Release 5.0.3 ------------- * [Standalone] When using the builtin engine, `passenger start` may crash during startup due to an initialization race condition. This has been fixed. * [Enterprise] Fixes a bug in passenger-irb. Running passenger-irb without a PID parameter worked, but running it with a PID parameter didn't. * Fixes an integer overflow that resulted in a file descriptor leak and stalled client connections. Closes GH-1412. * Truncates Passenger source code paths in logs (to 3 chars) to reduce redundant info. Closes GH-1383. * Fixes invalid JSON output for non-finite double values (e.g. from the HTTP JSON API). Closes GH-1408. * All hooks now set the `PASSENGER_HOOK_NAME` environment variable. This variable is set to the name of the hook that is being called. * The Ruby handler no longer tries to call #force_encoding on response body strings, which fixes an incompatibility with apps/libraries that return frozen body strings. Closes GH-1414. * If the Ruby handler crashes while processing a Rack response body, it will now no longer stall the connection. * Fixes env.SERVER_PORT containing 80 instead of 443 when using https on default port. Closes GH-1421. * We now handle errors in the `poll()` system call better. This might fix some crashes during shutdown which manifest on FreeBSD. Release 5.0.2 ------------- * Fixes a connection freeze that could occur when processing large responses. This would manifest itself under the error message "This website is under heavy load" or "Request queue is full, returning an error". Closes GH-1404. * Debian and Ubuntu packages have been reintroduced. * When `passenger-config restart-app` is run interactively, if Passenger is not serving any applications, then the command now prints an error message instead of showing a menu with only a "Cancel" option. * Fixes a compilation problem on FreeBSD 10 (contributed by: clemensg). Closes GH-1401. * [Standalone] Fixes a crash that would occur if you use the `--ctl` parameter. * [Enterprise] The `--max-request-time` option has been added to Passenger Standalone. * [Enterprise] The `max_request_time_reached` hook has been introduced. This hook allows you to run diagnostics on a process that that took too long to respond to a request. Release 5.0.1 ------------- * The `passenger-config restart-app` command is now more user friendly. When run in a terminal, it will show an interactive menu, allowing you to select the app to restart. Closes GH-1387. * Fixed a crash bug in the handling of sticky session cookies. * Log failed program in error message, not its command line (contributed by: paisleyrob). Closes GH-1397. * [Nginx] Fixes cases in which Passenger overrides the Nginx handler function even when it shouldn't, for example when Passenger is disabled. Closes GH-1393. * [Enterprise] The `sticky_sessions` and `envvars` options in Passengerfile.json is now also supported in mass deployment mode. Release 5.0.0 release candidate 2 --------------------------------- * Fixes an installation problem with the Ruby gem due to incorrect Makefile generation. Closes GH-1382. * More helpful message when request queue is full. Closes GH-1375. Release 5.0.0 release candidate 1 --------------------------------- * Fixed Date headers not being formatted in the GMT timezone. Closes GH-1367. * Fixed Passengerfile.json/passenger-standalone.json not being properly loaded in Passenger Standalone. * Fixed support for sticky sessions. * Fixed an infinite loop if the ApplicationPool garbage collector fails due to an exception. Closes GH-1360. * Fixed Passenger Standalone exiting prematurely when the HelperAgent crashes. Exiting prematurely is not supposed to happen because the watchdog will restart the HelperAgent. Closes GH-1339. * Fixed a crash that occurs when using a non-standard startup file value. Closes GH-1378. * When dumping system metrics during error page generation, the `passenger-config` command is now invoked under the same Ruby interpreter as the app, instead of the one in PATH. Closes GH-1381. * When a Ruby process crashes due to an uncaught exception, this fact is now properly logged. * Specifying 0 for the `max_pool_size` config option no longer results in a crash. Closes GH-1334. * The timeouts when downloading Passenger Standalone binaries and source files are now customizable. Closes GH-1295. * The `envvars` option is now supported in Passengerfile.json, for passing environment variables to the application. Closes GH-1377. * Introduced `hook_queue_full_error` for request queue overflows. Closes GH-1358. * [Ruby] Fixed handling of "transfer-encoding chunked" response bodies which contain zero-sized chunks. * [Nginx] It is no longer necessary to re-specify `passenger_enabled` in `location` contexts. Closes GH-1338. * [Enterprise] Fixed a bug in mass deployment reloading. * [Enterprise] Fixed a bug in mass deployment daemonization. * [Enterprise] The mass deployment mode now supports the `app_type` and `startup_file` configuration options in Passengerfile.json/passenger-standalone.json. Closes GH-1366. Release 5.0.0 beta 3 -------------------- * The turbocache has received major updates and fixes based on excellent feedback Chris Heald and the community. First, several bugs w.r.t. the handling of caching headers have been fixed. Second, the turbocache has become slightly more conservative for security reasons. In previous versions, default cacheable responses (as defined by RFC 7234) were cached unless caching headers tell us not to. Now, default cacheable responses are only cached if caching headers explicitly tell us to. This change was introduced because there are many applications that set incorrect caching headers on private responses. This new behavior is currently not configurable, but there are plans to make it configurable in 5.0.0 release candidate 1. * Introduced a new configuration option, `passenger_response_buffer_high_watermark` (Nginx) and `PassengerResponseBufferHighWatermark` (Apache), for configuring the behavior of the response buffering system. Closes GH-1300. * Fixed more cookie handling issues. Closes GH-1310. * Fixed various WebSocket issues. Closes GH-1306. * Fixed some crashes caused by race conditions. Closes GH-1326. * Fixed issues with handling POST data. Closes GH-1331. * Fixed some issues on Heroku. Closes GH-1329. * Fixed some integer overflows. Fix contributed by Go Maeda. Closes GH-1357. * Fixed the `passenger-status --show=union_station` command. Closes GH-1336. * Nginx versions earlier than 1.6 are no longer supported. * Improved state introspection. Release 5.0.0 beta 2 -------------------- * Fixed handling of multiple Set-Cookie headers. Closes GH-1296. * `passenger-config system-metrics` now works properly if the agent is installed in ~/.passenger. Closes GH-1304. * Documentation enhancements by Igor Vuk. Closes GH-1318. * Fixed some crasher bugs. * [Standalone] User switching is now correctly disabled. * [Standalone] Fixed the `--thread-count` parameter. * [Apache] IPs set by mod_remoteip are now respected. Closes GH-1284. * [Apache] Fixed support for gzipped chunked responses. Closes GH-1309. Release 5.0.0 beta 1 -------------------- Version 5.0.0 beta 1 contains major changes. It's mostly compatible with version 4, but there are a few minor breakages, which are described below. Major changes and notable breakages are: * Performance has been much improved. This is thanks to months of optimization work. You can learn more at www.rubyraptor.org. * We've published a [server optimization guide](https://www.phusionpassenger.com/documentation/ServerOptimizationGuide.html) for those who are interested in tuning Phusion Passenger. * Support for Rails 1.2 - 2.2 has been removed, for performance reasons. Rails 2.3 is still supported. * Phusion Passenger now supports integrated HTTP caching, which we call turbocaching. If your app sets the right HTTP headers then Phusion Passenger can tremendously accelerate your app. It is enabled by default, but you can disable it with `--disable-turbocaching` (Standalone), `PassengerTurbocaching off` (Apache), or 'passenger_turbocaching off' (Nginx). * Touching restart.txt will no longer restart your app immediately. This is because, for performance reasons, the stat throttle rate now defaults to 10. You can still get back the old behavior by setting `PassengerStatThrottleRate 0` (Apache) or `passenger_stat_throttle_rate 0` (Nginx), but this is not encouraged. Instead, we encourage you to use the `passenger-config restart-app` tool to initiate restarts, which has immediate effect. * Websockets are now properly disconnected on application restarts. * The Phusion Passneger log levels have been completely revamped. If you were setting a log level before (e.g. through `passenger_log_level`), please read the latest documentation to learn about the new log levels. * If you use out-of-band garbage collection, beware that the `X-Passenger-Request-OOB-Work` header has now been renamed to `!~Request-OOB-Work`. * When using Rack's full socket hijacking, you must now output an HTTP status line. * [Nginx] The `passenger_set_cgi_param` option has been removed and replaced by `passenger_set_header` and `passenger_env_var`. * [Nginx] `passenger_show_version_in_header` is now only valid in the `http` context. * [Apache] The `PassengerStatThrottleRate` option is now global. Minor changes: * The minimum required Nginx version is now 1.6.0. * The instance directory is now touched every hour instead of every 6 hours. This should hopefully prevent more problems with /tmp cleaner daemons. * Applications are not grouped not only on the application root path, but also on the environment. For example, this allows you to run the same app in both production and staging mode, with only a single directory, without further configuration. Closes GH-664. * The `passenger_temp_dir` option (Nginx) and the `PassengerTempDir` option (Apache) have been replaced by two config options. On Nginx they are `passenger_instance_registry_dir` and `passenger_data_buffer_dir`. On Apache they are `PassengerInstanceRegistryDir` and `PassengerDataBufferDir`. On Apache, `PassengerUploadBufferDir` has been replaced by `PassengerDataBufferDir`. * Command line tools no longer respect the `PASSENGER_TEMP_DIR` environment variable. Use `PASSENGER_INSTANCE_REGISTRY_DIR` instead. * `passenger-status --show=requests` has been deprecated in favor of `passenger-status --show=connections`. * Using the SIGUSR1 signal to restart a Ruby app without dropping connections, is no longer supported. Instead, use `passenger-config detach-process`. * Introduced the `passenger-config reopen-logs` command, which instructs all Phusion Passenger agent processes to reopen their log files. You should call this after having rotated the web server logs. * [Standalone] The Phusion Passenger Standalone config template has changed. Users are encouraged to update it. * [Standalone] `passenger-standalone.json` has been renamed to `Passengerfile.json`. * [Standalone] `passenger-standalone.json`/`Passengerfile.json` no longer overrides command line options. Instead, command line options now have the highest priority. Release 4.0.60 -------------- * Fixed the password protection of internal Phusion Passenger processes. For security reasons, Phusion Passenger limits access to internal processes, by using Unix file permissions and randomly generated passwords that only authorized internal processes know. It turns out that this password wasn't set correctly, which has now been fixed. There was no security vulnerability, because the file permissions already provide sufficient security. The password only serves as an extra layer of security just in case there is a problem with the former. This issue is not at all related to any application-level security or application-level passwords. Any database passwords, keys, or secrets used and generated by applications have got nothing to do with the nature