-*- coding: utf-8 -*-
+Changes with Apache 2.3.5
+
+ *) mod_headers: Ensure that changes to the main request remain valid when
+ the subrequest is destroyed. PR 48359 [Nick Kew, Ruediger Pluem]
+
+ *) Core HTTP: disable keepalive when the Client has sent
+ Expect: 100-continue
+ but we respond directly with a non-100 response.
+ Keepalive here led to data from clients continuing being treated as
+ a new request.
+ PR 47087 [Nick Kew]
+
+Changes with Apache 2.3.4
+
+ *) Replace AcceptMutex, LockFile, RewriteLock, SSLMutex, SSLStaplingMutex,
+ and WatchdogMutexPath with a single Mutex directive. Add APIs to
+ simplify setup and user customization of APR proc and global mutexes.
+ (See util_mutex.h.) Build-time setting DEFAULT_LOCKFILE is no longer
+ respected; set DEFAULT_REL_RUNTIMEDIR instead. [Jeff Trawick]
+
+ *) http_core: KeepAlive no longer accepts other than On|Off.
+ [Takashi Sato]
+
+ *) mod_dav: Remove errno from dav_error interface. Calls to dav_new_error()
+ and dav_new_error_tag() must be adjusted to add an apr_status_t parameter.
+ [Jeff Trawick]
+
+ *) mod_authnz_ldap: Add AuthLDAPBindAuthoritative to allow Authentication to
+ try other providers in the case of an LDAP bind failure.
+ PR 46608 [Justin Erenkrantz, Joe Schaefer, Tony Stevenson]
+
+ *) Build: fix --with-module to work as documented
+ PR 43881 [Gez Saunders <gez.saunders virgin.net>]
+
Changes with Apache 2.3.3
+ *) SECURITY: CVE-2009-3095 (cve.mitre.org)
+ mod_proxy_ftp: sanity check authn credentials.
+ [Stefan Fritsch <sf fritsch.de>, Joe Orton]
+
+ *) SECURITY: CVE-2009-3094 (cve.mitre.org)
+ mod_proxy_ftp: NULL pointer dereference on error paths.
+ [Stefan Fritsch <sf fritsch.de>, Joe Orton]
+ *) mod_ssl: enable support for ECC keys and ECDH ciphers. Tested against
+ OpenSSL 1.0.0b3. [Vipul Gupta <vipul.gupta sun.com>, Sander Temme]
+
+ *) mod_dav: Include uri when logging a PUT error due to connection abort.
+ PR 38149. [Stefan Fritsch]
+
+ *) mod_dav: Return 409 instead of 500 for a LOCK request if the parent
+ resource does not exist or is not a collection. PR 43465. [Stefan Fritsch]
+
+ *) mod_dav_fs: Return 409 instead of 500 for Litmus test case copy_nodestcoll
+ (a COPY request where the parent of the destination resource does not
+ exist). PR 39299. [Stefan Fritsch]
+
+ *) mod_dav_fs: Don't delete the whole file if a PUT with content-range failed.
+ PR 42896. [Stefan Fritsch]
+
+ *) mod_dav_fs: Make PUT create files atomically and no longer destroy the
+ old file if the transfer aborted. PR 39815. [Paul Querna, Stefan Fritsch]
+
+ *) mod_dav_fs: Remove inode keyed locking as this conflicts with atomically
+ creating files. On systems with inode numbers, this is a format change of
+ the DavLockDB. The old DavLockDB must be deleted on upgrade.
+ [Stefan Fritsch]
+
+ *) mod_log_config: Make ${cookie}C correctly match whole cookie names
+ instead of substrings. PR 28037. [Dan Franklin <dan dan-franklin.com>,
+ Stefan Fritsch]
+
+ *) vhost: A purely-numeric Host: header should not be treated as a port.
+ PR 44979 [Nick Kew]
+
+ *) mod_ldap: Avoid 500 errors with "Unable to set LDAP_OPT_REFHOPLIMIT option to 5"
+ when built against openldap by using SDK LDAP_OPT_REFHOPLIMIT defaults unless
+ LDAPReferralHopLimit is explicitly configured.
+ [Eric Covener]
+
+ *) mod_charset_lite: Honor 'CharsetOptions NoImplicitAdd'.
+ [Eric Covener]
+
+ *) mod_ssl: Add support for OCSP Stapling. PR 43822.
+ [Dr Stephen Henson <shenson oss-institute.org>]
+
+ *) mod_socache_shmcb: Allow parens in file name if cache size is given.
+ Fixes SSLSessionCache directive mis-parsing parens in pathname.
+ PR 47945. [Stefan Fritsch]
+
+ *) htpasswd: Improve out of disk space handling. PR 30877. [Stefan Fritsch]
+
+ *) htpasswd: Use MD5 hash by default on all platforms. [Stefan Fritsch]
+
+ *) mod_sed: Reduce memory consumption when processing very long lines.
+ PR 48024 [Basant Kumar Kukreja <basant.kukreja sun.com>]
+
+ *) ab: Fix segfault in case the argument for -n is a very large number.
+ PR 47178. [Philipp Hagemeister <oss phihag.de>]
+
+ *) Allow ProxyPreserveHost to work in <Proxy> sections. PR 34901.
