*) Feature: the ngx_http_perl_module supports the $r->args and
       $r->unescape methods.

    *) Feature: the method $r->query_string of ngx_http_perl_module was
       canceled.

    *) Bugfix: segmentation fault was occurred if the "none" or "blocked"
       values was specified in the "valid_referers" directive; the bug had
       appeared in 0.3.18.

    *) Feature: the ngx_http_perl_module.

    *) Change: the "valid_referers" directive allows the referreres without
       URI part.

    *) Feature: the "path" and "alias" directives support the variables.

    *) Change: now the "valid_referers" directive again checks the URI part.

    *) Bugfix: in SSI handling.

    *) Feature: the ngx_http_map_module.

    *) Feature: the "types_hash_max_size" and "types_hash_bucket_size"
       directives.

    *) Feature: the "ssi_value_length" directive.

    *) Feature: the "worker_rlimit_core" directive.

    *) Workaround: the connection number in logs was always 1 if nginx was
       built by the icc 8.1 or 9.0 compilers with optimization for
       Pentium 4.

    *) Bugfix: the "config timefmt" SSI command set incorrect time format.

    *) Bugfix: nginx did not close connection to IMAP/POP3 backend for the
       SSL connections; the bug had appeared in 0.3.13.
       Thanks to Rob Mueller.

    *) Bugfix: segmentation fault may occurred in at SSL shutdown; the bug
       had appeared in 0.3.13.

    *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS.

    *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and
       /dev/poll methods.

    *) Bugfix: in SSI handling.

    *) Bugfix: now Solaris sendfilev() is not used to transfer the client
       request body to FastCGI-server via the unix domain socket.

    *) Bugfix: the "auth_basic" directive did not disable the
       authorization; the bug had appeared in 0.3.11.

    *) Security: if nginx was built with the ngx_http_realip_module and the
       "satisfy_any on" directive was used, then access and authorization
       directives did not work. The ngx_http_realip_module was not built
       and is not built by default.

    *) Change: the "$time_gmt" variable name was changed to "$time_local".

    *) Change: the "proxy_header_buffer_size" and
       "fastcgi_header_buffer_size" directives was renamed to the
       "proxy_buffer_size" and "fastcgi_buffer_size" directives.

    *) Feature: the ngx_http_memcached_module.

    *) Feature: the "proxy_buffering" directive.

    *) Bugfix: the changes in accept mutex handling when the "rtsig" method
       was used; the bug had appeared in 0.3.0.

    *) Bugfix: if the client sent the "Transfer-Encoding: chunked" header
       line, then nginx returns the 411 error.

    *) Bugfix: if the "auth_basic" directive was inherited from the http
       level, then the realm in the "WWW-Authenticate" header line was
       without the "Basic realm" text.

    *) Bugfix: if the "combined" format was explicitly specified in the
       "access_log" directive, then the empty lines was written to the log;
       the bug had appeared in 0.3.8.

    *) Bugfix: nginx did not run on the sparc platform under any OS except
       Solaris.

    *) Bugfix: now it is not necessary to place space between the quoted
       string and closing bracket in the "if" directive.

    *) Change: the "valid_referers" directive and the "$invalid_referer"
       variable were moved to the new ngx_http_referer_module from the
       ngx_http_rewrite_module.

    *) Change: the "$apache_bytes_sent" variable name was changed to
       "$body_bytes_sent".

    *) Feature: the "$sent_http_..." variables.

    *) Feature: the "if" directive supports the "=" and "!=" operations.

    *) Feature: the "proxy_pass" directive supports the HTTPS protocol.

    *) Feature: the "proxy_set_body" directive.

    *) Feature: the "post_action" directive.

    *) Feature: the ngx_http_empty_gif_module.

    *) Feature: the "worker_cpu_affinity" directive for Linux.

    *) Bugfix: the "rewrite" directive did not unescape URI part in
       redirect, now it is unescaped except the %00-%25 and %7F-%FF
       characters.

    *) Bugfix: nginx could not be built by the icc 9.0 compiler.

    *) Bugfix: if the SSI was enabled for zero size static file, then the
       chunked response was encoded incorrectly.

    *) Security: nginx now checks URI got from a backend in
       "X-Accel-Redirect" header line or in SSI file for the "/../" paths
       and zeroes.

    *) Change: nginx now does not treat the empty user name in the
       "Authorization" header line as valid one.

    *) Feature: the "ssl_session_timeout" directives of the
       ngx_http_ssl_module and ngx_imap_ssl_module.

    *) Feature: the "auth_http_header" directive of the
       ngx_imap_auth_http_module.

    *) Feature: the "add_header" directive.

    *) Feature: the ngx_http_realip_module.

    *) Feature: the new variables to use in the "log_format" directive:
       $bytes_sent, $apache_bytes_sent, $status, $time_gmt, $uri,
       $request_time, $request_length, $upstream_status,
       $upstream_response_time, $gzip_ratio, $uid_got, $uid_set,
       $connection, $pipe, and $msec. The parameters in the "%name" form
       will be canceled soon.

    *) Change: now the false variable values in the "if" directive are the
       empty string "" and string starting with "0".

    *) Bugfix: while using proxied or FastCGI-server nginx may leave
       connections and temporary files with client requests in open state.

    *) Bugfix: the worker processes did not flush the buffered logs on
       graceful exit.

    *) Bugfix: if the request URI was changes by the "rewrite" directive
       and the request was proxied in location given by regular expression,
       then the incorrect request was transferred to backend; the bug had
       appeared in 0.2.6.

    *) Bugfix: the "expires" directive did not remove the previous
       "Expires" header.

    *) Bugfix: nginx may stop to accept requests if the "rtsig" method and
       several worker processes were used.

    *) Bugfix: the "\"" and "\'" escape symbols were incorrectly handled in
       SSI commands.

    *) Bugfix: if the response was ended just after the SSI command and
       gzipping was used, then the response did not transferred complete or
       did not transferred at all.

    *) Change: the "bl" and "af" parameters of the "listen" directive was
       renamed to the "backlog" and "accept_filter".

    *) Feature: the "rcvbuf" and "sndbuf" parameters of the "listen"
       directive.

    *) Change: the "$msec" log parameter does not require now the
       additional the gettimeofday() system call.

    *) Feature: the -t switch now tests the "listen" directives.

    *) Bugfix: if the invalid address was specified in the "listen"
       directive, then after the -HUP signal nginx left an open socket in
       the CLOSED state.

    *) Bugfix: the mime type may be incorrectly set to default value for
       index file with variable in the name; the bug had appeared in 0.3.0.

    *) Feature: the "timer_resolution" directive.

    *) Feature: the millisecond "$upstream_response_time" log parameter.

    *) Bugfix: a temporary file with client request body now is removed
       just after the response header was transferred to a client.

    *) Bugfix: OpenSSL 0.9.6 compatibility.

    *) Bugfix: the SSL certificate and key file paths could not be relative.

    *) Bugfix: the "ssl_prefer_server_ciphers" directive did not work in
       the ngx_imap_ssl_module.

    *) Bugfix: the "ssl_protocols" directive allowed to specify the single
       protocol only.

    *) Feature: the Sun Studio 10 C compiler support.

    *) Feature: the "proxy_upstream_max_fails",
       "proxy_upstream_fail_timeout", "fastcgi_upstream_max_fails", and
       "fastcgi_upstream_fail_timeout" directives.