Skip to main content
Version: 7.2405.x.x LTS

Release notes

nevisProxy 7.2411.2 LTS2024 - 27.03.2025

Changes and new features

  • FIXED: We added the APACHE_VERSION=2.4.gem environment variable to fix the issue that some signature algorithms didn't work when using the GemEngine with OpenSSL 3.0. (NEVISPROXY-7479)
  • CHANGED: The number of active WebSocket connections are now regularly traced on INFO level. (NEVISPROXY-7444)
  • UPGRADED: We upgraded to nghttp2 1.65.0. (NEVISPROXY-7535)
  • UPGRADED: We upgraded to ModSecurity 3.0.14. (NEVISPROXY-7530)
  • UPGRADED: We upgraded to the libunblufilter 1.7.7. (NEVISPROXY-7509)
  • UPGRADED: We upgraded to OpenSSL version 3.0.16. (NEVISPROXY-7506)
  • UPGRADED: We upgraded to APR 1.7.5. (NEVISPROXY-7495)
  • UPGRADED: We upgraded Apache HTTP Server to 2.4.63. (NEVISPROXY-7484)
  • UPGRADED: We upgraded mod_qos to 11.76. (NEVISPROXY-7453)

Notes

Gemalto Engine Support

Because of the OpenSSL upgrade to version 3.0 some signature algorithms using the Gemalto engine didn't work any more. To fix this, add this line in the env.conf file:

 APACHE_VERSION=2.4.gem

nevisProxy 7.2411.1 LTS2024 - 30.01.2025

Changes and new features

  • FIXED: We added the property 'ch.nevis.bc.net.AllowResponseWithoutContentLengthNorChunk' to fix the handling of responses without Content-Length or Transfer-Encoding headers. (NEVISPROXY-7473)
  • FIXED: We fixed multi-value dTB tracing with OpenTelemetry. (NEVISPROXY-7434)
  • FIXED: We fixed a possible dead-lock in the MySQLSessionStoreServlet, and we added the error code 2014 to the default ConnectionErrorCodes. (NEVISPROXY-7431)
  • UPGRADED: We upgraded to OpenTelemetry 1.18.0. (NEVISPROXY-7383)

nevisProxy 7.2411.0 LTS2024 - 20.11.2024

Changes and new features

  • NEW: We added the parameter Sampler to the OpenTelemetry tracing. (NEVISPROXY-7243)
  • FIXED: We fixed the possible ModSecurityFilter segmentation fault when DelegateFromTx parameter was configured. (NEVISPROXY-7362)
  • FIXED: We fixed the issue where the ErrorFilter did only replace placeholders for text/* Content-Types when the Resource was a Servlet. See the new parameter PlaceHolders.ContentTypes.. (NEVISPROXY-7313)
  • FIXED: We fixed the error which may have occurred if a ModSecurityFilter was mapped before an ICAPFilter. (NEVISPROXY-7170)
  • FIXED: We fixed a possible memory leak if SSLCheckPeerHostname.AllowWildcards was set to true in the HttpsConnectorServlet. (NEVISPROXY-7162)
  • FIXED: We fixed the issue that op tracing wasn't working anymore in some nevis components. This issue has been introduced in version 7.2405.2.0. (NEVISPROXY-7341)
  • CHANGED: We added experimental support for client certificates with HTTP/2 frontend connections. (NEVISPROXY-7160)
  • CHANGED: We improved the nevisproxy version written in telemetry reports. (NEVISPROXY-7129)
  • UPGRADED: We upgraded to nghttp2 1.64.0. (NEVISPROXY-7353)
  • UPGRADED: We upgraded to OpenTelemetry 1.16.1. (NEVISPROXY-7238)
  • UPGRADED: We upgraded to nghttp2 1.62.1. (NEVISPROXY-7156)
  • UPGRADED: We upgraded to Lua 5.4.6. (NEVISPROXY-7147)
  • UPGRADED: We upgraded to mod_qos 11.75. (NEVISPROXY-6705)
  • DOCUMENTATION: We improved the documentation for Securosys integration. (NEVISPROXY-7277)

