Announcing:
LiteSpeed Web Server v5.3.8
In this release: new broadcast notification feature, bug fixes, and more!
RELEASE LOG:
[Security] Added built-in filter to block attempts at hacking LiteMage with crafted ESI requests.
[New Feature] lscmctl script can now be used to install/uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel.
[New Feature] Recommend a plugin or broadcast a message to all discovered WordPress installations with the dash notify feature, available in both the lscmctl script and WHM plugin.
[Improvement] Bundled WHM and user-end cPanel plugins have been updated to v3.3.1 and v1.2.0.2 respectively.
[Improvement] Support request header sizes of up to 64K.
[Improvement] Ignore <if> <else> <elseif> configuration contexts.
[Improvement] Added support for Apache configuration directive "Require ip ...".
[Improvement] Improved lsup.sh with stable release tier.
[Improvement] Improved rc-inst.sh to install systemd unit file for Plesk + Debain/Ubuntu.
[Improvement] Improved NodeJS application compatibility and mod_passenger configuration handling.
[Improvement] Added autoconfig for PHP 7.4.
[Improvement] Improved compatibility with LSAPI 7.3 .
[Improvement] Improved HPACK encoding performance.
[Improvement] Cache engine now updates "X-LiteSpeed-Cache-Control max-age" value based on actual expire time when a front-end lscache proxy exists.
[Improvement] Improved compatibility with Apache mod_security on variables REQUEST_BODY, REQUEST_FILENAME and LAST_UPDATE_TIME.
[Improvement] Fixed PHP handler compatibility issues with Plesk's updated configuration template.
[Improvement] Improved WordPress brute force detection IP logging.
[Bug fix] Fixed an Apache SSL vhost SNI configuration bug.
[Bug fix] Fixed a QuicEngine bug that could cause broken responses.
[Bug fix] Fixed a cache + ESI engine bug that caused random server crashes.
[Bug fix] Fixed rewrite engine infinite loop when rewrite map file is stored in an NFS mount.
[Bug fix] Improved detached mode process manager to accurately stop detached processes when requested.
[Bug Fix] Added User-Agent and Referer headers to server pushed requests to avoid failing possible checks in a user's custom configuration.
[Bug Fix] Fixed FreeBSD 100% cpu usage for kqueue event loops when AIO logging is enabled.
[Bug Fix] Fixed an SSL OCSP stapling bug.
[Bug Fix] Fixed broken server restart when port offset had been set.
[Bug Fix] Fixed a memory leak in the GeoIP module.
https://www.litespeedtech.com/products/litespeed-web-server/release-log
Please remember, there may be some delay between this announcement and the ability to auto-update. If you don't want to wait, you can update manually via the following command:
/usr/local/lsws/admin/misc/lsup.sh -f -v 5.3.8
LiteSpeed Web Server v5.3.8
In this release: new broadcast notification feature, bug fixes, and more!
RELEASE LOG:
[Security] Added built-in filter to block attempts at hacking LiteMage with crafted ESI requests.
[New Feature] lscmctl script can now be used to install/uninstall the LiteSpeed Web Cache Manager user-end plugin for cPanel.
[New Feature] Recommend a plugin or broadcast a message to all discovered WordPress installations with the dash notify feature, available in both the lscmctl script and WHM plugin.
[Improvement] Bundled WHM and user-end cPanel plugins have been updated to v3.3.1 and v1.2.0.2 respectively.
[Improvement] Support request header sizes of up to 64K.
[Improvement] Ignore <if> <else> <elseif> configuration contexts.
[Improvement] Added support for Apache configuration directive "Require ip ...".
[Improvement] Improved lsup.sh with stable release tier.
[Improvement] Improved rc-inst.sh to install systemd unit file for Plesk + Debain/Ubuntu.
[Improvement] Improved NodeJS application compatibility and mod_passenger configuration handling.
[Improvement] Added autoconfig for PHP 7.4.
[Improvement] Improved compatibility with LSAPI 7.3 .
[Improvement] Improved HPACK encoding performance.
[Improvement] Cache engine now updates "X-LiteSpeed-Cache-Control max-age" value based on actual expire time when a front-end lscache proxy exists.
[Improvement] Improved compatibility with Apache mod_security on variables REQUEST_BODY, REQUEST_FILENAME and LAST_UPDATE_TIME.
[Improvement] Fixed PHP handler compatibility issues with Plesk's updated configuration template.
[Improvement] Improved WordPress brute force detection IP logging.
[Bug fix] Fixed an Apache SSL vhost SNI configuration bug.
[Bug fix] Fixed a QuicEngine bug that could cause broken responses.
[Bug fix] Fixed a cache + ESI engine bug that caused random server crashes.
[Bug fix] Fixed rewrite engine infinite loop when rewrite map file is stored in an NFS mount.
[Bug fix] Improved detached mode process manager to accurately stop detached processes when requested.
[Bug Fix] Added User-Agent and Referer headers to server pushed requests to avoid failing possible checks in a user's custom configuration.
[Bug Fix] Fixed FreeBSD 100% cpu usage for kqueue event loops when AIO logging is enabled.
[Bug Fix] Fixed an SSL OCSP stapling bug.
[Bug Fix] Fixed broken server restart when port offset had been set.
[Bug Fix] Fixed a memory leak in the GeoIP module.
https://www.litespeedtech.com/products/litespeed-web-server/release-log
Please remember, there may be some delay between this announcement and the ability to auto-update. If you don't want to wait, you can update manually via the following command:
/usr/local/lsws/admin/misc/lsup.sh -f -v 5.3.8