of this issue. This issue only relates to some randomly generated passwords that Passenger uses internally, for its internal operations. Release 4.0.59 -------------- * [Enterprise] Fixed support for free-style Node.js apps. Release 4.0.58 -------------- * [Enterprise] Fixed a bug in the Debian packages which caused Flying Passenger to break when used with non-system Rubies. * The Debian packages no longer require Ruby 1.9. Closes GH-1353. Release 4.0.57 -------------- * Fixed a native extension compatibility problem with Ruby 2.2. Closes [ruby-core:67152](https://bugs.ruby-lang.org/issues/10656). * Fixed compatibility with Nginx 1.7.9. Closes GH-1335. Release 4.0.56 -------------- * Fixed a file descriptor leak that manifests when an error page is shown. Contributed by Paul Bonaud, closes GH-1325. * Improved Node.js request load balancing. Closes GH-1322. Thanks to Charles Vallières for the analysis. Release 4.0.55 -------------- * Supports Ruby 2.2. Closes GH-1314. * Fixed Linux OS name detection. Release 4.0.54 -------------- * Contains a licensing-related hot fix for Enterprise customers. Release 4.0.53 -------------- * Upgraded the preferred Nginx version to 1.6.2. * Improved RVM gemset autodetection. * Fixed some Ruby 2.2 compatibility issues. Release 4.0.52 -------------- * Fixed a null termination bug when autodetecting application types. * Node.js apps can now also trigger the inverse port binding mechanism by passing `'/passenger'` as argument. This was introduced in order to be able to support the Hapi.js framework. Please read http://stackoverflow.com/questions/20645231/phusion-passenger-error-http-server-listen-was-called-more-than-once/20645549 for more information regarding Hapi.js support. * It is now possible to abort Node.js WebSocket connections upon application restart. Please refer to https://github.com/phusion/passenger/wiki/Phusion-Passenger:-Node.js-tutorial#restarting_apps_that_serve_long_running_connections for more information. Closes GH-1200. * Passenger Standalone no longer automatically resolves symlinks in its paths. * `passenger-config system-metrics` no longer crashes when the system clock is set to a time in the past. Closes GH-1276. * `passenger-status`, `passenger-memory-stats`, `passenger-install-apache2-module` and `passenger-install-nginx-module` no longer output ANSI color codes by default when STDOUT is not a TTY. Closes GH-487. * `passenger-install-nginx-module --auto` is now all that's necessary to make it fully non-interactive. It is no longer necessary to provide all the answers through command line parameters. Closes GH-852. * Minor contribution by Alessandro Lenzen. Release 4.0.50 -------------- * Fixed a potential heap corruption bug. * Added Union Station support for Rails 4.1. Release 4.0.49 -------------- * Upgraded the preferred Nginx version to 1.6.1. * Fixed a crash that may be triggered by the `passenger_max_requests` feature. * Introduced the `spawn_failed` hook, which is called when an application process fails to spawn. You could use this hook to setup an error notification system. Closes GH-1252. * Fonts, RSS and XML are now gzip-compressed by default in Phusion Passenger Standalone. Thanks to Jacob Elder. Closes GH-1254. * Fixed some user and group information lookup issues. Closes GH-1253. * Fixed some request handling crashes. Closes GH-1250. * Fixed some compilation problems on Gentoo. Closes GH-1261. * Fixed some compilation problems on Solaris. Closes GH-1260. Release 4.0.48 -------------- * Fixed a race condition while determining what user an application should be executed as. This bug could lead to applications being run as the wrong user. Closes GH-1241. * [Standalone] Improved autodetection of Rails asset pipeline files. This prevents Standalone from incorrectly setting caching headers on non-asset pipeline files. Closes GH-1225. * Fixed compilation problems on CentOS 5. Thanks to J. Smith. Closes GH-1247. * Fixed compilation problems on OpenBSD. * Fixed compatibility with Ruby 1.8.5. Release 4.0.47 -------------- * [Enterprise] Fixed a bug in Flying Passenger's `--max-preloader-idle-time` option. Release 4.0.46 -------------- * Further improved Node.js and Socket.io compatibility. * Sticky session cookies have been made more reliable. * Fixed WebSocket upgrade issues on Firefox. Closes GH-1232. * The Python application loader now inserts the application root into `sys.path`. The fact that this was not done previously caused a lot of confusion amongst Python users, who wondered why their `passenger_wsgi.py` could not import any modules from the same directory. * Fixed a compatibility problem with Django, which could cause Django apps to freeze indefinitely. Closes GH-1215. * Logging of application spawning errors has been much improved. Full details about the error, such as environment variables, are saved to a private log file. In the past, these details were only viewable in the browser. This change also fixes a bug on Phusion Passenger Enterprise, where enabling Deployment Error Resistance causes error messages to get lost. Closes GH-1021 and GH-1175. * Fixed a regression in Node.js support. When a Node.js app is deployed on a HTTPS host, the `X-Forwarded-Proto` header wasn't set in 4.0.45. Closes GH-1231. * Passenger Standalone no longer, by default, loads shell startup files before loading the application. This is because Passenger Standalone is often invoked from the shell anyway. Indeed, loading shell startup files again can interfere with any environment variables already set in the invoking shell. You can still tell Passenger Standalone to load shell startup files by passing `--load-shell-envvars`. Passenger for Apache and Passenger for Nginx still load shell startup files by default. * Passenger Standalone now works properly when the HOME environment variable isn't set. Closes GH-713. * Passenger Standalone's `package-runtime` command has been removed. It has been broken for a while and has nowadays been obsolete by our automatic [binary generation system](https://github.com/phusion/passenger_autobuilder). Closes GH-1133. * The `passenger_startup_file` option now also works on Python apps. Closes GH-1233. * If you are a [Union Station](https://www.unionstationapp.com) customer, then Phusion Passenger will now also log application spawning errors to Union Station. This data isn't shown in the Union Station interface yet, but it will be implemented in the future. * Fixed compilation problems on OmniOS and OpenIndiana. Closes GH-1212. * Fixed compilation problems when Nginx is configured with OpenResty. Thanks to Yichun Zhang. Closes GH-1226. * Fixed Nginx HTTP POST failures on ARM platforms. Thanks to nocelic for the fix. Closes GH-1151. * Documentation contributions by Tim Bishop and Tugdual de Kerviler. * Minor Nginx bug fix by Feng Gu. Closes GH-1235. Release 4.0.45 -------------- * Major improvements in Node.js and Meteor compatibility. Older Phusion Passenger versions implemented Node.js support by emulating Node.js' HTTP library. This approach was found to be unsustainable, so we've abandoned that approach and replaced it with a much simpler approach that does not involve emulating the HTTP library. * Introduced support for sticky sessions. Sticky sessions are useful -- or even required -- for apps that store state inside process memory. Prominent examples include SockJS, Socket.io, faye-websocket and Meteor. Sticky sessions are required to make the aforementioned examples work in multi-process scenarios. By introducing sticky sessions support, we've much improved WebSocket support and support for the aforementioned libraries and frameworks. * Due to user demand, GET requests with request bodies are once again supported. Support for these kinds of requests was removed in 4.0.42 in an attempt to increase the strictness and robustness of our request handling code. It has been determined that GET requests with request bodies can be adequately supported without degrading robustness in Phusion Passenger. However, GET requests with both request bodies and WebSocket upgrade headers are unsupported. Fixes issue #1092. * [Enterprise] The [Flying Passenger](http://www.modrails.com/documentation/Users%20guide%20Apache.html#flying_passenger) feature is now also available on Apache. * Fixed some issues with RVM mixed mode support, issue #1121. * Fixed Passenger Standalone complaining about not finding PassengerHelperAgent during startup. * Fixed various minor issues such as #1190 and #1197. * The download timeout for passenger-install-nginx-module has been increased. Patch by 亀田 義裕. Release 4.0.44 -------------- * The issue tracker has now been moved from Google Code to Github. Before version 4.0.44 (May 29 2014, commit 3dd0964c9f4), all issue numbers referred to Google Code. From now on, all issue numbers will refer to Github Issues. * Fixed compilation problems on OS X Lion and OS X Mountain Lion. * On Ruby, fixed `nil` being frozen on accident in some cases. See issue #1192. Release 4.0.43 -------------- * Introduced a new command `passenger-config list-instances`, which prints all running Phusion Passenger instances. * Introduced a new command `passenger-config system-metrics, which displays metrics about the system such as the total CPU and memory usage. * Fixed some compilation problems caused by the compiler capability autodetector. * System metrics such as total CPU usage and memory usage, are now sent to [Union Station](https://www.unionstationapp.com) in preparation for future features. Release 4.0.42 -------------- * [Nginx] Upgraded the preferred Nginx version to 1.6.0. * [Nginx] Fixed compatibility with Nginx 1.7.0. * [Standalone] The MIME type for .woff files has been changed to application/font-woff. Fixes issue #1071. * There are now APT packages for Ubuntu 14.04. At the same time, packages for Ubuntu 13.10 have been abandoned. * Introduced a new command, `passenger-config build-native-support`, for ensuring that the native_support library for the current Ruby interpreter is built. This is useful in system provisioning scripts. * For security reasons, friendly error pages (those black/purple pages that shows the error message, backtrace and environment variable dump when an application fails to start) are now disabled by default when the application environment is set to 'staging' or 'production'. Fixes issue #1063. * Fixed some compilation warnings on Ubuntu 14.04. * Fixed some compatibility problems with Rake 10.2.0 and later. See [Rake issue 274](https://github.com/jimweirich/rake/issues/274). * Improved error handling in [Union Station](https://www.unionstationapp.com) support. * Data is now sent to Union Station on a more frequent basis, in order to make new data show up more quickly. * Information about the code revision is now sent to Union Station, which will be used in the upcoming deployment tracking feature in Union Station 2. Release 4.0.41 -------------- * Fixed some issues with printing UTF-8 log files on Heroku. * Added a new flag `--ignore-app-not-running` to `passenger-config restart-app`. When this flag is given, `passenger-config restart-app` will exit successfully when the specified application is not running, instead of exiting with an error. * Our precompiled Passenger Standalone binaries have been upgraded to use OpenSSL 1.0.1g, which fixes [the OpenSSL Heartbleed vulnerability](http://heartbleed.com/). Users who are using Passenger Standalone with SSL enabled are vulnerable, and should upgrade immediately. Users who do not use Passenger Standalone, users who use Passenger Standalone without SSL, or users who use Passenger Standalone with SSL behind another SSL-enabled reverse proxy, are not vulnerable. Release 4.0.40 -------------- * Upgraded preferred Nginx version to 1.4.7. This Nginx version fixes a buffer overflow. Users are strongly urged to upgrade Nginx as soon as possible. Release 4.0.39 -------------- * Fixed a crash that could happen if the client disconnects while a chunked response is being sent. Fixes issue #1062. * In Phusion Passenger Standalone, it is now possible to customize the Nginx configuration file on Heroku. It is now also possible to permanently apply changes to the Nginx configuration file, surviving upgrades. Please refer to the "Advanced configuration" section of the Phusion Passenger Standalone manual for more information. * The programming language selection menu in passenger-install-apache2-module and passenger-install-nginx-module only works on terminals that support UTF-8 and that have a UTF-8 capable font. To cater to users who cannot meet these requirements (e.g. PuTTY users using any of the default Windows fonts), it is now possible to switch the menu to a plain text mode by pressing '!'