Release Notes: Several bugs introduced with speculative I/O were fixed, as well as another rare one on TCP. Support for URI hashing and SMTP health checks was added. The heavy rbtree was replaced with a faster ul2tree, giving about a 5% performance boost. A new framework to implement ACLs was written, with a preliminary support for IP, port, and URI criteria. Users of 1.3.9 on Linux should really upgrade to fix issues caused by speculative I/O.
Release Notes: Two major changes: a rework of the whole polling system to implement a real event cache, and HTTP keep-alive is now enabled by default, so users will no longer be confused by the tunnel mode. Other nice updates include SSL handshake optimizations, more debugging info on the stats socket, the ability to rate-limit SSL to protect the resources, sample fetches to retrieve captured headers, automatic stickiness to the same server after 401/407, and the new "tcp-check connect" directive to check multiple ports on a server. 32 bugs were fixed since dev21.
Release Notes: This release fixes a few annoying bugs. Use this version instead of 1.5-dev20 to be safe.
Release Notes: Many new features are included in this version, including server-side keep-alive, maps, use of log-format syntax in redirects, agent-check, tcp-check send/expect, and important memory savings. 71 bugs were fixed. Thanks to the entry of server-side keep-alive, this should be the last development version before the final 1.5 release (unless new bugs appear and require another one).
Release Notes: This version fixes two possible crashes, one of them remotely triggered (CVE-2013-2175) involving use of a negative occurrence number in hdr_* fetches. Other long-standing improvements were finally merged, such as http-response, dynamic setting of priority, DSCP headers, Netfilter mark and log level, transparent proxy on *BSD, fetching of environment variables, conditional PROXY protocol by ACL, 3 parallel stick-counters instead of 2, reworking of the doc to simplify the search of ACL/fetch keywords, and further-improved configuration error reporting. All 1.5 users must upgrade.
Release Notes: This release fixes a crash which could occur when a configuration made use of hdr_ip(name,-1) or "usesrc hdr_ip(name)", if the client sent a certain number of values of the requested header. CVE-2013-2175 was assigned to this bug. All users of 1.4 must upgrade or apply the fix.