Heute ist eine neue Version des Apache Servers ersschienen.
Der [URL=“http://de.wikipedia.org/wiki/Apache_HTTP_Server“]Apache[/URL] HTTP Server ist ein Produkt der Apache Software Foundation und der meistbenutzte Webserver im Internet.
Changelog:
[code]Changes with Apache 2.2.9
*) SECURITY: CVE-2008-2364 (cve.mitre.org)
mod_proxy_http: Better handling of excessive interim responses
from origin server to prevent potential denial of service and high
memory usage. Reported by Ryujiro Shibuya. [Ruediger Pluem,
Joe Orton, Jim Jagielski]
*) SECURITY: CVE-2007-6420 (cve.mitre.org)
mod_proxy_balancer: Prevent CSRF attacks against the balancer-manager
interface. [Joe Orton]
*) core: Fix address-in-use startup failure on some platforms caused
by creating an IPv4 listener which overlaps with an existing IPv6
listener. [Jeff Trawick]
*) mod_proxy: Make all proxy modules nocanon aware and do not add the
query string again in this case. PR 44803.
[Jim Jagielski, Ruediger Pluem]
*) mod_unique_id: Fix timestamp value in UNIQUE_ID. *) htpasswd: Fix salt generation weakness. PR 31440 *) core: Add the filename of the configuration file to the warning message *) scoreboard: Remove unused proxy load balancer elements from scoreboard *) mod_proxy: Support environment variable interpolation in reverse *) suexec: When group is given as a numeric gid, validate it by looking up *) Fix garbled TRACE response on EBCDIC platforms. *) ab: Include *) ab: Improve client performance by clearing connection pool instead *) ab: Don’t stop sending a request if EAGAIN is returned, which *) ab: Overhaul stats collection and reporting to avoid integer *) ab: Add -r option to continue after socket receive errors. *) core: Do not allow Options ALL if not all options are allowed to be *) mod_cache: Handle If-Range correctly if the cached resource was stale. *) mod_proxy: Do not try a direct connection if the connection via a *) mod_proxy_ajp: Do not retry request in the case that we either failed to *) mod_rewrite: Initialize hash needed by ap_register_rewrite_mapfunc early *) mod_dav: Return „method not allowed“ if the destination URI of a WebDAV *) http_filters: Don’t return 100-continue on redirects. PR 43711 *) mod_ssl: Fix a memory leak with connections that have zlib compression *) mod_proxy: Trigger a retry by the client in the case we fail to read the *) gen_test_char: add double-quote to the list of T_HTTP_TOKEN_STOP. *) core: reinstate location walk to fix config for subrequests *) rotatelogs: Log the current file size and error code/description *) rotatelogs: Added ‚-f‘ option to force rotatelogs to create the *) rotatelogs: Don’t leak memory when reopening the logfile. *) rotatelogs: Improve atomicity when using -l and cleaup code. *) mod_authn_dbd: Disambiguate and tidy database authentication *) mod_headers: Add ‚merge‘ option to avoid duplicate values within *) mod_cgid: Explicitly set permissions of the socket (ScriptSock) shared by *) mod_cgid: Don’t try to restart the daemon if it fails to initialize *) mod_log_config: Add format options for %p so that the actual local *) Added ‚disablereuse‘ option for ProxyPass which, essentially, *) mod_speling: remove regression from 1.3/2.0 behavior and *) mod_substitute: The default is now flattening the buckets after *) http_filters: Don’t spin if get an error when reading the *) ab: Do not try to read non existing response bodies of HEAD requests. *) ab: Use a 64 bit unsigned int instead of a signed long to count the *) ProxyPassReverse is now balancer aware. [Jim Jagielski]
*) mod_include: Correctly handle SSI directives split over multiple filter *) mod_cache: Revalidate cache entities which have Cache-Control: no-cache *) mod_rewrite: Check all files used by DBM maps for freshness, mod_rewrite *) mod_proxy: Lower memory consumption for short lived connections. *) mod_proxy: Keep connections to the backend persistent in the HTTPS case. *) Don’t add bogus duplicate Content-Language entries *) Worker / Event MPM: Fix race condition in pool recycling that leads to *) mod_proxy_ftp: Fix base for directory listings. *) mod_logio: Provide optional function to allow modules to adjust the *) http_filters: Don’t return 100-continue on client error *) mod_charset_lite: Add TranslateAllMimeTypes sub-option to *) mod_proxy_http: Fix processing of chunked responses if *) mod_proxy_http: Return HTTP status codes instead of apr_status_t *) mod_rewrite: Don’t canonicalise URLs with [P,NE]
PR 43319 [ Quelle: [URL]http://www.apache.org/dist/httpd/CHANGES_2.2[/URL]
test sfsdfsdfsdf
PR 37064 [Kobayashi
[Andreas Krennmair
Paul Querna]
about the useless use of AllowOverride. PR 39992.