. Fixes issue #1066. * Fixed printing UTF-8 characters in log files in Phusion Passenger Standalone. * It is now possible to dump live backtraces of Python apps through the 'SIGABRT' signal. * Fixed closing of file descriptors on OS X 10.9. * Fixed compilation problems with Apple Clang 503.0.38 on OS X. * Fixed compilation of native_support on Rubinius. Release 4.0.38 -------------- * Added support for the new Ruby 2.1.0 out-of-band garbage collector. This can much improve garbage collection performance, and drastically reduce request times. * Fixed a symlink-related security vulnerability. Urgency: low Scope: local exploit Summary: writing files to arbitrary directory by hijacking temp directories Affected versions: 4.0.37 Fixed versions: 4.0.38 CVE-2014-1832 Description: This issue is related to CVE-2014-1831 (the security issue as mentioned in the 4.0.37 release notes). The previous fix was incomplete, and still has a (albeit smaller) small attack time window in between two filesystem checks. This attack window is now gone. * Passenger Standalone is now compatible with IPv6. * Fixed some compilation problems on Solaris. See issue #1047. * passenger-install-apache2-module and passenger-install-nginx-module now automatically run in `--auto` mode if stdin is not a TTY. Fixes issue #1030. * Fixed an issue with non-bundled Meteor apps not correctly running in production mode. * The `PassengerPreStart` option is now compatible with IPv6 server sockets. * When running Python WSGI apps, `wsgi.run_once` is now set to False. This should improve the performance of certain apps and frameworks. * When handling HTTP requests with chunked transfer encoding, the 'Transfer-Encoding' header is no longer passed to the application. This is because the web server already buffers and dechunks the request body. * Fixed a possible hang in Phusion Passenger for Nginx when Nginx is instructed to reload or reopen log files. Thanks to Feng Gu, [pull request #97](https://github.com/phusion/passenger/pull/97). * The preferred Nginx version has been upgraded to 1.4.6. * Fixed a problem with running passenger-install-apache2-module and passenger-install-nginx-module on JRuby. They were not able to accept any terminal input after displaying the programming language menu. Release 4.0.37 -------------- * Improved Node.js compatibility. Calling on() on the request object now returns the request object itself. This fixes some issues with Express, Connect and Formidable. Furthermore, some WebSocket-related issues have been fixed. * Improved Meteor support. Meteor application processes are now shut down quicker. Previously, they linger around for 5 seconds while waiting for all connections to terminate, but that didn't work well because WebSocket connections were kept open indefinitely. Also, some WebSocket-related issues have been fixed. * Introduced a new tool `passenger-config detach-process` for gracefully detaching an application process from the process pool. Has a similar effect to killing the application process directly with `kill `, but killing directly may cause the HTTP client to see an error, while using this command guarantees that clients see no errors. * Fixed a crash that occurs when an application fails to spawn, but the HTTP client disconnects before the error page is generated. Fixes issue #1028. * Fixed a symlink-related security vulnerability. Urgency: low Scope: local exploit Summary: writing files to arbitrary directory by hijacking temp directories Affected versions: 4.0.5 and later Fixed versions: 4.0.37 CVE-2014-1831 Description: Phusion Passenger creates a "server instance directory" in /tmp during startup, which is a temporary directory that Phusion Passenger uses to store working files. This directory is deleted after Phusion Passenger exits. For various technical reasons, this directory must have a semi-predictable filename. If a local attacker can predict this filename, and precreates a symlink with the same filename that points to an arbitrary directory with mode 755, owner root and group root, then the attacker will succeed in making Phusion Passenger write files and create subdirectories inside that target directory. The following files/subdirectories are created: * control_process.pid * generation-X, where X is a number. If you happen to have a file inside the target directory called `control_process.pid`, then that file's contents are overwritten. These files and directories are deleted during Phusion Passenger exit. The target directory itself is not deleted, nor are any other contents inside the target directory, although the symlink is. Thanks go to Jakub Wilk for discovering this issue. Release 4.0.36 -------------- * [Enterprise] Fixed some Mass Deployment bugs. * [Enterprise] Fixed a bug that causes an application group to be put into Deployment Error Resistance Mode if rolling restarting fails while deployment error resistance is off. Deployment Error Resistance Mode is now only activated if it's explicitly turned on. * Passenger Standalone now gzips JSON responses. * Fixed some cases in which Passenger Standalone does not to properly cleanup its temporary files. Release 4.0.35 -------------- * Fixed some unit tests. Release 4.0.34 -------------- * The Node.js loader code now sets the `isApplicationLoader` attribute on the bootstrapping module. This provides a way for apps and frameworks that check for `module.parent` to check whether the current file is loaded by Phusion Passenger, or by other software that work in a similar way. This change has been introduced to solve a compatibility issue with CompoundJS. CompoundJS users should modify their server.js, and change the following: if (!module.parent) { to: if (!module.parent || module.parent.isApplicationLoader) { * Improved support for Meteor in development mode. Terminating Phusion Passenger now leaves less garbage Meteor processes behind. * It is now possible to disable the usage of the Ruby native extension by setting the environment variable `PASSENGER_USE_RUBY_NATIVE_SUPPORT=0`. * Fixed incorrect detection of the Apache MPM on Ubuntu 13.10. * When using RVM, if you set PassengerRuby/passenger_ruby to the raw Ruby binary instead of the wrapper script, Phusion Passenger will now print an error. * Added support for RVM >= 1.25 wrapper scripts. * Fixed loading passenger_native_support on Ruby 1.9.2. * The Union Station analytics code now works even without native_support. * Fixed `passenger-install-apache2-module` and `passenger-install-nginx-module` in Homebrew. * Binaries are now downloaded from an Amazon S3 mirror if the main binary server is unavailable. * And finally, although this isn't really a change in 4.0.34, it should be noted. In version 4.0.33 we changed the way Phusion Passenger's own Ruby source files are loaded, in order to fix some Debian and RPM packaging issues. The following doesn't work anymore: require 'phusion_passenger/foo' Instead, it should become: PhusionPassenger.require_passenger_lib 'foo' However, we overlooked the fact that this change breaks Ruby apps which use our Out-of-Band GC feature, because such apps had to call `require 'phusion_passenger/rack/out_of_band_gc'`. Unfortunately we're not able to maintain compatibility without reintroducing the Debian and RPM packaging issues. Users should modify the following: require 'phusion_passenger/rack/out_of_band_gc' to: if PhusionPassenger.respond_to?(:require_passenger_lib) # Phusion Passenger >= 4.0.33 PhusionPassenger.require_passenger_lib 'rack/out_of_band_gc' else # Phusion Passenger < 4.0.33 require 'phusion_passenger/rack/out_of_band_gc' end Release 4.0.33 -------------- * Fixed a compatibility problem in passenger-install-apache2-module with Ruby 1.8. The language selection menu didn't work properly. Release 4.0.32 -------------- * Fixed compatibility problems with old Ruby versions that didn't include RubyGems. Release 4.0.31 -------------- * Introduced a new tool: `passenger-config restart-app`. With this command you can initiate an application restart without touching restart.txt. Unlike touching restart.txt, this tool initiates the restart immediately instead of on the next request. * Fixed some problems in process spawning and request handling. * Fixed some problems with the handling of HTTP chunked transfer encoding bodies. These problems only occurred in Ruby. * Fixed the HelperAgent, upon shutdown, not correctly waiting 5 seconds until all clients have disconnected. Fixes issue #884. * Fixed compilation problems on FreeBSD. * Fixed some C++ strict aliasing problems. * Fixed some problems with spawning applications that print messages without newline during startup. Fixes issue #1039. * Fixed potential hangs on JRuby when Ctrl-C is used to shutdown the server. Fixes issue #1035. * When Phusion Passenger is installed through the Debian package, passenger-install-apache2-module now checks whether the Apache module package (libapache2-mod-passenger) is properly installed, and installs it using apt-get if it's not installed. Fixes issue #1031. * The `passenger-status --show=xml` command no longer prints the non-XML preamble, such as the version number and the time. Fixes issue #1037. * The Ruby native extension check whether it's loaded against the right Ruby version, to prevent problems when people upgrade Ruby without recompiling their native extensions. * Various other minor Debian packaging improvements. Release 4.0.30 -------------- * Fixed wrong autogeneration of HTTP Date header. If the web app does not supply a Date header, then Passenger will add one. Unfortunately due to the use of the wrong format string, December 30 2013 is formatted as December 30 2014. As a result, cookies that expire before 2014 would expire on December 30 2013 and December 31 2013. Details can be found at [Github pull request 93](https://github.com/phusion/passenger/pull/93). This issue only affects Phusion Passenger for Nginx and Phusion Passenger Standalone, and does not affect Phusion Passenger for Apache. You can work around this problem in your application by setting a Date header. For example, in Rails you can do: before_filter { response.date = Time.now.utc } Many thanks to Jeff Michael Dean (zilkey) and many others for bringing this to our attention and for providing workarounds and feedback. Release 4.0.29 -------------- * Fixed a compilation problem on OS X Mavericks. Release 4.0.28 -------------- * Introduced a workaround for a GCC 4.6 bug. This bug could cause Phusion Passsenger to crash during startup. Affected operating systems include Ubuntu 12.04 and Amazon Linux 2013.09.01, though not every machine with this OS installed exhibits the problem. See issue #902. * Improved Node.js support: the Sails framework is now supported. * Improved Node.js support: the streams2 API is now supported. * Introduced support for hooks, allowing users to easily extend Phusion Passenger's behavior. * Fixed a bug in the `passenger start -R` option. It was broken because of a change introduced in 4.0.25. * Fixed a bug in PassengerMaxInstancesPerApp. Fixes issue #1016. * Fixed compilation problems on Solaris. * Fixed an encoding