CHANGES revision 561dfbf9bb1f0799ca6676e3475703959d3032ad
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi -*- coding: utf-8 -*-
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindiChanges with Apache 2.3.3
80ab886d233f514d54c2a6bdeb9fdfd951bd6881wesolows *) SECURITY: CVE-2009-3095 (cve.mitre.org)
80ab886d233f514d54c2a6bdeb9fdfd951bd6881wesolows mod_proxy_ftp: sanity check authn credentials.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Stefan Fritsch <sf fritsch.de>, Joe Orton]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) SECURITY: CVE-2009-3094 (cve.mitre.org)
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi mod_proxy_ftp: NULL pointer dereference on error paths.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Stefan Fritsch <sf fritsch.de>, Joe Orton]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_dav: Allow other modules to add things to the DAV or Allow headers
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi of an OPTIONS request. [Jari Urpalainen <jari.urpalainen nokia.com>,
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi Brian France <brian brianfrance.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) core: Lower memory usage of core output filter.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Stefan Fritsch <sf sfritsch.de>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_mime: Detect invalid use of MultiviewsMatch inside Location and
80ab886d233f514d54c2a6bdeb9fdfd951bd6881wesolows LocationMatch sections. PR47754. [Dan Poirier]
837416c3fd6b55b504f517ad92a135ead81f4ceacy *) mod_request: Make sure the KeptBodySize directive rejects values
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi that aren't valid numbers. [Graham Leggett]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_session_crypto: Sanity check should the potentially encrypted
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi session cookie be too short. [Graham Leggett]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_session.c: Prevent a segfault when session is added but not
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi configured. [Graham Leggett]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) htcacheclean: 19 ways to fail, 1 error message. Fixed. [Graham Leggett]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_auth_digest: Fail server start when nonce count checking
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi is configured without shared memory, or md5-sess algorithm is
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi configured. [Dan Poirier]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_proxy_connect: The connect method doesn't work if the client is
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi connecting to the apache proxy through an ssl socket. Fixed.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR29744. [Brad Boyer, Mark Cave-Ayland, Julian Gilbey, Fabrice Durand,
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi David Gence, Tim Dodge, Per Gunnar Hans, Emmanuel Elango,
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi Kevin Croft, Rudolf Cardinal]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_ssl: The error message when SSLCertificateFile is missing should
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi at least give the name or position of the problematic virtual host
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi definition. [Stefan Fritsch sf sfritsch.de]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_auth_digest: Fix null pointer when qop=none. [Dan Poirier]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Add support for HTTP PUT to ab. [Jeff Barnes <jbarnesweb yahoo.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_headers: generalise the envclause to support expression
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi evaluation with ap_expr parser [Nick Kew]
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet *) mod_cache: Introduce the thundering herd lock, a mechanism to keep
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi the flood of requests at bay that strike a backend webserver as
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi a cached entity goes stale. [Graham Leggett]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_auth_digest: Fix usage of shared memory and re-enable it.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 16057 [Dan Poirier]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Preserve Port information over internal redirects
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Proxy: unable to connect to a backend is SERVICE_UNAVAILABLE,
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi rather than BAD_GATEWAY or (especially) NOT_FOUND.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 46971 [evanc nortel.com]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Various modules: Do better checking of pollset operations in order to
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi avoid segmentation faults if they fail. PR 46467
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Stefan Fritsch <sf sfritsch.de>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_autoindex: Correctly create an empty cell if the description
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi for a file is missing. PR 47682 [Peter Poeml <poeml suse.de>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) ab: Fix broken error messages after resolver or connect() failures.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Jeff Trawick]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) SECURITY: CVE-2009-1890 (cve.mitre.org)
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi Fix a potential Denial-of-Service attack against mod_proxy in a
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi reverse proxy configuration, where a remote attacker can force a
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) SECURITY: CVE-2009-1191 (cve.mitre.org)
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi mod_proxy_ajp: Avoid delivering content from a previous request which
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi failed to send a request body. PR 46949 [Ruediger Pluem]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) htdbm: Fix possible buffer overflow if dbm database has very
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi long values. PR 30586 [Dan Poirier]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) core: Return APR_EOF if request body is shorter than the length announced
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi by the client. PR 33098 [ Stefan Fritsch <sf sfritsch.de>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_suexec: correctly set suexec_enabled when httpd is run by a
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi non-root user and may have insufficient permissions.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 42175 [Jim Radford <radford blackbean.org>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi type. PR 45107. [Michael Ströder <michael stroeder.com>,
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_proxy_http: fix case sensitivity checking transfer encoding
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_alias: ensure Redirect issues a valid URL.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 44020 [HÃ¥kon Stordahl <hakon stordahl.org>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_dir: add Fallback directive, to enable admin to specify
837416c3fd6b55b504f517ad92a135ead81f4ceacy an action to happen when a URL maps to no file, without resorting
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi to ErrorDocument or mod_rewrite. PR 47184 [Nick Kew]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_cgid: Do not leak the listening Unix socket file descriptor to the
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi CGI process. PR 47335 [Kornél Pál <kornelpal gmail.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_rewrite: Remove locking for writing to the rewritelog.