+ [Stefan Fritsch]
+
+ *) configure: Fix THREADED_MPMS so that mod_cgid is enabled again
+ for worker MPM. [Takashi Sato]
+
+ *) mod_dav: Provide a mechanism to obtain the request_rec and pathname
+ from the dav_resource. [Jari Urpalainen <jari.urpalainen nokia.com>,
+ Brian France <brian brianfrance.com>]
+
+ *) Build: Use install instead of cp if available on installing
+ modules to avoid segmentation fault. PR 47951. [hirose31 gmail.com]
+
+ *) mod_cache: correctly consider s-maxage in cacheability
+ decisions. [Dan Poirier]
+
+ *) mod_logio/core: Report more accurate byte counts in mod_status if
+ mod_logio is loaded. PR 25656. [Stefan Fritsch]
+
+ *) mod_ldap: If LDAPSharedCacheSize is too small, try harder to purge
+ some cache entries and log a warning. Also increase the default
+ LDAPSharedCacheSize to 500000. This is a more realistic size suitable
+ for the default values of 1024 for LdapCacheEntries/LdapOpCacheEntries.
+ PR 46749. [Stefan Fritsch]
+
+ *) mod_rewrite: Make sure that a hostname:port isn't fully qualified if
+ the request is a CONNECT request. [Bill Zajac <billz consultla.com>]
+
+ *) mod_cache: Teach CacheEnable and CacheDisable to work from within a
+ Location section, in line with how ProxyPass works. [Graham Leggett]
+
+ *) mod_reqtimeout: New module to set timeouts and minimum data rates for
+ receiving requests from the client. [Stefan Fritsch]
+
+ *) core: Fix potential memory leaks by making sure to not destroy
+ bucket brigades that have been created by earlier filters.
+ [Stefan Fritsch]
+
+ *) core, mod_deflate, mod_sed: Reduce memory usage by reusing bucket
+ brigades in several places. [Stefan Fritsch]
+
+ *) mod_cache: Fix uri_meets_conditions() so that CacheEnable will
+ match by scheme, or by a wildcarded hostname. PR 40169
+ [Peter Grandi <pg_asf asf.for.sabi.co.uk>, Graham Leggett]
+
+ *) suxec: Allow to log an error if exec fails by setting FD_CLOEXEC
+ on the log file instead of closing it. PR 10744. [Nicolas Rachinsky]
+
+ *) mod_mime: Make RemoveType override the info from TypesConfig.
+ PR 38330. [Stefan Fritsch]
+
+ *) mod_cache: Introduce the option to run the cache from within the
+ normal request handler, and to allow fine grained control over
+ where in the filter chain content is cached. [Graham Leggett]
+
+ *) core: Treat timeout reading request as 408 error, not 400.
+ Log 408 errors in access log as was done in Apache 1.3.x.
+ PR 39785 [Nobutaka Mantani <nobutaka nobutaka.org>,
+ Stefan Fritsch <sf fritsch.de>, Dan Poirier]
+
+ *) mod_ssl: Reintroduce SSL_CLIENT_S_DN, SSL_CLIENT_I_DN, SSL_SERVER_S_DN,
+ SSL_SERVER_I_DN back to the environment variables to be set by mod_ssl.
+ [Peter Sylvester <peter.sylvester edelweb.fr>]
+
+ *) mod_disk_cache: don't cache incomplete responses, per RFC 2616, 13.8.
+ PR15866. [Dan Poirier]
+
+ *) ab: ab segfaults in verbose mode on https sites
+ PR46393. [Ryan Niebur]
+
+ *) mod_dav: Allow other modules to become providers and add resource types
+ to the DAV response. [Jari Urpalainen <jari.urpalainen nokia.com>,
+ Brian France <brian brianfrance.com>]
+
+ *) mod_dav: Allow other modules to add things to the DAV or Allow headers
+ of an OPTIONS request. [Jari Urpalainen <jari.urpalainen nokia.com>,
+ Brian France <brian brianfrance.com>]
+
+ *) core: Lower memory usage of core output filter.
+ [Stefan Fritsch <sf sfritsch.de>]
+
+ *) mod_mime: Detect invalid use of MultiviewsMatch inside Location and
+ LocationMatch sections. PR47754. [Dan Poirier]
+
+ *) mod_request: Make sure the KeptBodySize directive rejects values
+ that aren't valid numbers. [Graham Leggett]
+
*) mod_session_crypto: Sanity check should the potentially encrypted
session cookie be too short. [Graham Leggett]
*) mod_alias: ensure Redirect issues a valid URL.
PR 44020 [HÃ¥kon Stordahl <hakon stordahl.org>]
- *) mod_dir: add DefaultHandler directive, to enable admin to specify
+ *) mod_dir: add FallbackResource directive, to enable admin to specify
an action to happen when a URL maps to no file, without resorting
to ErrorDocument or mod_rewrite. PR 47184 [Nick Kew]
*) mod_proxy_ajp: Forward remote port information by default.
[Rainer Jung]
- *) Allow MPMs to be loaded dynamically, as with most other modules. This
- required changes to the MPM interfaces. Removed: mpm.h, mpm_default.h
- (as an installed header), APACHE_MPM_DIR, MPM_NAME, ap_threads_per_child,
+ *) Allow MPMs to be loaded dynamically, as with most other modules. Use
+ --enable-mpms-shared={list|"all"} to enable. This required changes to
+ the MPM interfaces. Removed: mpm.h, mpm_default.h (as an installed
+ header), APACHE_MPM_DIR, MPM_NAME, ap_threads_per_child,
ap_max_daemons_limit, ap_my_generation, etc. ap_mpm_query() can't be
called until after the register-hooks phase. [Jeff Trawick]
Changes with Apache 1.3.x and later:
*) http://svn.apache.org/viewvc/httpd/httpd/branches/1.3.x/src/CHANGES?view=markup
+
+