problem in the Apache autodetection code. Fixes issue #1026. * The Debian packages no longer depend on libruby. * Application stdout and stderr are now printed without normal Phusion Passenger debugging information, making them easier to read. Release 4.0.27 -------------- * [Apache] Fixed a bug in the Apache module which could lock up the Apache process or thread. This is a regression introduced in version 4.0.24. * Node.js application processes now have friendly process titles. Release 4.0.26 -------------- * Introduced the `PassengerBufferUpload` option for Apache. This option allows one to disable upload buffering, e.g. in order to be able to track upload progress. * [Nginx] The `HTTPS` variable is now set correctly for HTTPS connections, even without setting `ssl on`. Fixes issue #401. * [Standalone] It is now possible to listen on both a normal HTTP and an HTTPS port. * [Enterprise] The `passenger-status` tool now displays rolling restart status. Release 4.0.25 -------------- * The `PassengerAppEnv`/`passenger_app_env`/`--environment` option now also sets NODE_ENV, so that Node.js frameworks like Connect can properly respond to the environment. * Fixed a bug in our Debian/Ubuntu packages causing `passenger-install-nginx-module` not to be able to compile Nginx. * Arbitrary Node.js application structures are now supported. * [Nginx] Introduced the `passenger_restart_dir` option. * [Nginx] Upgraded preferred Nginx version to 1.4.4 because of CVE-2013-4547. Release 4.0.24 -------------- * Introduced the `PassengerNodejs` (Apache) and `passenger_nodejs` (Nginx) configuration options. * [Apache] Introduced the `PassengerErrorOverride` option, so that HTTP error responses generated by applications can be intercepted by Apache and customized using the `ErrorDocument` directive. * [Standalone] It is now possible to specify some configuration options in a configuration file `passenger-standalone.json`. When Passenger Standalone is used in Mass Deployment mode, this configuration file can be used to customize settings on a per-application basis. * [Enterprise] Fixed a potential crash when a rolling restart is triggered while a process is already shutting down. * [Enterprise] Fixed Mass Deployment support for Node.js and Meteor. Release 4.0.23 -------------- * Fixed compilation problems on GCC 4.8.2 (e.g. Arch Linux 2013-10-27). * Fixed a compatibility problem with Solaris /usr/ccs/bin/make: issue #999. * Support for the Meteor Javascript framework has been open sourced. Release 4.0.22 -------------- * [Enterprised] Fixed compilation problems on OS X Mavericks. Release 4.0.21 -------------- * [Nginx] Upgraded the preferred Nginx version to 1.4.3. * Node.js support has been open sourced. * Prelimenary OS X Mavericks support. * Work around an Apache packaging bug in CentOS 5. * Various user friendliness improvements in the documentation and the installers. * Fixed a bug in the always_restart.txt support. Phusion Passenger was looking for it in the wrong directory. * Many Solaris and Sun Studio compatibility fixes. Special thanks to "mark" for his extensive assistance. * [Standalone] The --temp-dir command line option has been introduced. Release 4.0.20 -------------- * Fixed a bug in Phusion Passenger Standalone's daemon mode. When in daemon mode, the Nginx temporary directory was deleted prematurely, causing some POST requests to fail. This was a regression that was introduced in 4.0.15 as part of an optimization. * Fixed compilation problems on Solaris 10 with Sun Studio 12.3. * Improved detection of RVM problems. * It is now possible to log the request method to Union Station. * Introduced a new option, `PassengerLoadShellEnvvars` (Apache) and `passenger_load_shell_envvars` (Nginx). This allows enabling or disabling the loading of bashrc before spawning the application. * [Enterprise] Fixed a packaging problem which caused the flying-passenger executable not to be properly included in the bin path. * [Enterprise] Fixed a race condition which sometimes causes the Flying Passenger socket to be deleted after a restart. Fixes issue #939. * [Enterprise] The `byebug` gem is now supported for debugging on Ruby 2.0. The byebug gem requires a patch before this works: https://github.com/deivid-rodriguez/byebug/pull/29 Release 4.0.19 -------------- * Fixed a problem with response buffering. Application processes are now properly marked available for request processing immediately after they're done sending the response, instead of after having sent the entire response to the client. * The "processed" counter in `passenger-status` is now bumped after the process has handled a request, not at the beginning. * [Enterprise] Fixed an off-by-one bug in the `passenger_max_processes` setting. Release 4.0.18 -------------- * The Enterprise variant of Phusion Passenger Standalone now supports customizing the concurrency model and thread count from the command line. * On Nginx, the Enterprise license is now only checked if Phusion Passenger is enabled in Nginx. This allows you to deploy Nginx binaries, that have Phusion Passenger Enterprise compiled in, to servers that are not actually running Phusion Passenger Enterprise. * Fixed a performance bug in the Union Station support code. In certain cases where a lot of data must be sent to Union Station, the code is now over 100 times faster. * `passenger-status --show=union_station` now displays all clients that are connected to the LoggingAgent. * Added a workaround for Heroku so that exited processes are properly detected as such. * When using Phusion Passenger Standalone with Foreman, pressing Ctrl-C in Foreman no longer results in runaway Nginx processes. * Fixed backtraces in the Apache module. Release 4.0.17 -------------- * Fixed compilation problems on GCC 4.8 systems, such as Arch Linux 2013.04. Fixes issue #941. * Fixed some deprecation warnings when compiling the Ruby native extension on Ruby 2.0.0. * Fixed some Union Station-related stability issues. Release 4.0.16 -------------- * Allow Phusion Passenger to work properly on systems where the user's GID does not have a proper entry in /etc/group, such as Heroku. Release 4.0.15 -------------- * Out-of-band work has been much improved. The number of processes which may perform out-of-band work concurrently has been limited to 1. Furthermore, processes which are performing out-of-band work are now included in the max pool size constraint calculation. However, this means that in order to use out-of-band work, you need to have at least 2 application processes running. Out-of-band work will never be triggered if you just have 1 process. Partially fixes issue #892. * Phusion Passenger now displays an error message to clients if too many requests are queued up. By default, "too many" is 100. You may customize this with `PassengerMaxRequestQueueSize` (Apache) or `passenger_max_request_queue_size` (Nginx). * A new configuration option, `PassengerStartTimeout` (Apache) and `passenger_start_timeout` (Nginx), has been added. This option allows you to specify a timeout for application startup. The startup timeout has exited since version 4.0.0, but before version 4.0.15 it was hardcoded at a value of 90 seconds. Now it is customizable. Fixes issue #936. * [Enterprise] The `PassengerMaxRequestTime`/`passenger_max_request_time` feature is now available for Python and Node.js as well, and is no longer limited to just Ruby. Fixes issue #938. * [Nginx] Introduced a configuration option `passenger_intercept_errors`, which decides if Nginx will intercept responses with HTTP status codes of 400 and higher. Its effect is similar to `proxy_intercept_errors`. * [Standalone] Memory usage optimization: when `passenger start` is run with `--daemonize`, the frontend exits after starting the Nginx core. This saves ~20 MB of memory per `passenger start` instance. * [Standalone] Phusion Passenger Standalone is now also packaged in the Debian packages. * [Standalone] Fix a problem with the `passenger stop` command on Ruby 1.8.7. The 'thread' library was not properly required, causing a crash. * [Standalone] There is now builtin support for SSL. * Fix a crash when multiple `passenger_pass_header` directives are set. Fixes issue #934. * Permissions on the server instance directory are now explicitly set with chmod, so that permissions are correct on systems with a non-default umask. Fixes issue #928. * Fix permission problems when running `passenger start` with `--user`. * `passenger-config --detect-apache2` now correctly detects the eror log filename on Amazon Linux. Fixes issue #933. * An environment variable `PASSENGER_THREAD_LOCAL_STORAGE` has been added to the build system for forcefully disabling the use of thread-local storage within the Phusion Passenger codebase. This flag useful on systems that have broken support for thread-local storage, despite passing our build system's check for proper thread-local storage support. At the time of writing, one user has reported that Ubuntu 12.04 32-bit has broken thread-local storage report although neither the reporter nor us were able to reproduce the problem on any other systems running Ubuntu 12.04 32-bit. Note that this flag has no effect on non-Phusion Passenger code. Fixes issue #937. * It is now possible to preprocess events before they are sent to Union Station. This is useful for removing confidential data as demonstrated in this example `config/initializers/passenger.rb` file: if defined?(PhusionPassenger) event_preprocessor = lambda do |e| e.payload[:sql].gsub!("secret","PASSWORD") if e.payload[:sql] end PhusionPassenger.install_framework_extensions!(:event_preprocessor => event_preprocessor) end Release 4.0.14 -------------- * Fixed a bug in Passenger Standalone's source compiler, for the specific case when the downloaded Nginx binary doesn't work, and compilation of the Nginx binary did not succeed the first time (e.g. because of missing dependencies). * Precompiled Ruby native extensions are now automatically downloaded. Release 4.0.13 -------------- * Updated preferred Nginx version to 1.4.2. * Worked around the fact that FreeBSD 9.1 has a broken C++ runtime. Patch contributed by David Keller. * Autogenerated HTTP Date headers are now in UTC instead of local time. This could cause cookies to have the wrong expiration time. Fixes issue #913. * Fixed compatibility problems with Ruby 1.8.6 (issue #924). * Introduced a tool, `passenger-config --detect-apache2`, which autodetects all Apache installations on the system along with their parameters (which apachectl command to run, which log file to read, which config file to edit). The tool advises users about how to use that specific Apache installation. Useful if the user has multiple Apache installations but don't know about it, or when the user doesn't know how to work with multiple Apache installations. * Added an API for better Rack socket hijacking support. * Added a hidden configuration option for customizing the application start timeout. A proper configuration option will be introduced in the future. * Added autodetection support for Amazon Linux. * Fixed process metrics collection on some operating systems. Some systems' 'ps' command expect no space between -p and the list of PIDs. Release 4.0.10 -------------- * Fixed a crash in PassengerWatchdog which occurs on some OS X systems. * Fixed exception reporting to Union Station. * Improved documentation. Release 4.0.9 ------------- * [Enterprise] Fixed a problem with passenger-irb. Release 4.0.8 ------------- * Fixed a problem with graceful web server restarts. When you gracefully restart the web server, it would cause Phusion Passenger internal sockets to be deleted, thus causing Phusion Passenger to go down. This problem was introduced in 4.0.6 during the attempt to fix issue #910. * The PassengerRestartDir/passenger_restart_dir now accepts relative filenames again, just like in Phusion Passenger 3.x. Patch contributed by Ryan