[Pkg-nginx-maintainers] Bug#844473: Update nginx module nchan to 1.0.6

junk at slact.net junk at slact.net
Wed Nov 16 05:01:00 UTC 2016


Package: nginx
Version: 1.10.2-2

I'm the author of Nchan and I've released a new version with some
important bugfixes, security fixes, and new features. It would be nice
if the Nginx package could be updated to the latest version, 1.0.6

https://nchan.slact.net/changelog

Changes since 1.0.2 (current version in the Debian package):

1.0.6 (Nov. 15 2016)
 fix: large messages were sometimes incorrectly cleaned up, leaving
behind temp files
 fix: file descriptor leak when listening on a unix socket and suddenly
aborting client connections
 fix: invalid memory access after reloading twice with redis enabled
 fix: crash after shutting down nginx when 'master_process' set to 'off'
 change: nchan_max_channel_subscribers now always refers to subscribers
on this instance of Nchan, even when using Redis.
 feature: subscribe/unsubscribe callbacks with nchan_subscribe_request
and nchan_unsubscribe_request
1.0.4 (Oct. 28 2016)
 security: fix crash when receiving large messages over websocket with
ws+nchan subprotocol
1.0.3 (Sept. 3 2016)
 feature: nchan_message_timeout and nchan_message_buffer_length can now
use nginx variables for dynamic values
 fix: unsolicited websocket PONGs disconnected the subscriber in
violation of RFC6455
 fix: possible script error when getting channel from Redis
 fix: possible incorrect message IDs when using Redis (thanks @supertong)
 security: possible invalid memory access on publisher GET, POST, or
DELETE when using Redis and the publisher connection is terminated
before receiving a response
 fix: correct publisher response code when nchan_authorize_request is
unavailable (502 instead of 500)
 security: crash if publisher POSTs request with no Content-Length
header when using nchan_authorize_request

https://nchan.slact.net/

Thanks,
   Leo P.



More information about the Pkg-nginx-maintainers mailing list