# 1.4.40 2016-07-16 * Feature #36: fcgi remote backends intelligent availability check * Bug #131: FastCGI FCGI_STDOUT before FCGI_STDIN bug * Bug #222: ssi virtual include uses wrong path * Bug #319: Should warn if two FastCGI servers point to same socket file * Feature #342: Support static linking of modules and module selection * Bug #376: Reimplement upload (POST) handling to match apache/zeus/thttpd/boa functionality * Bug #399: FastCGI performance on high load * Bug #406: PHP PATH_INFO improperly converted to lowercase * Feature #411: typo in config file did not show up in a config-test * Bug #421: mod_proxy vulnerable to resource starvation * Bug #448: SCRIPT_FILENAME and SCRIPT_NAME are wrong for [F]CGI scripts with full paths invoked as a directory index * Bug #471: sendfile backends do not fall back to write/writev if they are not supported by the kernel * Feature #551: lighttpd doesn't allow underscores in host names * Feature #602: Russian letters not alowed? * Bug #619: When create or uploading a directory to the DAV directory * Bug #631: PROPFIND status code not propogated in proxy * Bug #756: transfer-encoding chunked broken (OSX) * Bug #758: memory fragmentation leads to high memory usage after peaks * Bug #760: Random crashing on FreeBSD 6.1 * Feature #799: mod_fastcgi + X-Sendfile -> mod_staticfile * Feature #851: Feature Request: New option "x-send-file-docroot" * Bug #881: memory usage when ssl.engine used and large data uploaded through CGI * Feature #892: No PATH_INFO/PATH_TRANSLATED when using FastCGI as an index generator * Feature #933: lighty should buffer responses (after it grows above certain size) on disk * Bug #946: URL encoding leads to "400 - Bad Request" * Bug #949: fastcgi, cgi, flush, php5 problem. * Bug #962: WebDAV upload-> mmap failed: operation not permitted * Bug #987: error:network_freebsd_sendfile.c.175 * Bug #1081: mod_dirlisting hide-dotfiles contrary to the docs disabled by default * Feature #1086: hyphen in hostname * Feature #1145: mod_accesslog cookie field support %{VARNAME}C * Bug #1184: a numeric tld * Feature #1221: support *(wild card character) within include directive * Feature #1233: Lighttpd consumes > 1GB of memory * Bug #1249: writev failed: Invalid argument * Bug #1265: SSL + file upload = lots of memory * Bug #1283: Memory usage increases when proxy+ssl+large file * Bug #1330: 400 Bad Request when using IP's numeric value ("ip2long()") * Bug #1339: lighttpd doesn't set empty QUERY_STRING in cgi environment * Bug #1387: lighttpd+fastcgi memory problem * Feature #1415: access_log : %D time used in ms (not supported) * Feature #1421: access_allow directive for lighttpd * Bug #1461: SSL bad write retry with several concurrent connections * Bug #1468: LDAP UTF-8 encoding * Bug #1483: magnet offset > length bug * Bug #1492: mod-webdav and Vista * Bug #1499: HTTPS env var should be "on" when using mod_extforward and the X-Forwarded-Proto header is set. * Feature #1504: Option To Turn Off Post Buffering * Bug #1539: can't capture lighttpd startup notifications output in perl script * Feature #1584: support for xinetd * Bug #1629: mod_accesslog does not log aborted POSTs * Feature #1696: mod_deflate patch for 1.4.19 * Bug #1706: mod_proxy not sending a response for post requests * Bug #1761: loadable-module naming on macosx + cmake * Bug #1768: mod_ssi doesn't accept single quotes * Bug #1787: Bug in mod_webdav when using aliases and MOVE command * Bug #1826: mod_webdav readdir POSIX compatibility issue * Bug #1828: REDIRECT_STATUS == 200 on 404 redirect * Bug #1834: Invalid Content-Type sent when more than one mimetype.assign matches * Bug #1849: Webdav Mac OS 10.5 Finder incompatibility * Feature #1851: Bus error in mod_compress * Bug #1866: [PATCH] Remove AC_CANONICAL_TARGET macro from configure * Bug #1879: Lighttpd 1.4.20 Crash (SIGBUS in mod_compress) * Bug #1890: %X in accesslog.format not working as expected * Feature #1901: make server.max-request-size scopeable * Bug #1919: mod_expires sends headers on 404 responses * Feature #1953: Improve DAV support to be able to handle git as a client * Bug #2000: webdav: Define resourcetype for resources other than collections * Bug #2001: webdav: Allow propfind requests for specific properties * Bug #2002: webdav: Enable OPTIONS for inexistent resources * Bug #2014: cmake scripts don't HAVE_STRUCT_TM_GMTOFF -> wrong timezone * Feature #2017: X-Sendfile handoff to mod-static-file in 1.4.x * Feature #2051: [PATCH] mod_ssi Add configuration