Schwartz. * Documentation updates contributed by Gokulnath Manakkattil. * [Enterprise] Fixed a license key checking issue on some operating systems, such as CentOS 6. Release 4.0.7 ------------- * There was a regression in 4.0.6 that sometimes prevents PassengerLoggingAgent from starting up. Unfortunately this slipped our release testing. This regression has been fixed and we've updated our test suite to check for these kinds of regressions. Release 4.0.6 ------------- * Fixed a potential 100% CPU lock up in the crash handler, which only occurs on OS X. Fixes issue #908. * Fixed a crash in request handling, when certain events are trigger after the client has already disconnected. Fixes issue #889. * Phusion Passenger will no longer crash when the Phusion Passenger native_support Ruby extension cannot be compiled, e.g. because the Ruby development headers are not installed or because the current user has no permission to save the native extension file. Fixes issue #890. * Fixed OS X 10.9 support. Fixes issue #906. * Removed dependency on bash, so that Phusion Passenger works out of the box on BSD platforms without installing/configuring bash. Fixes issue #911. * Fix 'PassengerPoolIdleTime 0' not being respected correctly. Issue #904. * Admin tools improvement: it is now possible to see all currently running requests by invoking `passenger-status --show=requests`. * A new feature called Flying Passenger allows you to decouple the life time of Phusion Passenger from the web server, so that both can be restarted indepedently from each other. Please refer to http://blog.phusion.nl/2013/07/03/technology-preview-introducing-flying-passenger/ for an introduction. * [Apache] Fixed compatibility with Apache pipe logging. Previously this would cause Phusion Passenger to lock up with 100% CPU during Apache restart. * [Nginx] The Nginx configure script now checks whether 'ruby' is in $PATH. Previously, if 'ruby' is not in $PATH, then the compilation process fails with an obscure error. * [Nginx] passenger-install-nginx-module now works properly even when Phusion Passenger is installed through the Debian packages. Before, the installer would tell you to install Phusion Passenger through the gem or tarball instead. * [Enterprise] Added pretty printing helpers to the Live IRB Console. * Fixed permissions on a subdirectory in the server instance directory. The server instance directory is a temporary directory that Phusion Passenger uses to store working files, and is deleted after Phusion Passenger exits. A subdirectory inside it is world-writable (but not world-readable) and is used for storing Unix domain sockets created by different apps, which may run as different users. These sockets had long random filenames to prevent them from being guessed. However because of a typo, this subdirectory was created with the setuid bit, when it should have sticky bit (to prevent existing files from being deleted or renamed by a user that doesn't own the file). This has now been fixed. * If the server instance directory already exists, it will now be removed first in order get correct directory permissions. If the directory still exists after removal, Phusion Passenger aborts to avoid writing to a directory with unexpected permissions. Fixes issue #910. * The installer now checks whether the system has enough virtual memory, and prints a helpful warning if it doesn't. * Linux/AArch64 compatibility fixes. Patch contributed by Dirk Mueller. * Improved documentation. Release 4.0.5 ------------- * [Standalone] Fixed a regression that prevented Passenger Standalone from starting. Fixes issue #899. * Fixed security vulnerability CVE-2013-2119. Urgency: low Scope: local exploit Summary: denial of service and arbitrary code execution by hijacking temp files Affected versions: all versions Fixed versions: 3.0.21 and 4.0.5 Description: Phusion Passenger's code did not always create temporary files and directories in a secure manner. Temporary files and directories were sometimes created with a predictable filename. A local attacker can pre-create temporary files, resulting in a denial of service. In addition, this vulnerability allows a local attacker to run arbitrary code as another user, by hijacking temporary files. By pre-creating certain temporary files with certain permissions, attackers can prevent Passenger Standalone from starting (denial of service). By pre-creating certain temporary files with certain other permissions, attackers can trick `passenger start` and the build system (which is invoked by `passenger-install-apache2-module`/`passenger-install-nginx-module`) to run arbitrary code. The user that the code is run as, is equal to the user that ran `passenger start` or the build system. Attacks of this nature have to be timed exactly right. The attacker must overwrite the file contents right after Phusion Passenger has created the file contents, but right before the file is used. In the context of `passenger start`, the vulnerable window begins right after Passenger Standalone has created the Nginx config file, and ends when Nginx has read the config file. Once Nginx has started and initialized, the system is no longer vulnerable. `passenger stop` and other Passenger Standalone commands besides `start` are not vulnerable. In the context of the build system, the vulnerable window begins when `passenger-install-apache2-module`/`passenger-install-nginx-module` prints its first dependency checking message, and ends when it prints the first compiler command. Only the `passenger start` command, the `passenger-install-apache2-module` command and the `passenger-install-nginx-module` commands are vulnerable. Phusion Passenger for Apache and Phusion Passenger for Nginx (once they are installed) are not vulnerable. Fixed versions: 3.0.21 and 4.0.5 have been released to address this issue. Workaround: You can use this workaround if you are unable to upgrade. Before invoking any Phusion Passenger command, set the `TMPDIR` environment variable to a directory that is not world-writable. Special care must be taken when you use sudo: sudo resets all environment variables, so you should either invoke sudo with `-E`, or you must set the environment variable after gaining root privileges with sudo. Release 4.0.4 ------------- * Fixed autodetection of noexec-mount /tmp directory. Fixes issue #850 and issue #625. * Fixed a WSGI bug. wsgi.input was a file object opened in text mode, but should be opened in binary mode. Fixes issue #881. * Fixed a potential crash in Out-of-Band Work. Fixes issue #894. * Fixed a potential crash in rolling restarting, which only occurs if a process was also being spawned at the same time. Fixes issue #896. * [Apache] The RailsBaseURI and RackBaseURI directives have been unified. For a long time, RailsBaseURI told Phusion Passenger that the given sub-URI belongs to a **Rails 2** application. Attempt to use this directive with Rails 3 or with Rack applications would result in an error. Because this confused users, RailsBaseURI and RackBaseURI have now been unified and can now be used interchangably. Phusion Passenger will automatically detect what kind of application it is. The Nginx version already worked like this. Fixes issue #882. * [Standalone] The Passenger Standalone temp directory and PassengerWatchdog server instance directory have been unified. PassengerWatchdog already automatically updates the timestamps of all files in its server instance directory every 6 hours to prevent /tmp cleaners from deleting the directory. Therefore this unification prevents the Passenger Standalone temp directory to be deleted by /tmp cleaners as well. Fixes issue #654. * [Standalone] types_hash_max_size has been increased from 1024 to 2048. This solves a problem that causes Nginx not to start on some platforms. Contributed by Jan-Willem Koelewijn. Release 4.0.3 ------------- * Better protection is now provided against application processes that are stuck and refuse to shut down cleanly. Since version 4.0.0, Phusion Passenger already forcefully shuts down all processes during web server shutdown. In addition to this, 4.0.3 now also forcefully shuts down processes that take more than 1 minute to shut down, even outside the context of web server shutdowns. This feature does not, however, protect against requests that take too long. Use PassengerMaxRequestTime (Apache) or passenger_max_request_time (Nginx) for that. * Fixed a crash in the HelperAgent which results in frequent process restarts in some traffic patterns. Fixes issue #862. * Fixed a problem that prevents processes from being spawned correctly if the user's bashrc changes working directory. Fixes issue #851. * passenger-status now also displays CPU usage. * The installer now checks for checksums when automatically downloading PCRE and Nginx. Contributed by Joshua Lund. * An error is now printed when trying to daemonize Phusion Passenger Standalone on Ruby implementations that don't support forking. Contributed by Benjamin Fleischer. * Although Phusion Passenger already supported JRuby, *installing* Phusion Passenger with JRuby was not possible. This has been fixed. * Various other minor bug fixes. Release 4.0.2 ------------- * Bumped the preferred Nginx version to 1.4.1 because of a critical Nginx security vulnerability, CVE-2013-2028. Users are advised to upgrade immediately. Release 4.0.1 ------------- * Fixed a crasher bug in the Deployment Error Resistance feature. * Fixed a bug in PassengerDefaultUser and PassengerDefaultGroup. * Fixed a bug which could cause application processes to exit before they've finished their request. * Fixed some small file descriptor leaks. * Bumped the preferred Nginx version to 1.4.0. * Editing the Phusion Passenger Standalone Nginx config template is no longer discouraged. * Improved documentation. Release 4.0.0 release candidate 6 --------------------------------- * WebSocket support on Nginx. Requires Nginx >= 1.3.15. * Improved RVM support. * Performance optimizations. * Various bug fixes. Release 4.0.0 release candidate 5 --------------------------------- * The default config snippet for Apache has changed! It must now contain a `PassengerDefaultRuby` option. The installer has been updated to output this option. The `PassengerRuby` option still exists, but it's only used for configuring different Ruby interpreters in different contexts. Please refer to the manual for more information. * We now provide GPG digital signatures for all file releases by Phusion. More information can be found in the manual. * `passenger-status` now displays process memory usage and time when it was last used. The latter fixes issue #853. * Exceptions in Rack application objects are now caught to prevent application processes from exiting. * The `passenger-config` tool now supports the `--ruby-command` argument, which helps the user with figuring out the correct Ruby command to use in case s/he wants to use multiple Ruby interpreters. The manual has also been updated to mention this tool. * Fixed streaming responses on Apache. * Worked around an OS X Unix domain socket bug. Fixes issue #854. * Out-of-Band Garbage Collection now works properly when the application has disabled garbage collection. Fixes issue #859. * Fixed support for /usr/bin/python on OS X. Fixes issue #855. * Fixed looping-without-sleeping in the ApplicationPool garbage collector if PassengerPoolIdleTime is set to 0. Fixes issue #858. * Fixed some process memory usage measurement bugs. * Fixed process memory usage measurement on NetBSD. Fixes issue #736. * Fixed a file descriptor leak in the Out-of-Band Work feature. Fixes issue #864. * The PassengerPreStart helper script now uses the default Ruby interpreter specified in the web server configuration, and no longer requires a `ruby` command to be in `$PATH`. * Updated preferred PCRE version to 8.32. * Worked around some RVM bugs. * The ngx_http_stub_status_module is now enabled by