Version 1.5.x


OpenLiteSpeed Release Log: Version 1.5.x

V1.5.9

2019-11-19

Server Core

  • [Update] lsphp 73 is now used on Linux platforms.
  • [Bug Fix] Fixed a cache module and mod_security-ls conflict that could cause a crash.
  • [Bug Fix] Fix some mod_security-ls compilation issues.
  • [Bug Fix] Fixed permission issues with `autoupdate/` and `tmp/` directories.
  • [Bug Fix] Fixed a bug that caused excessive buffering for HTTP/2 connections.
  • [Bug Fix] Fix Context level external redirects causing errors.
  • [Bug Fix] Fixed a memory leak.

V1.5.8

2019-11-05

Server Core

  • [New Feature] Added support for ‘LS_STDERR_LOG’ environment variable to set up the stderr log file for started processes.
  • [Update] Removed libgeoip dependency.
  • [Update] Update mod_security-ls to always go through reqbody and respBody phases.
  • [Bug Fix] Fixed installation issue with the lshttpd service.
  • [Bug Fix] Fixed a network throttling bug that prevented paused SSL connections from being resumed.
  • [Bug Fix] Fixed a crash that occurred when failing to retrieving client info.
  • [Bug Fix] Fixed lsrecaptcha not being used with front-end proxies.

Cache Module

  • [Bug Fix] Fixed a rare crash that occurred when failing to create a new cache entry.

V1.5.7

2019-10-16

Server Core

  • [New Feature] Added build.sh, a new build tool to build from source code (including any dependencies) for most platforms in a single click.
  • [Improvement] Detached PHP processes will now restart when PHP binary is changed.
  • [Update] Disable TLSv1.0 by default for SSL.
  • [Update] Use LSPHP 7 by default.
  • [Bug Fix] Fixed a bug causing a “[modcompress] AddHooks failed” error.
  • [Bug Fix] Fixed debug log toggle not working.
  • [Bug Fix] Fixed a bug causing high CPU issues when using SSL.
  • [Bug Fix] Fixed PHP memory limit being unable to be set higher than 2GB.
  • [Bug Fix] Fixed stream traffic counter not being reset for new connections.
  • [Bug Fix] Fix Accept-Encoding header being case sensitive.

Cache Module

  • [New Feature] Added stale purge support. With this feature, only the first visitor to a stale cache page will hit the backend with subsequent visitors getting served the stale cache copy until the page has finished being re-cached by the first request.

V1.5.6

2019-08-21

Server Core

  • [Major New Feature] Keep PHP workers running through server restarts with detached mode.

V1.5.5

2019-08-15

Server Core

  • [Security] Addressed recent HTTP/2 DoS advisories. Fixed CVE-2019-9512 “Ping Flood”, CVE-2019-9515 “Settings Flood”, CVE-2019-9516 “0-Length Headers Leak”, and CVE-2019-9518 “Empty Frames Flood” vulnerabilities. Completely blocks unaffected attacks: CVE-2019-9511 “Data Dribble”, CVE-2019-9513 “Resource Loop”, CVE-2019-9514 “Reset Flood”, and CVE-2019-9517 “Internal Data Buffering”.
  • [Bug Fix] Fixed a REMOTE_ADDR env bug for IPv6 that caused roundcube errors.

Web Admin

  • [Security] Updated jquery library from version 2.1.1 to 2.2.4, addressing a cross site scripting vulnerability present in the earlier version.

