix compilation (Melvyn Sopacua)
- Fixed emperor throttling system (Jeremy Hiatt)
- Fix application loading without Plack after excluding "." from @INC in new Perl versions (Anton Petrusevich)
- Fix MULE MSG QUEUE IS FULL message hint (Eugene Tataurov)
- Build System: support k_minor has a _xxx suffix (TOGO Li)
- Fixed drop-after-* options (Robert DeRose)
- Add mule_send_msg success indicator (Josh Tiras)
- Properly check item size in uwsgi_queue_push (Josh Tiras)
- FastRouter / HTTP Router can now have a 'fallback' key configured
- HTTP Router now supports `post-buffer`, just like FastRouter
- Fix handling of `env` in embedded dict in Python plugin (could cause segfaults in single thread mode)
- Add support for Brotli (.br) with `--static-gzip`
- Back-ported HTTP/1.1 support (--http11-socket) from 2.1

Availability
------------

You can download uWSGI 2.0.16 from https://projects.unbit.it/downloads/uwsgi-2.0.16.tar.gz

[20170330]

Maintenance release

Issues
------

Unfortunately there are still 2 unfixed long standing bugs in this release:

- suwsgi protocol behind nginx does not work reliably when a request body is sent by the client (https://github.com/unbit/uwsgi/issues/1490). As we cannot reproduce it in uWSGI itself, we will start checking in the nginx module too
- There are reports of the "holy" wsgi env allocator crashing on specific conditions, this release includes a bunch of workarounds but they could not be enough

Changes
-------

- workaround for the holy allocator for avoiding crashes with newrelic (see Issues notes)
- avoid time overflow in request logs during (even minimal) clock skew
- fixed python logger with python3
- fixed catch-exceptions with python3
- backported "don't clone $env->{'psgix.io'} on 'PSGI cancel'"
- added support for authentication in the redis logger
- added the spinningfifo action hook to the core
- fixed compilation with php 7.1 (Дамјан Георгиевски)
- correctly returns error code 22 in lazy_apps + master_mode
- fixed compilation for OpenSSL 1.1 (Riccardo Magliocchetti)
- Add a --skip-atexit-teardown option to skip perl/python teardown (Ævar Arnfjörð Bjarmason)
- fixed static file serving over https-socket

Availability
------------

You can download uWSGI 2.0.15 from https://projects.unbit.it/downloads/uwsgi-2.0.15.tar.gz

[20161003]

Maintenance release

Changes
-------

- backported gevent-early-monkey-patch (jianbin-wei)
- Fixed OpenBSD version check (Pavel Korovin)
- PSGI/Perl cache api fixes (Alexander Demenshin)
- Correctly decode PATH_INFo in router_rewrite plugin (Ben Hearsum)
- add uwsgi.accepting() for chain-reload + worker-override combo (enkore)
- fixed workers killing when in cheaper modes (Shoham Peller)
- added --cgi-safe option (nnnn20430)
- Implemented graceful reload for COROAE plugin (aleksey-mashanov)
- Added --php-fallback2, --php-fallback-qs (Felicity unixwitch)
- Added ipv4in and ipv6in routing rules (Felicity unixwitch)
- Fixed readline support in python3 when working interactively (Anthony Sottile)
- Implement touch-reloading for mules and spoolers (Alexandre Bonnetain)
- add request_start timestamp in stats (Ben Plotnick)
- Fixed double free in uwsgi_routing_func_rewrite (William Orr)
- Various mod_proxy_uwsgi fixes (Ya-Lin Huang)
- support for 'no-answer' in PSGI (Anton Petrusevich)
- added php-constant option (Дамјан Георгиевски [gdamjan])
- added the stdio logger (Дамјан Георгиевски [gdamjan])
- spooler: fix reading inconsistent data (Pavel Patrin)
- Removed -WError from the build procedure (Riccardo Magliocchetti, suggested by Ian Denhardt)
- The usual amount of coverity-based fixes (Riccardo Magliocchetti)

Availability
------------

You can download uWSGI 2.0.14 from https://projects.unbit.it/downloads/uwsgi-2.0.14.tar.gz