default. * Performance optimizations. Release 4.0.0 release candidate 4 --------------------------------- * Fixed compilation on systems where /tmp is mounted noexec. * Fixed some memory corruption bugs. * Improved debugging messages. * Phusion Passenger Standalone now sets underscores_in_headers. Fixes issue #708. * Fixed some process spawning compatibility problems, as reported in issue #842. * The Python WSGI loader now correctly shuts down client sockets even when there are child processes that keep the socket open. * A new configuration option PassengerPython (Apache) and passenger_python (Nginx) has been added so that users can customize the Python interpreter on a per-application basis. Fixes issue #852. * The Apache module now supports file uploads larger than 2 GB when on 32-bit systems. Fixes issue #838. * The Nginx version now supports the `passenger_temp_dir` option. * Environment variables set in the Nginx configuration file (through the `env` config option) are now correctly passed to all application processes. Fixes issue #371. * Fixed support for RVM mixed mode installations. Fixes issue #828. * Phusion Passenger now outputs the Date HTTP header in case the application didn't already do that (and was violating the HTTP spec). Fixes issue #485. * Phusion Passenger now checks whether /dev/urandom isn't broken. Fixes issue #516. Release 3.9.5 (4.0.0 release candidate 3) ----------------------------------------- * Fixed Rake autodetection. Release 3.9.4 (4.0.0 release candidate 2) ----------------------------------------- * More bug fixes. * More documentation updates. * Better crash diagnostics. Release 3.9.3 (4.0.0 release candidate 1) ----------------------------------------- * The Nginx version now supports the `passenger_app_root` configuration option. * The Enterprise memory limiting feature has been extended to work with non-Ruby applications as well. * Application processes that have been killed are now automatically detected within 5 seconds. Previously Phusion Passenger needed to send a request to the process before detecting that it's gone. This change means that when you kill a process by sending it a signal, Phusion Passenger will automatically respawn it within 5 seconds (provided that the process limit settings allow respawning). * Phusion Passenger Standalone's HTTP client body limit has been raised from 50 MB to 1 GB. * Python 3 support has been added. * The build system has been made compatible with JRuby and Ruby 2.0. * The installers now print a lot more information about detected system settings so that the user can see whether something has been wrongly detected. * Some performance optimizations. These involve further extending the zero-copy architecture, and the use of hash table maps instead of binary tree maps. * Many potential crasher and freezer bugs have been fixed. * Error diagnostics have been further improved. * Many documentation improvements. Release 3.9.2 (4.0.0 beta 2) ---------------------------- * New feature: JRuby and Rubinius support. * New feature: Out of Band Work. * Sending SIGBART to a Ruby process will now trigger the same behavior as SIGQUIT - that is, it will print a backtrace. This is necessary for proper JRuby support because JRuby cannot catch SIGQUIT. * Rolling restarts and depoyment error resistance are now also available in Phusion Passenger Standalone in the Enterprise version. * System call failure simulation framework. * Improved crash reporting. * Many documentation improvements. * Many bug fixes. Release 3.9.1 (4.0.0 beta 1) ---------------------------- This is the first beta of Phusion Passenger 4. The changes are numerous. * Support for multiple Ruby versions. * The internals now use evented I/O. * Real-time response buffering. * Improved zero-copy architecture. * Rewritten ApplicationPool and process spawning subsystem. * Multithreading within Ruby apps (Phusion Passenger Enterprise only). * Python WSGI support lifted to "beta" status. * More protection against stuck processes. * Automatically picks up environment variables from your bashrc. * Allows setting environment variables directly in Apache. * Automatic asset pipeline support in Standalone. * Deleting restart.txt no longer triggers a restart. * More stable Union Station support. * Many internal robustness improvements. * Better relocatability without wasting space. Release 3.0.21 -------------- * Rebootstrapped the libev configure to fix compilation problems on Solaris 11. * Fixed support for RVM mixed mode installations. Fixes issue #828. * Fixed encoding problems in Phusion Passenger Standalone. * Changed preferred Nginx version to 1.2.9. * Catch exceptions raised by Rack application objects. * Fix for CVE-2013-2119. Details can be found in the announcement for version 4.0.5. * Version 3.0.20 was pulled because its fixes were incomplete. Release 3.0.19 -------------- * Nginx security fix: do not display Nginx version when server_tokens are off. * Fixed compilation problems on some systems. * Fixed some Union Station-related bugs. Release 3.0.18 -------------- * Fixed compilation problems on Fedora 17. * Fixed Union Station compatibility with Rails 3.2. * Phusion Passenger Enterprise Standalone now supports rolling restarts and deployment error resistance. Release 3.0.17 -------------- * Fixed a Ruby 1.9 encoding-related bug in the memory measurer. (Phusion Passenger Enterprise) * Fixed OOM adjustment bugs on Linux. * Fixed compilation problems on Fedora 18 and 19. * Fixed compilation problems on SunOS. * Fixed compilation problems on AIX. Contribution by Perry Smith. * Fixed various compilation warnings. * Upgraded preferred Nginx version to 1.2.3. 3.0.16 was an unofficial hotfix release, and so its announcement had been skipped. Release 3.0.15 -------------- * Updated documentation. * Updated website links. Release 3.0.14 -------------- * [Apache] Fixed a long-standing mod_rewrite-related problem. Some mod_rewrite rules would not work, but it depends on the exact mod_rewrite configuration so it would work for some people but not for others. Issue #563. Thanks a lot to cedricmaion for providing information on the nature of the bug and to peter.nash55 for providing a VM that allowed us to reproduce the problem. * [Nginx] Preferred Nginx version to 1.2.2. The previously preferred version was 1.2.1. * Cleared some confusing terminology in the documentation. * Fixed some Ruby 1.9 encoding problems. Release 3.0.13 -------------- * [Nginx] Preferred Nginx version upgraded to 1.2.1. * Fixed compilation problems on FreeBSD 6.4. Fixes issue #766. * Fixed compilation problems on GCC >= 4.6. * Fixed compilation problems on OpenIndiana and Solaris 11. Fixes issue #742. * Union Station-related bug fixes. * Sending the soft termination signal twice to application processes no longer makes them crash. Patch contributed by Ian Ehlert. Release 3.0.12 -------------- * [Apache] Support Apache 2.4. The event MPM is now also supported. * [Nginx] Preferred Nginx version upgraded to 1.0.15. * [Nginx] Preferred PCRE version upgraded to 8.30. * [Nginx] Fixed compatibility with Nginx < 1.0.10. * [Nginx] Nginx is now installed with http_gzip_static_module by default. * [Nginx] Fixed a memory disclosure security problem. The issue is documented at http://www.nginx.org/en/security_advisories.html and affects more modules than just Phusion Passenger. Users are advised to upgrade as soon as possible. Patch submitted by Gregory Potamianos. * [Nginx] passenger_show_version_in_header now hides the Phusion Passenger version number from the 'Server:' header too. Patch submitted by Gregory Potamianos. * Fixed a /proc deprecation warning on Linux kernel >= 3.0. Release 3.0.11 -------------- * Fixed a compilation problem on platforms without alloca.h, such as FreeBSD 7. * Improved performance and solved some warnings on Xen systems by compiling with `-mno-tls-direct-seg-refs`. Patch contributed by Michał Pokrywka. Release 3.0.10 -------------- * [Nginx] Dropped support for Nginx versions older than 1.0.0 * [Nginx] Fixed support for Nginx 1.1.4+ * [Nginx, Standalone] Upgraded default Nginx version to 1.0.10 The previously default version was 1.0.5. * [Nginx] New option passenger_max_requests This is equivalent to the PassengerMaxRequests option in the Apache version: Phusion Passenger will automatically shutdown a worker process once it has processed the specified number of requests. Contributed by Paul Kmiec. * [Apache] New option PassengerBufferResponse The Apache version did not buffer responses. This could block the Ruby worker process in case of slow clients. We now enable response buffering by default. It can be turned off through this option. Feature contributed by Ryo Onodera. * Fixed remaining Ruby 1.9.3 compatibility problems We already supported Ruby 1.9.3 since 3.0.8, but due to bugs in Ruby 1.9.3's build system Phusion Passenger would fail to detect Ruby 1.9.3 features on some systems. Fixes issue #714. * Fixed a bug in PassengerPreStart A regression was introduced in 3.0.8, causing the prespawn script to connect to the host name instead of to 127.0.0.1. Fix contributed by Andy Allan. * Fixed compatibility with GCC 4.6 Affected systems include Ubuntu 11.10. * Fixed various compilation problems. * Fixed some Ruby 1.9 encoding problems. * Fixed some Ruby 1.9.3 deprecation warnings. Release 3.0.9 ------------- * [Nginx] Fixed a NULL pointer crash that occurs on HTTP/1.0 requests when the Host header isn't given. * Fixed deprecation warnings on RubyGems >= 1.6. * Improved Union Station support stability. Release 3.0.8 ------------- * [Nginx] Upgraded preferred Nginx version to 1.0.5. * [Nginx] Fixed various compilation problems on various platforms. * [Nginx] We now ensure that SERVER_NAME is equal to HTTP_HOST without the port part. This is needed for Rack compliance. By default Nginx sets SERVER_NAME to whatever is specified in the server_name directive, but that's not necessarily the correct value. This fixes, for example, the use of the 'map' statement in config.ru. * [Nginx] Added the options passenger_buffer_size, passenger_buffers and passenger_busy_buffers_size. These options are similar to proxy_module's similarly named options. You can use these to e.g. increase the maximum header size limit. * [Nginx] passenger_pre_start now supports virtual hosts that listen on Unix domain sockets. * [Apache] Fixed the pcre.h compilation problem. * [Standalone] Fixed 'passenger stop'. It didn't work properly because it kept waiting for 'tail' to exit. We now properly terminate 'tail' as well. * Fixed compatibility with Rake 0.9. * Fixed various Ruby 1.9 compatibility issues. * Various documentation improvements. * New Union Station filter language features. It now supports status codes and response times. Please refer to https://engage.unionstationapp.com/help#filtering for more information. Release 3.0.7 ------------- * Fixed a bug passenger-install-apache2-module. It could crash on some systems due to a typo in the code. * Upgraded preferred Nginx version to 1.0.0. * Phusion Passenger Standalone now pre-starts application processes at startup instead of doing that at the first request. * When sending data to Union Station, the HTTP status code is now also logged. * Various Union Station-related stability improvements. * The Linux OOM killer was previously erroneously disabled for all Phusion Passenger processes, including application processes. The intention was to only disable it for the Watchdog. This has been fixed, and the Watchdog is now the only process for which the OOM killer is disabled. * Fixed some compilation problems on OpenBSD. * Due to a typo, the dependency on file-tail was not entirely removed in 3.0.6. This has now been fixed. Release 3.0.6 ------------- * Fixed various compilation problems such as XCode 4 support and OpenBSD support. * Fixed various Union Station-related stability issues. * Fixed an issue with host name detection