V1.5.4

2019-08-07

Server Core

  • [Improvement] Added support for HTTP response code 413: response is larger than defined max dynamic response length.
  • [Improvement] Updated install.sh script to make it compatible with FreeBSD.
  • [Bug Fix] Fixed a dllibmodsecurity.sh bug that was causing module modsecurity to fail to build on some operating systems.
  • [Bug Fix] Fixed lsrecaptcha build script getting called incorrectly in the configure.ac script.
  • [Bug Fix] Fixed a bug that caused the server to returned a 404 response code, instead of a 403 response code, when a file had a permission issue.
  • [Bug Fix] Fixed “empty response” bug when serving responses larger than 2GB.
  • [Bug Fix] Fixed an autoLoadHtaccess bug in automatically created contexts where only the first level sub-directory of a Vhost would be loaded.
  • [Bug Fix] Fixed a crash bug when server info was set to display in the response header.
  • [Bug Fix] Fixed a bug when attempting to get new directory paths when automatically adding missing contexts.
  • [Bug Fix] Fixed a forcedType bug of causing extApps to always use server level settings regardless of VHost level settings.

V1.5.3

2019-07-15

Server Core

  • [Security] Perform actions as the autoupdate directory owner in related function.sh and server core code.
  • [New Feature] Added testbeta.sh file to final installation directory.
  • [Update] Updated dllibmodsecurity.sh to improve modsecurity-ls module support and prevent failure to build on FreeBSD systems.
  • [Update] Updated install.sh to make sure that the current user and group are checked correctly.
  • [Bug Fix] Fixed a crash when detecting OS/platform.
  • [Bug Fix]Fixed a server core bug that was causing high load.

Web Admin

  • [Update] Removed unnecessary empty lines when saving the config file.
  • [Update] Added ReadOnly Mode, to avoid overwriting crucial config information, when an include file is detected in the config.
  • [Bug Fix] Fixed an issue where previous settings may have been wiped out when adding more Environment variables in External App.

V1.5.2

2019-06-28

Server Core

  • [New Feature] Added support fo multiple access logs (at most 4) for each Vhost.
  • [Improvement] Only check-in plain conf file with when the conf file is updated.
  • [Bug Fix] Fixed a bug where the “SERVER_ADDR” variable was not set.
  • [Bug Fix] Fixed “listening port occupied” bug when using the service restart command.
  • [Bug Fix] Fixed a VHost error log bug that where https content was only partially recorded.
  • [Bug Fix] Fixed cache module not working when using a reverse proxy.

V1.5.1

2019-05-28

  • [New] 1.5.1 includes updates from 1.4.43 to 1.4.47.
  • [Update] Added lsrecaptcha support.
  • [Update] Added support for CGroups, a Linux kernel feature that limits and isolates resource usage.
  • [Bug Fix] Fixed an issue in modgzip which may cause a server crash in some cases.
  • [Bug Fix] Fixed an issue where the HTTP_END hook point is not placed correctly, causing module data not to be released in some cases.
  • [Bug Fix] Fixed an issue in the cache module, where backend errors cause zero-length content to be saved and served.

V1.5.0

2018-01-02

V1.5.0 RC6

2018-11-09

V1.5.0 RC5

2018-08-27

V1.5.0 RC5

2018-08-27

V1.5.0 RC4

2018-07-06

V1.5.0 RC3

2018-04-11
Server Core

  • [Bug Fix] Fixed a bug where using a NULL ntwkiolink Handler would cause a crash.
  • [Bug Fix] Fixed a logger bug where a NULL appender was sometimes used causing a crash.

V1.5.0 RC2

2018-02-15
Server Core

  • [Bug Fix] Fixed a bug where cgi/php response body was being converted to lowercase.
  • [Bug Fix] Fixed an ip2location configuration bug.
  • [Bug Fix] Fixed a bug where cookies not reset on next use could cause a crash.
  • [Bug Fix] Fixed a bug where loading and using cache and pagespeed modules at the same time could cause an internal
    server error.
  • [Bug Fix] Fixed a cipher previously rejected by chrome.

Cache Module

  • [Bug Fix] Fixed a bug where comparing a string could cause a crash.

V1.5.0 RC1

2018-02-02
Server Core

  • [New] Multi-Thread APIs.
  • [New] Module Developer Guide.
  • [Update] Added more Multi-Thread example modules.
  • [Bug Fix] All known bugs have been fixed.

ModLSPHP Module