Apache HTTP Server full changelog
Apache HTTP Server 2.4.1
released Feb 24, 2012 (New Release)
*) SECURITY: CVE-2012-0053 (cve.mitre.org)
Fix an issue in error responses that could expose quot;httpOnlyquot; cookies
when no custom ErrorDocument is specified for status code 400.
[Eric Covener]
*) mod_proxy_balancer: Fix crash on Windows. PR 52402 [Mladen Turk]
*) core: Check during configtest that the directories for error logs exist.
PR 29941 [Stefan Fritsch]
*) Core configuration: add AllowOverride option to treat syntax
errors in .htaccess as non-fatal. PR 52439 [Nick Kew, Jim Jagielski]
*) core: Fix memory consumption in core output filter with streaming
bucket types like CGI or PIPE. [Joe Orton, Stefan Fritsch]
*) configure: Disable modules at configure time if a prerequisite module
is not enabled. PR 52487. [Stefan Fritsch]
*) Rewrite and proxy now decline what they don't support rather
than fail the request. [Joe Orton]
Fix an issue in error responses that could expose quot;httpOnlyquot; cookies
when no custom ErrorDocument is specified for status code 400.
[Eric Covener]
*) mod_proxy_balancer: Fix crash on Windows. PR 52402 [Mladen Turk]
*) core: Check during configtest that the directories for error logs exist.
PR 29941 [Stefan Fritsch]
*) Core configuration: add AllowOverride option to treat syntax
errors in .htaccess as non-fatal. PR 52439 [Nick Kew, Jim Jagielski]
*) core: Fix memory consumption in core output filter with streaming
bucket types like CGI or PIPE. [Joe Orton, Stefan Fritsch]
*) configure: Disable modules at configure time if a prerequisite module
is not enabled. PR 52487. [Stefan Fritsch]
*) Rewrite and proxy now decline what they don't support rather
than fail the request. [Joe Orton]
Apache HTTP Server 2.2.22
released Feb 6, 2012 (New Release)
· Reject requests where the request-URI does not match the HTTP specification, preventing unexpected expansion of target URLs in some reverse proxy configurations. [Joe Orton]
· Fix integer overflow in ap_pregsub() which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file. [Stefan Fritsch, Greg Ames]
· Resolve additional cases of URL rewriting with ProxyPassMatch or RewriteRule, where particular request-URIs could result in undesired backend network exposure in some configurations. [Joe Orton]
· Fix integer overflow in ap_pregsub() which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file. [Stefan Fritsch, Greg Ames]
· Resolve additional cases of URL rewriting with ProxyPassMatch or RewriteRule, where particular request-URIs could result in undesired backend network exposure in some configurations. [Joe Orton]
Apache HTTP Server 2.2.21
released Sep 19, 2011 (New Release)
· SECURITY: CVE-2011-3348 (cve.mitre.org) mod_proxy_ajp: Respond with HTTP_NOT_IMPLEMENTED when the method is not recognized. [Jean-Frederic Clere]
· Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20. PR 51748. []
· mod_filter: Instead of dropping the Accept-Ranges header when a filter registered with AP_FILTER_PROTO_NO_BYTERANGE is present, set the header value to quot;nonequot;. [Eric Covener, Ruediger Pluem]
· mod_proxy_ajp: Ignore flushing if headers have not been sent. PR 51608 [Ruediger Pluem]
· mod_dav_fs: Fix segfault if apr DBM driver cannot be loaded. PR 51751. [Stefan Fritsch]
· mod_alias: Adjust log severity of quot;incomplete redirection targetquot; message. PR 44020.
· mod_rewrite: Check validity of each internal (int:) RewriteMap even if the RewriteEngine is disabled in server context, avoiding a crash while referencing the invalid int: map at runtime. PR 50994. [Ben Noordhuis ]
· Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20. PR 51748. []
· mod_filter: Instead of dropping the Accept-Ranges header when a filter registered with AP_FILTER_PROTO_NO_BYTERANGE is present, set the header value to quot;nonequot;. [Eric Covener, Ruediger Pluem]
· mod_proxy_ajp: Ignore flushing if headers have not been sent. PR 51608 [Ruediger Pluem]
· mod_dav_fs: Fix segfault if apr DBM driver cannot be loaded. PR 51751. [Stefan Fritsch]
· mod_alias: Adjust log severity of quot;incomplete redirection targetquot; message. PR 44020.
· mod_rewrite: Check validity of each internal (int:) RewriteMap even if the RewriteEngine is disabled in server context, avoiding a crash while referencing the invalid int: map at runtime. PR 50994. [Ben Noordhuis ]
Apache HTTP Server 2.2.20
released Sep 6, 2011 (New Release)
· SECURITY: CVE-2011-3192 (cve.mitre.org)
· core: Fix handling of byte-range requests to use less memory, to avoid denial of service. If the sum of all ranges in a request is larger than the original file, ignore the ranges and send the complete file. PR 51714.