on certain platforms. * Improved error logging in various parts. * The dependency on the file-tail library has been removed. * During installation, check whether /tmp is mounted with 'noexec'. Phusion Passenger's installer relies on /tmp *not* being mounted with 'noexec'. If it is then the installer will now show a helpful error message instead of bailing out in a confusing manner. Users can now tell the installer to use a different directory for storing temporary files by customizing the $TMPDIR environment variable. * Phusion Passenger Standalone can now run Rackup files that are not named 'config.ru'. The filename can be passed through the command line using the -R option. Release 3.0.5 ------------- * [Apache] Fixed Union Station process statistics collection Union Station users that are using Apache may notice that no process information show up in Union Station. This is because of a bug in Phusion Passenger's Apache version, which has now been fixed. * [Apache] PassengerAnalytics has been renamed to UnionStationSupport This option has been renamed for consistency reasons. * [Nginx] passenger_analytics has been renamed to union_station_support This option has been renamed for consistency reasons. * Fixed Union Station data sending on older libcurl versions Some Union Station users have reported that their data don't show up. Upon investigation this turned out to be a compatibility with older libcurl versions. Affected systems include all RHEL 5 based systems, such as RHEL 5.5 and CentOS 5.5. We've now fixed compatibility with older libcurl versions. * Added support for the Union Station filter language This language can be used to limit the kind of data that's sent to Union Station. Please read https://engage.unionstationapp.com/help#filtering for details. * Fixed a PassengerMaxPoolSize/passenger_max_pool_size violation bug People who host a lot of different applications on Phusion Passenger may notice that it sometimes spawns more processes than is allowed by PassengerMaxPoolSize/passenger_max_pool_size. This has been fixed. Release 3.0.4 ------------- * [Apache] Changed mod_dir workaround hook priority Phusion Passenger temporarily disables mod_dir on all Phusion Passenger-handled requests in order to avoid conflicts. In order to do this it registers some Apache hooks with the APR_HOOK_MIDDLE priority, but it turned out that this breaks some other modules like mod_python. The hook priority has been changed to APR_HOOK_LAST to match mod_dir's hook priorities. Issue reported by Jay Freeman. * Added support for Union Station: http://www.unionstationapp.com/ * Some error messages have been improved. Release 3.0.3 ------------- * [Nginx] Preferred Nginx version upgraded to 0.8.54 The previous preferred version was 0.8.53. * PATH_INFO and REQUEST_URI now contain the original escaped URI Phusion Passenger passes the URI, as reported by Apache/Nginx, to application processes through the PATH_INFO and REQUEST_URI variables. These variables are supposed to contain the original, unescaped URI, e.g. /clubs/%C3%BC. Both Apache and Nginx thought that it would be a good idea to unescape the URI before passing it to modules like Phusion Passenger, thereby causing PATH_INFO and REQUEST_URI to contain the unescaped URI, e.g. /clubs/ü. This causes all sorts of encoding problems. We now manually re-escape the URI when setting PATH_INFO and REQUEST_URI. Issue #404. * The installer no longer detects directories as potential commands Previously the installer would look in $PATH for everything that's executable, including directories. If one has /usr/lib in $PATH and a directory /usr/lib/gcc exists then the installer would recognize /usr/lib/gcc as the compiler. We now explicitly check whether the item is also a file. * PseudoIO now responds to #to_io Phusion Passenger sets STDERR to a PseudoIO object in order to capture anything written to STDERR during application startup. This breaks some libraries which expect STDERR to respond to #to_io. This has now been fixed. Issue #607. * Fixed various other minor bugs See the git commit log for details. Release 3.0.2 ------------- * [Nginx] Fixed compilation problems The Nginx compilation process was broken due to not correctly reverting the working directory of the Nginx configure script. This has been fixed: issue #595. * [Nginx] Fixed crash if passenger_root refers to a nonexistant directory Issue #599. * Fixed compilation problems on NetBSD There was a typo in a NetBSD-specific fcntl() call. It also turns out that NetBSD doesn't support some ISO C99 math functions like llroundl(); this has been worked around by using other functions. Issue #593. * Fixed file descriptor closing issues on FreeBSD Phusion Passenger child processes didn't correct close file descriptors on FreeBSD because it queries /dev/fd to do that. On FreeBSD /dev/fd only returns meaningful results if fdescfs is mounted, which it isn't by default. Issue #597. Release 3.0.1 ------------- * MUCH faster compilation We've applied code aggregation techniques, allowing Phusion Passenger to be compiled much quicker now. For example, compiling the Nginx component (not Nginx itself) on a MacBook Pro now takes only 29 seconds instead of 51 seconds, an improvement of 75%! Compiling the Apache module on a slower Dell Inspiron now takes 39 seconds instead of 1 minute 22 seconds, or 110% faster! * Fixed malfunction after web server restart On Linux systems that have a non-standard filesystem on /tmp, Phusion Passenger could malfunction after restarting the web server because of a bug that's only triggered on certain filesystems. Issue #569. * Boost upgraded to version 1.44.0. We were on 1.42.0. * Much improved startup error messages Phusion Passenger performs many extensive checks during startup to ensure integrity. However the error message in some situation could be vague. These startup error messages have now been improved dramatically, so that if something goes wrong during startup you will now more likely know why. * Curl < 7.12.1 is now supported The previous version fails to compile with Curl versions earlier than 7.12.1. Issue #556. * passenger-make-enterprisey fixed This is the command that people can run after donating. It allows people to slightly modify Phusion Passenger's display name as a joke. In 3.0.0 it was broken because of a typo. This has been fixed. * Removed passenger-stress-test This tool was used during the early life of Phusion Passenger for stress testing websites. Its performance has never been very good and there are much better tools for stress testing, so this tool has now been removed. * [Apache] RailsEnv and RackEnv configuration options are now equivalent In previous versions, RailsEnv only had effect on Rails 1 and Rails 2 apps while RackEnv only had effect on Rack apps. Because Rails 3 apps are considered Rack apps, setting RailsEnv had no effect on Rails 3 apps. Because this is confusing to users, we've now made RailsEnv and RackEnv equivalent. Issue #579. * [Nginx] Fixed compilation problems on systems with unpowerful shells Most notably Solaris. Its default shell does not support some basic constructs that we used in the Nginx configure script. * [Nginx] Upgraded default Nginx version to to 0.8.53 The previous default was 0.8.52. * [Nginx] passenger_enabled now only accepts 'on' or 'off' values Previously it would recognize any value not equal to 'on' as meaning 'off'. This caused confusion among users who thought they could also specify 'true', so we now throw a proper error if the value is unrecognized. Fixes issue #583. Release 3.0.0 ------------- This is a major release with many changes. Please read our blog for details. Release 2.2.15 -------------- * [Apache] Fixed incorrect temp dir cleanup by passenger-status On some systems, running passenger-status could print the following message: *** Cleaning stale folder /tmp/passenger.1234 ...after which Phusion Passenger breaks because that directory is necessary for it to function properly. The cause of this problem has been found and has been fixed. * [Apache] Fixed some upload handling problems Previous versions of Phusion Passenger check whether the size of the received upload data matches the contents of the Content-Length header as received by the client. It turns out that there could be a mismatch e.g. because of mod_deflate input compression, so we can't trust Content-Length anyway and we're being too strict. The check has now been removed. * [Nginx] Fixed compilation issues with Nginx >= 0.7.66 Thanks to Potamianos Gregory for reporting this issue. Issue #500. * [Nginx] Default Nginx version changed to 0.7.67 The previous default version was 0.7.65. * Fixed more Bundler problems Previous versions of Phusion Passenger would preload some popular libraries such as mysql and sqlite3 in order to utilize copy-on-write optimizations better. However this behavior conflicts with Bundler so we've removed it. Release 2.2.14 -------------- * Added support for Rubinius Patch contributed by Evan Phoenix. * Fixed a mistake in the SIGQUIT backtrace message. Patch contributed by Christoffer Sawicki. * [Nginx] Fix a localtime() crash on FreeBSD This was caused by insufficient stack space for threads. Issue #499. Release 2.2.13 -------------- * Fixed some Rails 3 compatibility issues that were recently introduced. * Fixed a typo that causes config/setup_load_paths.rb not to be loaded correctly. Release 2.2.12 -------------- * Improved Bundler support. Previous versions might not be able to correctly load gems bundled by Bundler. We've also documented how our Bundler support works and how to override our support if you need special behavior. Please refer to the Phusion Passenger Users Guide, section "Bundler support". * Worked around some user account handling bugs in Ruby. Issue #192. * Fixed some Ruby 1.9 tempfile.rb compatibility problems. * Fixed some compilation problems on some ARM Linux platforms. * [Apache] Suppress bogus mod_xsendfile-related error messages. When mod_xsendfile is being used, Phusion Passenger might print bogus error messages like "EPIPE" or "Apache stopped forwarding the backend's response" to the log file. These messages are normal, are harmless and can be safely ignored, but they pollute the log file. So in this release we've added code to suppress these messages when mod_xsendfile is being used. Issue #474. * [Nginx] Fixed "passenger_user_switching off" permission problems If Nginx is running as root and passenger_user_switching is turned off, then Phusion Passenger would fail to initialize because of a permission problem. This has been fixed. Issue #458. * [Nginx] Nginx >= 0.8.38 is now supported. Thanks to Sergey A. Osokin for reporting the problem. * [Nginx] passenger-install-nginx-module upgraded It now defaults to installing Nginx 0.7.65 instead of 0.7.64. Release 2.2.11 -------------- * This release fixes a regression that appeared in 2.2.10 which only affects Apache. When under high load, Apache might freeze and stop responding to requests. It is caused by a race condition which is why it escaped our last release testing. This problem does not affect Nginx; you only have to upgrade if you're using Apache. http://groups.google.com/group/phusion-passenger/t/d5bb2f17c8446ea0 Release 2.2.10 -------------- * Fixed some Bundler compatibility problems. * Fixed some file descriptor passing problems, which previously could lead to mysterious crashes. * Fixed some compilation problems on newer GCC versions. Issue #430. * Support #size method in rack.input. Release 2.2.9 ------------- * Fixed compatibility with Rails 3. Actually, previous Phusion Passenger releases were already compatible with Rails 3, depending on the spawn method that would be invoked. Here's the story: Since Phusion Passenger 2.2.8, when the file config.ru exists, Phusion Passenger will treat the app as a Rack app, not as a Rails app. This is in contrast to earlier versions which gave