[Darryl Miles
image (not scoreboard memory itself). [Chris Darroch]
proxying directives. [Nick Kew]
the actual group name such that the name can be used in log entries.
PR 7862 [
[David Jones
INT_MAX (defined there on Windows) for the definition of MAX_REQUESTS.
PR 45024 [Ruediger Pluem]
of destroying it. PR 40054 [Brad Roberts
will only happen if both the write and subsequent wait are
returning EAGAIN, and count posted bytes correctly when the initial
write of a request is not complete. PR 10038, 38861, 39679
[Patrick McManus
Stefan Fleiter
Davanum Srinivas, Roy T. Fielding]
truncation and time divisions within the test loop, retain
native time resolution until output, remove unused data,
consistently round milliseconds, and generally avoid losing
accuracy of calculation due to type casts. PR 44878, 44931.
[Roy T. Fielding]
[Filip Hanik
overwritten. PR 44262 [Michał Grzędzicki
PR 44579 [Ruediger Pluem]
remote proxy failed before and the request has a request body.
[Ruediger Pluem]
sent a part of the request body or if the request is not idempotent.
PR 44334 [Ruediger Pluem]
enough. PR 44641 [Daniel Lescohier
copy / move operation is no DAV resource. PR 44734 [Ruediger Pluem]
[Ruediger Pluem]
turned on. PR 44975 [Joe Orton, Amund Elstad
Dr Stephen Henson
response line from the backend by closing the connection to the client.
PR 37770 [Ruediger Pluem]
PR 9727 [Ville Skytt
PR 41960 [Jose Kahan
when failing to write to the log file. [Jeff Trawick]
logfile as soon as started, and not wait until it reads the
first entry. [Jim Jagielski]
PR 40183 [Ruediger Pluem, Takashi Sato
PR 44004 [Rainer Jung]
error messages. PR 43210. [Chris Darroch, Phil Endecott
the same header. [Chris Darroch]
mod_cgid and request processing threads, for OS’es such as HPUX and AIX
that do not use umask for AF_UNIX socket permissions.
[Eric Covener, Jeff Trawick]
the socket. [Jeff Trawick]
or remote port can be logged. PR 43415. [Adam Hasselbalch Hansen
disables connection pooling for the backend servers.
[Jim Jagielski]
drop dependency between mod_speling and AcceptPathInfo.
PR 43562 [Jose Kahan
each substitution. The newly added ‚q‘ flag allows for the
quicker, more efficient bucket-splitting if the user so
desires. [Jim Jagielski]
next chunk. PR 44381 [Ruediger Pluem]
PR 34275 [Takashi Sato
bytes transferred to avoid integer overflows. PR 44346 [Ruediger Pluem]
passes. PR 44447 [Harald Niesche
set in their response headers. PR 44511 [Ruediger Pluem]
didn’t pick up on updated sdbm maps due to this.
PR41190 [Niklas Edmundsson]
PR 44026. [Ruediger Pluem]
[Ruediger Pluem]
PR 11035 [Davi Arnaut]
segmentation faults under load. PR 44402
[Basant Kumar Kukreja
PR 27834 [Nick Kew]
bytes_in count [Eric Covener]
PR 43711 [Chetan Reddy
CharsetOptions, allowing the administrator to skip the
mimetype checking that precedes translation.
PR 44458 [Eric Covener]
Connection: Transfer-Encoding is set in the response of the proxied
system. PR 44311 [Ruediger Pluem]
values for errors encountered while forwarding the request body
PR 44165 [Eric Covener]