Apache HTTP Server 2.0.53 - Download-Inside

Software

Der Sourcecode des weltweit populärsten Webservers Apache liegt nun in der Version 2.0.53 für Linux vor. Die Changelog beinhaltet hauptsächlich Bugfixes und wird von den Entwicklern als beste verfügbare Version des Apache angesehen.

Eine Windows-Version soll in Kürze folgen. Dieses Release ist zu Modulen kompatibel, die für Apache 2.0.42 und später kompiliert wurden. Ein Update bestehender Versionen wird empfohlen.

Changelog

  • SECURITY: CAN-2004-0942 (cve.mitre.org) Fix for memory consumption DoS in handling of MIME folded request headers. [Joe Orton]
  • SECURITY: CAN-2004-0885 (cve.mitre.org) mod_ssl: Fix a bug which allowed an SSLCipherSuite setting to be bypassed during an SSL renegotiation. PR 31505. [Hartmut Keil , Joe Orton]
  • Fix --with-apr=/usr and/or --with-apr-util=/usr. PR 29740. [Max Bowsher ]
  • mod_proxy: Fix ProxyRemoteMatch directive. PR 33170. [Rici Lake ]
  • mod_proxy: Respect errors reported by pre_connection hooks. [Jeff Trawick]
  • --with-module can now take more than one module to be statically linked: --with-module=:,:,... If the -subdirectory doesn't exist it will be created and populated with a standard Makefile.in. [Erik Abele]
  • Fix the RPM spec file so that an RPM build now works. An RPM build now requires system installations of APR and APR-util. Remove some arbitrary moving around of binaries - the RPM now maps to the ASF build of httpd. [Graham Leggett]
  • mod_dumpio, an I/O logging/dumping module, added to the modules/expermimental subdirectory. [Jim Jagielski]
  • mod_auth_ldap: Handle the inconsistent way in which the MS LDAP library handles special characters. PR 24437. [Jess Holle]
  • Win32 MPM: Correct typo in debugging output. [William Rowe]
  • conf: Remove AddDefaultCharset from the default configuration because setting a site-wide default does more harm than good. PR 23421. [Roy Fielding]
  • Add charset to example CGI scripts. [Roy Fielding]
  • mod_ssl: fail quickly if SSL connection is aborted rather than making many doomed ap_pass_brigade calls. PR 32699. [Joe Orton]
  • Remove compiled-in upper limit on LimitRequestFieldSize. [Bill Stoddard]
  • Start keeping track of time-taken-to-process-request again for mod_status if ExtendedStatus is enabled. [Jim Jagielski]
  • mod_proxy: Handle client-aborted connections correctly. PR 32443. [Janne Hietamäki, Joe Orton]
  • Fix handling of files >2Gb on all platforms (or builds) where apr_off_t is larger than apr_size_t. PR 28898. [Joe Orton]
  • mod_include: Fix bug which could truncate variable expansions of N*64 characters by one byte. PR 32985. [Joe Orton]
  • Correct handling of certain bucket types in ap_save_brigade, fixing possible segfaults in mod_cgi with #include virtual. PR 31247. [Joe Orton]
  • Allow for the use of --with-module=foo:bar where the ./modules/foo directory is local only. Assumes, of course, that the required files are in ./modules/foo, but makes it easier to statically build/log "external" modules. [Jim Jagielski]
  • Util_ldap: Implemented the util_ldap_cache_getuserdn() API so that ldap authorization only modules have access to the util_ldap user cache without having to require ldap authentication as well. PR 31898. [Jari Ahonen jah progress.com, Brad Nicholes]
  • mod_auth_ldap: Added the directive "Requires ldap-attribute" that allows the module to only authorize a user if the attribute value specified matches the value of the user object. PR 31913 [Ryan Morgan ]
  • mod_ssl: Fail at startup rather than segfault at runtime if a client cert is configured with an encrypted private key. PR 24030. [Joe Orton]
  • apxs: fix handling of -Wc/-Wl and "-o mod_foo.so". PR 31448 [Joe Orton]
  • mod_ldap: Fix format strings to use %APR_PID_T_FMT instead of %d. [Jeff Trawick]
  • mod_cache: CacheDisable will only disable the URLs it was meant to disable, not all caching. PR 31128. [Edward Rudd , Paul Querna]
  • mod_cache: Try to correctly follow RFC 2616 13.3 on validating stale cache responses. [Justin Erenkrantz]
  • mod_rewrite: Handle per-location rules when r->filename is unset. Previously this would segfault or simply not match as expected, depending on the platform. [Jeff Trawick]
  • mod_rewrite: Fix 0 bytes write into random memory position. PR 31036. [André Malo]
  • mod_disk_cache: Do not store aborted content. PR 21492. [Rüiger Plü ]
  • mod_disk_cache: Correctly store cached content type. PR 30278. [Rüiger Plü ]
  • mod_ldap: prevent the possiblity of an infinite loop in the LDAP statistics display. PR 29216. [Graham Leggett]
  • mod_ldap: fix a bogus error message to tell the user which file is causing a potential problem with the LDAP shared memory cache. PR 31431 [Graham Leggett]
  • mod_disk_cache: Do not store hop-by-hop headers. [Justin Erenkrantz]
  • Fix the re-linking issue when purging elements from the LDAP cache PR 24801. [Jess Holle ]
  • mod_disk_cache: Fix races in saving responses. [Justin Erenkrantz]
  • Fix Expires handling in mod_cache. [Justin Erenkrantz]
  • Alter mod_expires to run at a different filter priority to allow proper Expires storage by mod_cache. [Justin Erenkrantz]

Lizenz: Apache License (Open-Source)
Informationen: apache.org
Download: httpd-2.0.53.tar.gz | httpd-2.0.53.tar.bz2

Vielen Dank an stefan für diese Information!

Diese Nachricht empfehlen
Kommentieren28
Jetzt einen Kommentar schreiben


Alle Kommentare zu dieser News anzeigen
Kommentar abgeben Netiquette beachten!

Jetzt als Amazon Blitzangebot

Ab 00:00 Uhr Alfred Hitchcock - Collection [7 DVDs]
Alfred Hitchcock - Collection [7 DVDs]
Original Amazon-Preis
16,39
Im Preisvergleich ab
?
Blitzangebot-Preis
12,00
Ersparnis zu Amazon 27% oder 4,39

Video-Empfehlungen

WinFuture Mobil

WinFuture.mbo QR-Code Auch Unterwegs bestens informiert!
Nachrichten und Kommentare auf
dem Smartphone lesen.

Folgt uns auf Twitter

WinFuture bei Twitter

Interessante Artikel & Testberichte

WinFuture wird gehostet von Artfiles

Tipp einsenden