· mod_authnz_ldap: If the LDAP server returns constraint violation,
· don't treat this as an error but as quot;auth deniedquot;.
· mod_filter: Fix FilterProvider conditions of type quot;resp=quot; (response headers) for CGI.
· mod_reqtimeout: Fix a timed out connection going into the keep-alive state after a timeout when discarding a request body. PR 51103.
· core: Do the hook sorting earlier so that the hooks are properly sorted for the pre_config hook and during parsing the config.
· core: Fix handling of byte-range requests to use less memory, to avoid denial of service. If the sum of all ranges in a request is larger than the original file, ignore the ranges and send the complete file. PR 51714.
· mod_authnz_ldap: If the LDAP server returns constraint violation,
· don't treat this as an error but as quot;auth deniedquot;.
· mod_filter: Fix FilterProvider conditions of type quot;resp=quot; (response headers) for CGI.
· mod_reqtimeout: Fix a timed out connection going into the keep-alive state after a timeout when discarding a request body. PR 51103.
· core: Do the hook sorting earlier so that the hooks are properly sorted for the pre_config hook and during parsing the config.
Apache HTTP Server 2.2.19
released May 23, 2011 (New Release)
· Revert ABI breakage in 2.2.18 caused by the function signature change of ap_unescape_url_keep2f(). This release restores the signature from 2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex().
Apache HTTP Server 2.2.18
released May 12, 2011 (New Release)
· coding: utf-8 -*- Changes with Apache 2.2.18
· Log an error for failures to read a chunk-size, and return 408 instead 413 when this is due to a read timeout. This change also fixes some cases of two error documents being sent in the response for the same scenario. [Eric Covener] PR49167
· core: Only log a 408 if it is no keepalive timeout. PR 39785 [Ruediger Pluem, Mark Montague ]
· core: Treat timeout reading request as 408 error, not 400. Log 408 errors in access log as was done in Apache 1.3.x. PR 39785 [Nobutaka Mantani , Stefan Fritsch, Dan Poirier]
· Log an error for failures to read a chunk-size, and return 408 instead 413 when this is due to a read timeout. This change also fixes some cases of two error documents being sent in the response for the same scenario. [Eric Covener] PR49167
· core: Only log a 408 if it is no keepalive timeout. PR 39785 [Ruediger Pluem, Mark Montague ]
· core: Treat timeout reading request as 408 error, not 400. Log 408 errors in access log as was done in Apache 1.3.x. PR 39785 [Nobutaka Mantani , Stefan Fritsch, Dan Poirier]
Apache HTTP Server 2.2.17
released Oct 19, 2010 (New Release)
· prefork MPM: Run cleanups for final request when process exits gracefully to work around a flaw in apr-util.
· mod_reqtimeout: Do not wrongly enforce timeouts for mod_proxy's backend connections and other protocol handlers (like mod_ftp). Enforce the timeout for AP_MODE_GETLINE. If there is a timeout, shorten the lingering close time from 30 to 2 seconds.
· Proxy balancer: support setting error status according to HTTP response code from a backend.
· mod_authnz_ldap: If AuthLDAPCharsetConfig is set, also convert the password to UTF-8. PR 45318.
· core: check symlink ownership if both FollowSymlinks and SymlinksIfOwnerMatch are set
· core: fix origin checking in SymlinksIfOwnerMatch
· mod_headers: Enable multi-match-and-replace edit option
· mod_log_config: Make ${cookie}C correctly match whole cookie names instead of substrings.
· mod_reqtimeout: Do not wrongly enforce timeouts for mod_proxy's backend connections and other protocol handlers (like mod_ftp). Enforce the timeout for AP_MODE_GETLINE. If there is a timeout, shorten the lingering close time from 30 to 2 seconds.
· Proxy balancer: support setting error status according to HTTP response code from a backend.
· mod_authnz_ldap: If AuthLDAPCharsetConfig is set, also convert the password to UTF-8. PR 45318.
· core: check symlink ownership if both FollowSymlinks and SymlinksIfOwnerMatch are set
· core: fix origin checking in SymlinksIfOwnerMatch
· mod_headers: Enable multi-match-and-replace edit option
· mod_log_config: Make ${cookie}C correctly match whole cookie names instead of substrings.
Apache HTTP Server 2.2.16
released Jul 30, 2010 (New Release)
· SECURITY: CVE-2010-1452
· mod_dav, mod_cache: Fix Handling of requests without a path segment.
· SECURITY: CVE-2010-2068
· mod_proxy_ajp, mod_proxy_http, mod_reqtimeout: Fix timeout detection
· for platforms Windows, Netware and OS2. PR: 49417.
· core: Filter init functions are now run strictly once per request before handler invocation. The init functions are no longer run for connection filters. PR 49328. [Joe Orton]
· mod_filter: enable it to act on non-200 responses. PR 48377 [Nick Kew]
· mod_ldap: LDAP caching was suppressed (and ldap-status handler returns
· title page only) when any mod_ldap directives were used in VirtualHost context. [Eric Covener]
· mod_ssl: Fix segfault at startup if proxy client certs are shared across multiple vhosts. PR 39915. [Joe Orton]
· mod_proxy_http: Log the port of the remote server in various messages. PR 48812.