Notes

SLES15 support

nevisProxy 7.2405.2 LTS2024 - 27.09.2024

Changes and new features

  • NEW: The OpenTelemetry traces now contain the dt and cR values. (NEVISPROXY-7259)
  • NEW: We added the parameter Sampler to the OpenTelemetry tracing. (NEVISPROXY-7243)
  • FIXED: We fixed the bug where a race condition followed by a NullPointerException was triggered when using the MultiLevelSessionStoreServlet and a custom based SessionManagementFilter. (NEVISPROXY-7307)
  • FIXED: We fixed the issue where the ErrorFilter did only replace placeholders for text/* Content-Types when the Resource was a Servlet. See the new parameter PlaceHolders.ContentTypes. (NEVISPROXY-7313)
  • FIXED: We fixed the issue where Events and Logout-Cookies were not visible in LuaFilters for logout requests. (NEVISPROXY-7282)
  • UPGRADED: We upgraded to OpenSSL version 3.0.15. (NEVISPROXY-7310)
  • UPGRADED: We upgraded nghttp2 to version 1.63.0. (NEVISPROXY-7297)
  • UPGRADED: We upgraded to Apache HTTP Server to v2.4.62. (NEVISPROXY-7247)
  • UPGRADED: We upgraded the OpenTelemetry library to version 1.16.1. (NEVISPROXY-7238)
  • UPGRADED: We upgraded ModSecurity to version 3.0.13. (NEVISPROXY-7009)
  • DOCUMENTATION: We improved the documentation of the H2 tag in navajo.xml. (NEVISPROXY-7232)

nevisProxy 7.2405.1 LTS2024 - 25.07.2024

Changes and new features

  • FIXED: We fixed the error which may have occurred if a ModSecurityFilter was mapped before an ICAPFilter. (NEVISPROXY-7170)
  • FIXED: We fixed a possible memory leak if SSLCheckPeerHostname.AllowWildcards was set to true in the HttpsConnectorServlet. (NEVISPROXY-7162)
  • CHANGED: We improved the startup time of nevisProxy. (NEVISPROXY-7228)
  • CHANGED: We improved the MultiLevelSessionStoreServlet for parallel login requests. (NEVISPROXY-7207)
  • CHANGED: We added experimental support for client certificates with HTTP/2 frontend connections. (NEVISPROXY-7160)
  • CHANGED: We improved the nevisproxy version written in telemetry reports. (NEVISPROXY-7129)
  • UPGRADED: We upgraded to Apache HTTP Server version 2.4.61. (NEVISPROXY-7220)
  • UPGRADED: We upgraded to OpenSSL 3.0.14. (NEVISPROXY-7188)
  • UPGRADED: We upgraded nghttp2 to version 1.62.1. (NEVISPROXY-7156)
  • UPGRADED: We upgraded to Lua 5.4.6. (NEVISPROXY-7147)
  • UPGRADED: We upgraded to mod_qos v11.75. (NEVISPROXY-6705)

nevisProxy 7.2405.0 LTS2024 - 15.05.2024

Changes and new features

  • NEW: We added the parameter CaptureResponseHeaders to the OpenTelemetry trace configuration. (NEVISPROXY-7055)
  • NEW: We added the parameter CaptureRequestHeaders to the OpenTelemetry trace configuration. (NEVISPROXY-7045)
  • NEW: We added the parameter ResourceServiceName to the OpenTelemetry configuration. (NEVISPROXY-6964)
  • NEW: We added the parameter EnableMetrics to the Http[s]ConnectorServlet, Esauth4ConnectorServlet and WebSocketServlet. (NEVISPROXY-6949)
  • FIXED: We trace now the correct SHA256 hashed and base64 encoded cookie value in NProxyOp. (NEVISPROXY-6989)
  • UPGRADED: We upgraded zlib to 1.2.13. (NEVISPROXY-7121)
  • UPGRADED: We upgraded nghttp2 to 1.61.0. (NEVISPROXY-7075)
  • UPGRADED: We upgraded to Apache httpd/2.4.59. (NEVISPROXY-6880)
  • REMOVED: We removed the deprecated TelemetryFilter. (NEVISPROXY-6955)
  • DOCUMENTATION: We added the migration guide for LTS21 to LTS24. (NEVISPROXY-6999)

Notes

  • The upgraded Apache version httpd/2.4.59 also contains the fix for the DH certificate bug.