Rails detection more priority than Rack detection. Phusion Passenger loads Rack apps and Rails apps in different ways. The Rails loader was not compatible with Rails 3, which is what we've fixed in this release. That said, a Rails 3 app would have worked out-of-the-box on Phusion Passenger 2.2.8 as well because Rails 3 apps include a config.ru file by default, causing Phusion Passenger 2.2.8 to use the Rack loader. Earlier versions of Phusion Passenger would just completely bail out because they'd use the Rails loader. That said, with 2.2.9 there are still some caveats: - Smart spawning (the mechanism with which REE's 33% memory reduction is implemented) is *not* supported for Rack apps. This means that if you want to utilize smart spawning with Rails 3, then you should remove your config.ru file. - Rails 3 depends on Rack 1.1.0. You must have Rack 1.1.0 installed as a gem, even if you've bundled it with the gem bundler. This is because Phusion Passenger itself depends on Rack. Both of these caveats are temporary. We have plans to solve both of these properly in the future. * What's up with the Gem Bundler? There has been some reports that Phusion Passenger is not compatible with Yehuda Katz's gem bundler (http://github.com/wycats/bundler). This might have been true for an earlier version of the gem bundler, but the latest version seems to work fine. Please note that you need to insert the following snippet in config/preinitializer.rb, as instructed by the gem bundler's README: require "#{RAILS_ROOT}/vendor/gems/environment" The Rails::Boot monkey patching code as posted at http://yehudakatz.com/2009/11/03/using-the-new-gem-bundler-today/ does not seem to be required anymore. * Fixed support for ActiveRecord subclasses that connect to another database. ActiveRecord subclasses that connect to a database other than the default one did not have their connection correctly cleared after forking. This can result in weird errors along the lines of "Lost connection to MySQL server during query". Issue #429. * [Nginx] Fixed PCRE URL. passenger-install-nginx-module downloads PCRE 7.8 if PCRE is not already installed. However PCRE 7.8 has been removed from their FTP server, so we've updated the URL to point to the latest version, 8.0. Release 2.2.8 ------------- * [Nginx] Fixed some signal handling problems. Restarting Nginx on OS X with SIGHUP can sometimes take a long time or even fail completely. This is because of some signal handling problems, which have now been fixed. * [Nginx] Added OpenSSL as dependency. OpenSSL is required in order to install Nginx, but this was not checked by passenger-install-nginx-module. As a result, passenger-install-nginx-module fails on e.g. out-of-the-box Ubuntu installations until the user manually installs OpenSSL. Issue #422. * [Nginx] Fixed support for internal redirects and subrequests. It is now possible to, for example, point X-Accel-Redirects to Phusion Passenger-served URLs. Patch contributed by W. Andrew Loe III: issue #433. * [Apache] Fixed a GnuTLS compatibility issue. mod_gnutls can cause Phusion Passenger to crash because of an unchecked NULL pointer. This problem has now been fixed: issue #391. * Fixed thread creation issue on Intel Itanium platforms. This fixes issue #427. * Fixed compilation problems on Linux running on the Renesas SH4 CPU. Patch contributed by iwamatsu: issue #428. * The Rack library has been unvendored. The original reason for vendoring was to work around broken Rails applications that explicitly specify Rack as a gem dependency. We've found a better workaround that does not require vendoring Rack. This also fixes a compatibility problem with Rails 3, because Rails 3 depends on a newer Rack version than the one we had vendored. Issue #432. * Fixed compatibility with Ruby 1.9.1 patchlevel >= 152 Ruby 1.9.1 patchlevel >= 152 has a bug in its tempfile library. If you've seen an error message along the lines of *** Exception IOError in Passenger RequestHandler (closed stream) then this is a Ruby bug at work. This bug has been fixed in Ruby 1.9.2, but Ruby 1.9.1 still contains this bug. We've added a workaround so that the bug is not triggered with this Ruby version. Issue #432. Release 2.2.7 ------------- * Removed forgotten debugging code in passenger-install-apache2-module, which caused it not to compile anything. Release 2.2.6 ------------- * Some /tmp cleaner programs such as tmpwatch try to remove subdirectories in /tmp/passenger.xxx after a while because they think those subdirectories are unused. This could cause Phusion Passenger to malfunction, requiring a web server restart. Measures have now been taken to prevent those tmp cleaner programs from removing anything in /tmp/passenger.xxx. Issue #365. * When autodetecting the application type, Rack is now given more priority than Rails. This allows one to drop a config.ru file in a Rails directory and have it detected as a Rack application instead of a Rails application. Patch contributed by Sam Pohlenz: issue #338. * The default socket backlog has been increased from 'SOMAXCONN' (which is 128 on most platforms) to 1024. This should fix most 'helper_server.sock failed: Resource temporarily unavailable' errors. * Fixed compilation problems on Solaris. Issue #369 and issue #379. * Fixed crashes on PowerPC. * Some Ruby 1.9 compatibility fixes. Issue #398. * The installer now displays correct dependency installation instructions for Mandriva Linux. * [Apache] The location of the 'apxs' and 'apr-config' commands can now also be passed to the installer through the --apxs-path and --apr-config-path parameters, in addition to the $APXS2 and $APR_CONFIG environment variables. Issue #3. * [Nginx] Various problems that only occur on 64-bit platforms have been fixed. * [Nginx] The installer now installs Nginx 0.7.64 by default. Release 2.2.5 ------------- * [Apache] Small file uploads are now buffered; fixes potential DoS attack Phusion Passenger buffers large file uploads to temp files so that it doesn't block applications while an upload is in progress, but it sent small uploads directly to the application without buffering it. This could result in a potential DoS attack: the client can send many small, incomplete file uploads to the server, and this would block all application processes until a timeout occurs. In order to solve this problem, Phusion Passenger now buffers small file uploads in memory. Bug #356. * [Apache] Fixed support for mod_rewrite passthrough rules Mod_rewrite passthrough rules were not properly supported because of a bug fix for supporting encoded slashes (%2f) in URLs. Unfortunately, due to bugs/limitations in Apache, we can support either encoded slashes or mod_rewrite passthrough rules, but not both; supporting one will break the other. Support for mod_rewrite passthrough rules is now enabled by default; that is, support for encoded slashes is disabled by default. A new configuration option, "PassengerAllowEncodedSlashes", has been added. Turning this option on will enable support for encoded slashes and disable support for mod_rewrite passthrough rules. Issue #113 and issue #230. * [Apache] Added a configuration option for resolving symlinks in the document root path Phusion Passenger 2.2.0 and higher no longer resolves symlinks in the document root path in order to properly support Capistrano-style directory structures. The exact behavior is documented in the Users Guide, section "How Phusion Passenger detects whether a virtual host is a web application". However, some people relied on the old behavior. A new configuration option, PassengerResolveSymlinksInDocumentRoot, has been added to allow reverting back to the old behavior. Patch contributed by Locaweb (http://www.locaweb.com.br/). * [Apache] mod_env variables are now also passed through CGI environment headers Prior to version 2.2.3, environment variables set by mod_env are passed to the application as CGI environment headers, not through Ruby's ENV variable. In the last release we introduced support for setting ENV environment variables with mod_env, and got rid of the code for setting CGI environment headers. It turns out that some people relied on the old behavior, we so now environment variables set with mod_env are set in both ENV and in the CGI environment. Fixes bug #335. * [Apache] Fixed compilation problems on some Linux systems with older versions of Apache If you used to see compilation errors like this: ext/apache2/Configuration.cpp:554: error: expected primary-expression before '.' token then this version should compile properly. * [Apache] Fixed I/O timeouts for communication with backend processes Got rid of the code for enforcing I/O timeouts when reading from or writing to a backend process. This caused more problems than it solved. * [Nginx] Support for streaming responses (e.g. Comet or HTTP push) Buffering of backend responses is now disabled. This fixes support for streaming responses, something which the Apache version has supported for a while now. One can generate streaming responses in Ruby on Rails like this: render :text => lambda { |response, output| 10_000.times do |i| output.write("hello #{i}!\n") end } * [Nginx] Installer now installs Nginx 0.7.61 by default Previously it installed 0.6.37 by default. * [Nginx] Fixed the installer's --extra-configure-flags flag when combined with --auto-download Arguments passed to --extra-configure-flags were not being passed to the Nginx configure script when --auto-download is given. This has been fixed: bug #349. * [Nginx] Fixed unnecessary download of PCRE The installer now checks whether PCRE is installed in /opt/local (e.g. MacPorts) as well before concluding that it isn't installed and going ahead with downloading PCRE. * Fixed STDERR capturing While spawning an application, Phusion Passenger captures any output written to STDERR so that it can show them later if the application failed to start. This turns out to be much more difficult than expected, with all kinds of corner cases that can mess up this feature. For example, if the Rails log file is not writable, then this can cause Rails to crash with a bizarre and unhelpful error message whenever it tries to write to STDERR: /!\ FAILSAFE /!\ Thu Aug 20 14:58:39 +1000 2009 Status: 500 Internal Server Error undefined method `[]' for nil:NilClass Some applications reopen STDERR to a log file. This didn't work. Of all of these problems have been fixed now. (Bug #332) * Fixed some bugs in application sources preloading Rails >= 2.2 already preloads the application sources, in which case Phusion Passenger wasn't supposed to perform it's own preloading, but the Rails >= 2.2 detection code was bugged. This has been fixed. Rails < 2.2 doesn't preload the application sources by itself, but there should be a certain order with which the sources are preloaded, otherwise preloading could fail in some applications. We now enforce a specific load order: first models, then controllers, then helpers. Bug #359. * Fixed a few bugs in WSGI compliance PATH_INFO is supposed to be set to the request URI, but without the query string and without the base URI. This has been fixed: bug #360. * Fixed some Ruby 1.9-specific crashes caused by encoding issues. Bug #354. * Fixed loading of config/environment.rb on Ruby 1.9.2, because Ruby 1.9.2 no longer has "." in the default load path. Patch by metaljastix, issue #368. * The Users Guide for Apache now mentions something about correct permissions for application directories. * Fixed compilation problems on IA-64 (bug #118). We also reduced the stack sizes for the threads by half, so Phusion Passenger should use even less virtual memory now. * Fixed compilation problems on Linux systems with ARM CPU. * Fixed a few compatibility problems with 64-bit OpenBSD. * Fixed a few typos and minor bugs. Older releases -------------- Please consult the blog posts on http://blog.phusion.nl/ for the information about older releases.