item to disable SSI exec. * Bug #2058: Closed connection by peer is not reported to fastcgi/scgi service * Bug #2073: wrong position for #include in network_backends.h * Feature #2076: X-sendfile should be able to set content-type * Feature #2081: %{format}t support * Bug #2083: Excessive Memory usage with streamed files from PHP * Feature #2085: null redirects for mod_redirect * Bug #2108: CGI local redirect not implemented correctly * Feature #2116: add server.listen-backlog option instead of hard-coded value (128 * 8) for listen() * Bug #2131: max-request-size comparing mistake * Bug #2143: Numeric tld's * Feature #2170: server-status page should have an automatic reload * Feature #2199: [mod_evasive] redirect if maximum connections exceeded * Feature #2204: Fallback to server.port in $SERVER["socket"] * Bug #2225: Silent failure * Feature #2253: scgi x-sendfile * Bug #2259: lighttpd does not send a 301 redirect immediately when proxying to Apache * Bug #2276: libpcre - specify directory * Bug #2281: 400 Bad Request when using Numeric TLDs * Bug #2296: Saving file to webdav mapped drive fails * Bug #2302: sloppy error handling in mod_cgi to affect binaries * Feature #2304: special class for directories tr's in directory listing * Feature #2313: [PATCH] X-sendfile support for mod_cgi * Feature #2327: Ignore comments, trailing blanks and empty lines in ht{digest,passwd} files * Feature #2340: decoding %2F in fastcgi PATH_INFO * Bug #2345: LDAP authentication problem * Feature #2372: mod_*cgi and ipv6 address * Bug #2378: Unicode in cookies throws 400 for all requests * Feature #2383: mod_alias: use alias directory as doc-root too * Bug #2390: getcwd() problem on Cygwin (without Cygwin environment) * Bug #2412: %T in accesslog.format doesn't work as expected * Feature #2427: Connections Status * Feature #2431: mod_cgi process limit * Feature #2432: Adding JSON Output support to mod_status (patch) * Bug #2460: (mod_cgi.c.1041) chdir failed: no such file or directory index.php * Bug #2464: patch for intermittent ldap failures * Feature #2474: Option to map send-file file-not-found error to normal 404 * Bug #2508: Missing path for server.upload-dirs is not reported, then uploads fail. * Bug #2531: disabling ssl.verifyclient.activate does not work in SNI * Bug #2541: HTTP 401 Unauthorized only sent back after full POST request is read. * Bug #2542: Race leads to incorrect output in some circumstances * Bug #2548: cannot build statically compiled lighttpd * Bug #2560: buffer_path_simplify sometimes has a wrong state internally * Bug #2564: strtol() usage * Bug #2566: mod_fastcgi should handle "quick" responses * Bug #2584: Patch for Resource leak * Bug #2588: Problem when uploading large files * Bug #2594: Accept LF instead of CRLF as header line end from proxy backends * Bug #2598: Semantics of else clause looks strange * Feature #2631: Migrate to freedesktop.org definition of xattr mimetype * Feature #2642: add option for "fail on warning" * Bug #2645: lighttpd doesn't support case-insensitive for content-coding values ?? * Bug #2655: Serving a file that is getting updated can cause an empty response or incorrect content-length error * Feature #2666: handle filesystems without mmap() support * Bug #2674: Add Lua 5.2 support * Bug #2685: add warning for duplicate array keys in config * Bug #2695: [PATCH] server.c: call ftruncate on pid file * Feature #2696: [PATCH] support -i idle timeout option * Feature #2702: REDIRECT_URI not set in mod_cgi * Bug #2704: Slight improvement to the message format on duplicate array kes * Feature #2706: Matching IPv6 addresses with $HTTP["remoteip"] * Bug #2708: setenv.add-response-header adds header twice if starts with X- * Bug #2711: Cronolog Broken pipe * Bug #2712: Wait for grandchild to be ready when daemonizing * Bug #2715: mmap error while uploading file in 1.4.39 * Bug #2717: heap-use-after-free in lighttpd on broken config * Bug #2719: lua_geti symbol is missing lua version * Bug #2720: detect standard modules in modules list * Feature #2721: Add SSI vars "SCRIPT_URI", "SCRIPT_URL", "REQUEST_SCHEME" * Feature #2722: define __STDC_WANT_LIB_EXT1__ for memset_s() * Bug #2723: setrlimit can increase RLIMIT_NOFILE up to rlim_max for non-root * Bug #2727: Won't compile with OpenSSL 1.1.0 * Bug #2729: Runtime issues with LibreSSL * Bug #2730: http auth does not send WWW-Authenticate header in git rev 598cdd0 * Bug #2732: char copied to wrong place in SSI output * Bug #2733: X-LIGHTTPD-send-file return 0 bytes