CHANGES revision fe67b1c1fb2c5cb8905564eaa5650d4986ebac65
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
*) SECURITY: CVE-2012-0883 (cve.mitre.org)
envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
current working directory to be searched for DSOs. [Stefan Fritsch]
*) Fix MPM DSO load failure on AIX. [Jeff Trawick]
*) core: Add the port number to the vhost's name in the scoreboard.
[Stefan Fritsch]
*) mpm_event: Don't do a blocking write when starting a lingering close
from the listener thread. PR 52229. [Stefan Fritsch]
*) core: In maintainer mode, replace apr_palloc with a version that
initializes the allocated memory with non-zero values, except if
AP_DEBUG_NO_ALLOC_POISON is defined. [Stefan Fritsch]
*) mod_log_config: Check during config test that directories for access logs
exist. PR 29941. [Stefan Fritsch]
*) mod_authnz_ldap: Don't try a potentially expensive nested groups
search before exhausting all AuthLDAPGroupAttribute checks on the
current group. PR52464 [Eric Covener]
*) mod_policy: Add a new testing module to help server administrators
enforce a configurable level of protocol compliance on their
servers and application servers behind theirs. [Graham Leggett]
*) mod_firehose: Add a new debugging module able to record traffic
passing through the server in such a way that connections and/or
requests be reconstructed and replayed. [Graham Leggett]
*) Event MPM: Reduce locking by using a lock free circular queue.
*) mod_noloris
*) APREQ
*) Simple MPM
*) mod_serf
[Apache 2.5.0-dev includes those bug fixes and changes with the
Apache 2.4.xx tree as documented below, except as noted.]
Changes with Apache 2.4.x and later:
Changes with Apache 2.2.x and later:
Changes with Apache 2.0.x and later: