Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     
 
Keep TACKtech.com free by purchasing something from our sponsors.
Make a financial contribution
  Technical Updates @ TACKtech Corp.  

10.14.2008 - Apache Group: Apache HTTP Server 2.2.10



View Apache related news. The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT. The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards.

Changes with Apache 2.2.10:
  • SECURITY: CVE-2008-2939 (cve.mitre.org) mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem]
  • Allow for smax to be 0 for balancer members so that all idle connections are able to be dropped should they exceed ttl. PR 43371 [Phil Endecott , Jim Jagielski]
  • mod_proxy_http: Don't trigger a retry by the client if a failure to read the response line was the result of a timeout. [Adam Woodworth ]
  • Support chroot on Unix-family platforms PR 43596 [Dimitar Pashev ]
  • mod_ssl: implement dynamic mutex callbacks for the benefit of OpenSSL. [Sander Temme]
  • mod_proxy_balancer: Add 'bybusyness' load balance method. [Joel Gluth , Jim Jagielski]
  • mod_authn_alias: Detect during startup when AuthDigestProvider is configured to use an incompatible provider via AuthnProviderAlias. PR 45196 [Eric Covener]
  • mod_proxy: Add 'scolonpathdelim' parameter to allow for ';' to also be used as a session path separator/delim PR 45158. [Jim Jagielski]
  • mod_charset_lite: Avoid dropping error responses by handling meta buckets correctly. PR 45687 [Dan Poirier ]
  • mod_proxy_http: Introduce environment variable proxy-initial-not-pooled to avoid reusing pooled connections if the client connection is an initial connection. PR 37770. [Ruediger Pluem]
  • mod_rewrite: Allow Cookie option to set secure and HttpOnly flags. PR 44799 [Christian Wenz ]
  • mod_ssl: Rewrite shmcb to avoid memory alignment issues. PR 42101. [Geoff Thorpe]
  • mod_proxy: Add connectiontimeout parameter for proxy workers in order to be able to set the timeout for connecting to the backend separately. PR 45445. [Ruediger Pluem, rahul ]
  • mod_dav_fs: Retrieve minimal system information about directory entries when walking a DAV fs, resolving a performance degradation on Windows. PR 45464. [Joe Orton, Jeff Trawick]
  • mod_cgid: Pass along empty command line arguments from an ISINDEX query that has consecutive '+' characters in the QUERY_STRING, matching the behavior of mod_cgi. [Eric Covener]
  • mod_headers: Prevent Header edit from processing only the first header of possibly multiple headers with the same name and deleting the remaining ones. PR 45333. [Ruediger Pluem]
  • mod_proxy_balancer: Move nonce field in the balancer manager page inside the html form where it belongs. PR 45578. [Ruediger Pluem]
  • mod_proxy_http: Do not forward requests with 'Expect: 100-continue' to known HTTP/1.0 servers. Return 'Expectation failed' (417) instead. [Ruediger Pluem]
  • mod_rewrite: Preserve the query string when [proxy,noescape]. PR 45247. [Tom Donovan]
- Download Apache HTTP Server
- View Release Notes
- View Additional Information
- Visit Apache Group

NID: 25082 / Submitted by: TACKtech Team
Categories: Internet Applications, Open Source, Server Applications
Most recent Apache related news.
Apache Group: Apache HTTP Server 1.3.42 (final release of 1.3.x)
Apache Group: Apache HTTP Server 2.2.11
Apache Group: Apache HTTP Server 2.2.10
Apache Group: Apache HTTP Server 2.2.9
Apache Group: Apache HTTP Server 1.3.41
View archive of Apache related news.

Visit the TACKtech Shop
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
.......