837416c3fd6b55b504f517ad92a135ead81f4ceacy PR 46942 [Dan Poirier <poirier pobox.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_alias: check sanity in Redirect arguments.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 44729 [Sönke Tesch <st kino-fahrplan.de>, Jim Jagielski]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_proxy_http: fix Host: header for literal IPv6 addresses.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 47177 [Carlos Garcia Braschi <cgbraschi gmail.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_cache: Add CacheIgnoreURLSessionIdentifiers directive to ignore
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi defined session identifiers encoded in the URL when caching.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Ruediger Pluem]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_rewrite: Fix the error string returned by RewriteRule.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi RewriteRule returned "RewriteCond: bad flag delimiters" when the 3rd
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi argument of RewriteRule was not started with "[" or not ended with "]".
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 45082 [Vitaly Polonetsky <m_vitaly topixoft.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Windows: Fix usage message.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Rainer Jung]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) apachectl: When passing through arguments to httpd in
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi non-SysV mode, use the "$@" syntax to preserve arguments.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Eric Covener]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_dbd: add DBDInitSQL directive to enable SQL statements to
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi be run when a connection is opened. PR 46827
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Marko Kevac <mkevac gmail.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_cgid: Improve handling of long AF_UNIX socket names (ScriptSock).
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 47037. [Jeff Trawick]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_proxy_ajp: Check more strictly that the backend follows the AJP
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi protocol. [Mladen Turk]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_proxy_ajp: Forward remote port information by default.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Rainer Jung]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Allow MPMs to be loaded dynamically, as with most other modules. This
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi required changes to the MPM interfaces. Removed: mpm.h, mpm_default.h
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi (as an installed header), APACHE_MPM_DIR, MPM_NAME, ap_threads_per_child,
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi ap_max_daemons_limit, ap_my_generation, etc. ap_mpm_query() can't be
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi called until after the register-hooks phase. [Jeff Trawick]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_ssl: Add SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi to enable stricter checking of remote server certificates.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Ruediger Pluem]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) ab: Fix a 100% CPU loop on platforms where a failed non-blocking connect
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi returns EINPROGRESS and a subsequent poll() returns only POLLERR.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi Observed on HP-UX. [Eric Covener]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Remove broken support for BeOS, OS/2, TPF, and even older platforms such
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi as A/UX, Next, and Tandem. [Jeff Trawick]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_proxy_ftp: Add ProxyFtpListOnWildcard directive to allow files with
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi globbing characters to be retrieved instead of converted into a
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi directory listing. PR 46789 [Dan Poirier <poirier pobox.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Provide ap_retained_data_create()/ap_retained_data_get() for preservation
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi of module state across unload/load. [Jeff Trawick]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_substitute: Fix a memory leak. PR 44948
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Dan Poirier <poirier pobox.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindiChanges with Apache 2.3.2
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_mime_magic: Fix detection of compressed content. [Rainer Jung]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_negotiation: Escape pathes of filenames in 406 responses to avoid
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi HTML injections and HTTP response splitting. PR 46837.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Geoff Keating <geoffk apple.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_ssl: add support for type-safe STACK constructs in OpenSSL
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi development HEAD. PR 45521. [Kaspar Brand, Sander Temme]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) ab: Fix maintenance of the pollset to resolve EALREADY errors
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi with kqueue (BSD/OS X) and excessive CPU with event ports (Solaris).
