Versions Compared

Old Version 1

changes.mady.by.user Leif Hedstrom

Saved on

compared with

New Version 2

changes.mady.by.user Leif Hedstrom

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Dynamic TLS record size tuning.
  • Add forward secrecy support with DHE.
  • Add ssl_pre_handshake hook for better plugin access to SSL handling.
  • Improved session cache, for better performance and scalability

Jira: TS-2956, TS-3080

Minor Changes

 

Minor Changes

traffic_line can now do VIA string decoding.

Usage:

  traffic_line --decode_via <via-string-here>

Jira: TS-2904

Many potential bugs were fixed by using Co-Verity and clang static checks.

A lot of work was done at a mini-summit during the summer

Jira: TS-1475

Support for TOS setting on TCP sockets.

Jira: TS-2995

Log filters on IP fields works

Log fields that are IP address can be used for log filters. This can be done per IP address or by range

Jira: TS-698

Base string for stripe assignment allocation is now configurable

  • .
  • New configuration for OpenSSL session cache, proxy.config.ssl.session_cache.auto_clear.

Jira: TS-2503, TS-2417, TS-2956, TS-3080, TS-3127

Minor Changes

 This is a maintenance feature to help preserve the cache when the operating system paths to the storage devices changes.

Jira: TS-3000

Developer Changes

  • xptr was removed and replaced with ats_scoped_str, ats_scoped_obj and ats_scoped_ptr for temporarily or contingently allocated resources.
  • The Doc header was changed to store per object version information.
  • traffic_manager was moved to the cmd directory.
  • libutils was merged in to libmgmt.
  • WebMgmtUtils moved to libmgmt.

5.1.1 Security Update

Due to security issues in 5.1.0, a possibly incompatible change was made to 5.1.1.

CVE-2014-3566 details a security vulnerability in SSL v3. Traffic Server was updated to disable SSL v3 in the default configuration. Explicit administrator action is required to enable user agents to use SSL v3 to connect to Traffic Server. SSL v3 is a very old protocol and should not be used and Traffic Server recommends leaving SSL v3 disabled.

CVW-2014-3624 details a potential Traffic Server vulnerability due to a change in how remap works This error has been fixed (TS-2677) in version 5.1.1 and requires no action on the part of the administrator beyond installing 5.1.1.

5.1.2 Security Update

Due to security issues in 5.1.1 a 5.1.2 release has been issued. It should require no changes to replace 5.1.1.

 

...