· apxs: Fix -A and -a options to ignore whitespace in httpd.conf
· mod_dav, mod_cache: Fix Handling of requests without a path segment.
· SECURITY: CVE-2010-2068
· mod_proxy_ajp, mod_proxy_http, mod_reqtimeout: Fix timeout detection
· for platforms Windows, Netware and OS2. PR: 49417.
· core: Filter init functions are now run strictly once per request before handler invocation. The init functions are no longer run for connection filters. PR 49328. [Joe Orton]
· mod_filter: enable it to act on non-200 responses. PR 48377 [Nick Kew]
· mod_ldap: LDAP caching was suppressed (and ldap-status handler returns
· title page only) when any mod_ldap directives were used in VirtualHost context. [Eric Covener]
· mod_ssl: Fix segfault at startup if proxy client certs are shared across multiple vhosts. PR 39915. [Joe Orton]
· mod_proxy_http: Log the port of the remote server in various messages. PR 48812.
· apxs: Fix -A and -a options to ignore whitespace in httpd.conf
Apache HTTP Server for Windows 7 - free download notice
Windows 7 Download periodically updates software information of Apache HTTP Server from the publisher.
« BACK
My Account
My Saved Stuff
AnyToJpeg 3.3
Download Remove
Any DVD Cloner Express 1.2.2
Download Remove
Free YouTube to MP3 Converter 3.10.11
Download Remove
Fix IE Utility 1.0
Download Remove
DDE server plugin 3.7.4.1130
Download Remove
Codice Fiscale 5.1.1
Download Remove
Encode360 2.03
Download Remove
ChemDoodle 2.0.3
Download Remove
BrushO! 1.05
Download Remove
EVVAddressBook 3.0
Download Remove
Evolution 2.28.1-1
Download Remove
ECrawl 2.63
Download Remove
Audio Sound Editor for .NET 2.2.1.0
Download Remove
123FTP-Free 3.9.1
Download Remove
Amphis Customer 3.0
Download Remove
AIMP Classic 3.10 B1040 Beta
Download Remove
ABC Roster 1.5.0
Download Remove
A-one iPod PSP 3GP Video Converter 7.6.3
Download Remove
Acoolsoft PPT to Video Free 3.2.3
Download Remove
Download Remove
Any DVD Cloner Express 1.2.2
Download Remove
Free YouTube to MP3 Converter 3.10.11
Download Remove
Fix IE Utility 1.0
Download Remove
DDE server plugin 3.7.4.1130
Download Remove
Codice Fiscale 5.1.1
Download Remove
Encode360 2.03
Download Remove
ChemDoodle 2.0.3
Download Remove
BrushO! 1.05
Download Remove
EVVAddressBook 3.0
Download Remove
Evolution 2.28.1-1
Download Remove
ECrawl 2.63
Download Remove
Audio Sound Editor for .NET 2.2.1.0
Download Remove
123FTP-Free 3.9.1
Download Remove
Amphis Customer 3.0
Download Remove
AIMP Classic 3.10 B1040 Beta
Download Remove
ABC Roster 1.5.0
Download Remove
A-one iPod PSP 3GP Video Converter 7.6.3
Download Remove
Acoolsoft PPT to Video Free 3.2.3
Download Remove
Would you like to receive announcements of new versions of your software by email or by RSS reader? Register for FREE!
Windows 7 Downloads Picks
Popular Tags
internet explorer 10
turbo c
bluetooth connection
winrar
shutdown timer
visual basic
google chrome
radio tuner
gadget
theme
windows 7
face recognition
search windows 7 downloads
firefox
counter strike
free vlc media player
service pack 3
photo editor
powerpoint presentation
skype
internet explorer
microsoft picture it
sound equalizer
picasa
operating system
photo viewer
microsoft office
animated wallpaper
dock
javascript
Popular Windows 7 Software
- XAMPP 1.7.7
- JAP/JonDo 00.18.001
- Apache Tomcat x64 7.0.26
- Apache Tomcat 7.0.26
- Free SMTP Server 2.5992
- MySQL 5.1.62
- MySQL Workbench 5.1.18
- WampServer 64-bit 2.2a
- Alax.Info DHCP Server 1.1.0
- Apache HTTP Server 2.4.1
- Weka 3.7.5
- Super Socks5Cap 2.3.3.2
- Air Video Server 2.4.3
- SQLite3 3.7.12.1
- SocksChain 4.214
© 2012 Windows7Download.com - All logos, trademarks, art and other creative works are and remain copyright and property of their respective owners. Microsoft Windows is a registered trademarks of Microsoft Corporation. Microsoft Corporation in no way endorses or is affiliated with windows7download.com.