*) Security: an attacker might inject plain text data in the

   from an SSL backend (CVE-2026-1642).

*) Bugfix: use-after-free might occur after switching to the next

   or HTTP/2 backend.

*) Bugfix: an invalid HTTP/2 request might be sent after switching

   the next upstream.

*) Bugfix: a response with multiple ranges might be larger than the
   source response.

*) Bugfix: fixed setting HTTP_HOST when proxying to FastCGI, SCGI,

   uwsgi backends.

*) Bugfix: fixed warning when compiling with MSVC 2022 x86.

*) Change: the logging level of the "ech_required" SSL error has

lowered from "crit" to "info".