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 44584. Use APR_POLLSET_NOCOPY for better performance with some
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi pollset implementations. [Jeff Trawick]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_disk_cache: The module now turns off sendfile support if
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi 'EnableSendfile off' is defined globally. [Lars Eilebrecht]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_deflate: Adjust content metadata before bailing out on 304
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi responses so that the metadata does not differ from 200 response.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Roy T. Fielding]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_deflate: Fix creation of invalid Etag headers. We now make sure
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi that the Etag value is properly quoted when adding the gzip marker.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 39727, 45023. [Lars Eilebrecht, Roy T. Fielding]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Added 20x22 icons for ODF, SVG, and XML documents. PR 37185.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Peter Harlow]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Disabled DefaultType directive and removed ap_default_type()
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi from core. We now exclude Content-Type from responses for which
b7d3956b92a285d8dac2c7f5f7e28d2ef5347ef8stephh a media type has not been configured via mime.types, AddType,
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi ForceType, or some other mechanism. PR 13986. [Roy T. Fielding]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_rewrite: Add IPV6 variable to RewriteCond
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Ryan Phillips <ryan-apache trolocsis.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) core: Enhance KeepAliveTimeout to support a value in milliseconds.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 46275. [Takashi Sato]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) rotatelogs: Allow size units B, K, M, G and combination of
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi time and size based rotation. [Rainer Jung]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) rotatelogs: Add flag for verbose (debug) output. [Rainer Jung]
80ab886d233f514d54c2a6bdeb9fdfd951bd6881wesolows *) mod_ssl: Fix merging of SSLRenegBufferSize directive. PR 46508
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [<tlhackque yahoo.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) core: Translate the the status line to ASCII on EBCDIC platforms in
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi ap_send_interim_response() and for locally generated "100 Continue"
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi responses. [Eric Covener]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) prefork: Fix child process hang during graceful restart/stop in
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi configurations with multiple listening sockets. PR 42829. [Joe Orton,
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi Jeff Trawick]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_session_crypto: Ensure that SessionCryptoDriver can only be
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi set in the global scope. [Graham Leggett]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_ext_filter: We need to detect failure to startup the filter
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi program (a mangled response is not acceptable). Fix to detect
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi failure, and offer configuration option either to abort or
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi to remove the filter and continue.
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet PR 41120 [Nick Kew]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_session_crypto: Rewrite the session_crypto module against the
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi apr_crypto API. [Graham Leggett]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_auth_form: Fix a pool lifetime issue, don't remove the subrequest
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi until the main request is cleaned up. [Graham Leggett]
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreetChanges with Apache 2.3.1
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) ap_slotmem: Add in new slot-based memory access API impl., including
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi 2 providers (mod_sharedmem and mod_plainmem) [Jim Jagielski,
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi Jean-Frederic Clere, Brian Akins <brian.akins turner.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_include: support generating non-ASCII characters as entities in SSI
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 25202 [Nick Kew]
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet *) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet PR 25202 [Nick Kew]
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet *) mod_rewrite: fix "B" flag breakage by reverting r5589343
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet PR 45529 [Bob Ionescu <bobsiegen googlemail.com>]
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet *) CGI: return 504 (Gateway timeout) rather than 500 when a script
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet times out before returning status line/headers.
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet PR 42190 [Nick Kew]
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet *) mod_cgid: fix segfault problem on solaris.
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet PR 39332 [Masaoki Kobayashi <masaoki techfirm.co.jp>]
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet *) mod_proxy_scgi: Added. [André Malo]
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet *) mod_cache: Introduce 'no-cache' per-request environment variable
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet to prevent the saving of an otherwise cacheable response.
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet [Eric Covener]
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet *) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet way that per-directory rewrites append the previous notion of PATH_INFO
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet to each substitution before evaluating subsequent rules.
