This is to announce the release of Pound v2.7. This is a production version. 
Cumulative changes since version 2.6:

Enhancements:
    - added support for larger DH keys + compile-time parameter for DH bits 
(workaround for OpenSSL limitation)
    - added support for elliptical curve encryption
    - added protocol version in X-SSL-cipher (Tom Fitzhenry)
    - added "Disable PROTO" directives (fix for Poodle vulnerability)
    - added Cert, Disable and Cipher directives for HTTPS back-ends. The 
directive HTTPS "cert" no longer supported.
    - added filtering of "Expect: 100-continue" headers
    - Add support for PATCH HTTP method
    - Anonymise configuration option - show last client address byte as 0 
(based on an idea by Christian Doering)
    - SSLAllowClientRenegotiation (based on a patch from Joe Gooch)
    - SSLHonorCipherOrder (based on a patch from Joe Gooch)
    - Certificate alternate names support (based on a patch from Jonas Pasche)
    - poundctl shows the length of the request queue (based on a request from 
Leo)

Bug fixes:
    - fixed lh_retrieve warning
    - fixed potential memory leak on client certificates
    - fixed alt names problem (Joe Gooch)
    - removed debugging messages
    - fixed address comparison for RewriteLocation (IPv4/IPv6 problem - 
Christopher Bartz)
    - re-patched the redirect patch (Frank Schmierler)
    - fixed RPC handling (Frank Schmierler)
    - sanitize URLs for redirection (prevent CSRF)
    - SSL disable empty fragments + SSL disable compression (CRIME attack 
prevention)
    - fixed bug in configuration of DISABLED directive
    - changed the log level from WARNING to NOTICE if the thread arg is NULL
    - fixed testing of gcc options

Many thanks to all contributors.

The software is at version 2.7 (production quality). Further testing 
(especially under heavy loads), improvements and suggestions are welcome.

-- 
Robert Segall
Apsis GmbH
Postfach, Uetikon am See, CH-8707
Tel: +41-32-512 30 19


--
To unsubscribe send an email with subject unsubscribe to [email protected].
Please contact [email protected] for questions.

Reply via email to