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet PR 38642 [Eric Covener]
00d0963faf2e861a4aef6b1bf28f99a5b2b20755dilpreet *) mod_cgid: Do not add an empty argument when calling the CGI script.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 46380 [Ruediger Pluem]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) scoreboard: Remove unused sb_type from process_score.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Torsten Foertsch <torsten.foertsch gmx.net>, Chris Darroch]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_ssl: Add SSLRenegBufferSize directive to allow changing the
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi size of the buffer used for the request-body where necessary
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi during a per-dir renegotiation. PR 39243. [Joe Orton]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_proxy_fdpass: New module to pass a client connection over to a separate
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi process that is reading from a unix daemon socket.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_ssl: Improve environment variable extraction to be more
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi efficient and to correctly handle DNs with duplicate tags.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi PR 45975. [Joe Orton]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Remove the obsolete serial attribute from the RPM spec file. Compile
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi against the external pcre. Add missing binaries fcgistarter, and
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi mod_socache* and mod_session*. [Graham Leggett]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindiChanges with Apache 2.3.0
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_ratelimit: New module to do bandwidth rate limiting. [Paul Querna]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Remove X-Pad header which was added as a work around to a bug in
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi Netscape 2.x to 4.0b2. [Takashi Sato <takashi lans-tv.com>]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Add DTrace Statically Defined Tracing (SDT) probes.
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi [Theo Schlossnagle <jesus omniti.com>, Paul Querna]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) mod_proxy_balancer: Move all load balancing implementations
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi as individual, self-contained mod_proxy submodules under
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi modules/proxy/balancers [Jim Jagielski]
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi *) Rename APIs to include ap_ prefix:
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi find_child_by_pid -> ap_find_child_by_pid
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi suck_in_APR -> ap_suck_in_APR
7aec1d6e253b21f9e9b7ef68b4d81ab9859b51fecindi sys_privileges_handlers -> ap_sys_privileges_handlers
privileges and Unix user/group IDs [Nick Kew]
logic replicate 2.2.x authz logic, and replace <Satisfy*>, Reject,
*) unixd: turn existing code into a module, and turn the set user/group
Suggested By André Warnier <aw ice-sa.com> [Eric Covener]
*) mod_ssl: Send Content-Type application/ocsp-request for POST requests to
OSCP responders. PR 46014 [Dr Stephen Henson <steve openssl.org>]
*) Export and install the mod_rewrite.h header to ensure the optional
*) New module mod_sed: filter Request/Response bodies through sed
null value. [David Shane Holden <dpejesh apache.org>]
*) ab: Make ab.c compile on VC6. PR 45024 [Ruediger Pluem]
*) configure: Don't reject libtool 2.x
overwritten. PR 44262 [Michał Grzędzicki <lazy iq.pl>]
PR 44799 [Christian Wenz <christian wenz.org>]
both inside and outside the location/directory sections, as
form request with the type of application/x-www-form-urlencoded.
*) mod_authz_dbd: When redirecting after successful login/logout per
PR 44560 [Anders Kaseorg <anders kaseorg.com>]
mod_cache et.al. to trap the results of the redirect.
PR 34607. [Kaspar Brand <asfbugz velox.ch>]. A test configuration
can be created with test/make_sni.sh [Dirk-Willem van Gulik].
*) ApacheMonitor.exe: Introduce --kill argument for use by the
*) mod_ldap, mod_authnzldap: Add support for nested groups (i.e. the ability
[David Jones <oscaremma gmail.com>]
[David M. Lee <dmlee crossroads.com>]
[Niklas Edmundsson <nikke acc.umu.se>]
[Stijn Hoop <stijn sandcat.nl>]
[Niklas Edmundsson <nikke acc.umu.se>]
final name. [Davi Arnaut <davi haxent.com.br>]
[Markus Schiegl <ms schiegl.com>]
*) Remove incorrect comments from scoreboard.h regarding conditional
[Chris Darroch <chrisd pearsoncmg.com>]
in ap_init_scoreboard(). [Chris Darroch <chrisd pearsoncmg.com>]
[Chris Darroch <chrisd pearsoncmg.com>]
and 'Reject' to mod_authz_core. The new directives introduce 'AND/OR'
*) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew]
Apache 2.2.xx tree as documented, and except as noted, below.]
Changes with Apache 2.2.x and later:
Changes with Apache 2.0.x and later:
Changes with Apache 1.3.x and later: