[Remove entries to the current 2.0 section below, when backported]
+ *) mod_ssl: Send the Close Alert message to the peer before closing
+ the SSL session. [Madhusudan Mathihalli, Joe Orton]
+
+ *) mod_setenvif: Remove "support" for Remote_User variable which
+ never worked at all. PR 25725. [André Malo]
+
+ *) minor mod_auth_basic and mod_auth_digest sync. mod_auth_basic
+ now populates r->user with the (possibly unauthenticated) user,
+ and mod_auth_digest returns 500 when a provider returns
+ AUTH_GENERAL_ERROR.
+ [Geoffrey Young]
+
+ *) fix "Expected </Foo>> but saw </Foo>" errors in nested,
+ argumentless containers.
+ ["Philippe M. Chiasson" <gozer cpan.org>]
+
+ *) mod_isapi: GetServerVariable returned improperly terminated header
+ fields given "ALL_HTTP" or "ALL_RAW". PR 20656.
+ [Jesse Pelton <jsp pkc.com>]
+
+ *) mod_isapi: send_response_header() failed to copy status string's
+ last character. PR 20619. [Jesse Pelton <jsp pkc.com>]
+
+ *) mod_isapi: GetServerVariable("ALL_RAW") returned the wrong buffer
+ size. PR 20617. [Jesse Pelton <jsp pkc.com>]
+
+ *) The whole codebase was relicensed and is now available under
+ the Apache License, Version 2.0 (http://www.apache.org/licenses).
+ [Apache Software Foundation]
+
+ *) FreeBSD: Use the httpready accept filter instead of dataready on
+ newer levels of the OS. [Paul Querna <chip force-elite.com>]
+
+ *) Delete some make-generated files in the server directory during
+ "make clean" processing. PR 26552. [Jeff Trawick]
+
*) Fixed file extensions for real media files and removed rpm extension
from mime.types. PR 26079. [Allan Sandfeld <kde carewolf.com>]
- *) worker MPM: fix stack overlay bug that could cause the parent
- process to crash. [Jeff Trawick]
-
*) Unix MPMs: Stop dropping connections when the file descriptor
is at least FD_SETSIZE. [Jeff Trawick]
true if the pattern is a file with execution permissions.
[André Malo]
- *) mod_ssl: Fix streaming output from an nph- CGI script. PR 21944
- [Joe Orton]
-
*) mod_log_config: Fix corruption of buffered logs with threaded
MPMs. PR 25520. [Jeff Trawick]
- *) Build array of allowed methods with proper dimensions, fixing
- possible memory corruption. [Jeff Trawick]
-
*) Allow proxying of resources that are invoked via DirectoryIndex.
PR 14648. [André Malo]
*) mod_rewrite: Cookie creation now works locale independent.
[André Malo]
- *) mod_usertrack no longer inspects the Cookie2 header for
- the cookie name. PR 11475. [Chris Darrochi <chrisd pearsoncmg.com>]
-
- *) mod_usertrack no longer overwrites other cookies.
- PR 26002. [Scott Moore <apache nopdesign.com>]
-
- *) Make REMOTE_PORT variable available in mod_rewrite.
- PR 25772. [André Malo]
-
- *) proxy_http fix: mod_proxy hangs when both KeepAlive and
- ProxyErrorOverride are enabled, and a non-200 response without a
- body is generated by the backend server. (e.g.: a client makes a
- request containing the "If-Modified-Since" and "If-None-Match"
- headers, to which the backend server respond with status 304.)
- [Graham Wiseman <gwiseman fscinternet.com>, Richard Reiner]
-
*) mod_ssl: Add support for distributed session cache using 'distcache'.
[Geoff Thorpe <geoff geoffthorpe.net>]
*) Add forensic logging module (mod_log_forensic).
[Ben Laurie]
- *) Fix segfault in mod_mem_cache cache_insert() due to cache size
- becoming negative. PR: 21285, 21287
- [Bill Stoddard, Massimo Torquati, Jean-Jacques Clar]
-
*) mod_proxy with ProxyErrorOverride On in a reverse-proxy configuration attaches
a body to the 302 response and a wrong Content-Length header.
PR: 22951 [Ermanno Scaglione scaglione ..at.. starnetone.de]
directory, display the MPM name and some MPM properties.
[Geoffrey Young <geoff apache.org>]
- *) Fixed cache-removal order in mod_mem_cache.
- [Jean-Jacques Clar, Cliff Woolley]
-
- *) Add fatal exception hook for use by debug modules. The hook is only
- available if the --enable-exception-hook configure parm is used.
- [Jeff Trawick]
-
*) mod_ssl/mod_status: Re-enable support for output of SSL session
cache information in server-status page. [Joe Orton]
*) Fix uninitialized gprof directory name in prefork MPM. PR 24450.
[Chris Knight <Christopher.D.Knight nasa.gov>]
- *) mod_auth_ldap: Fix some segfaults in the cache logic. PR 18756.
- [Matthieu Estrade <apache moresecurity.org>]
-
- *) mod_setenvif: Fix the regex optimizer, which under circumstances
- treated the supplied regex as literal string. PR 24219.
- [André Malo]
-
*) Log an error when requests for URIs which fail to map to a valid
filesystem name are rejected with 403. [Jeff Trawick]
*) Switch to APR 1.0 API.
- *) Fix mod_include's expression parser to recognize strings correctly
- even if they start with an escaped token. [André Malo]
-
*) Major overhaul of mod_include's filter parser. The new parser code
is expected to be more robust and should catch all of the edge cases
that were not handled by the previous one. This includes a binary
*) mod_rewrite: Allow forced mimetypes [T=...] to get expanded.
PR 14223. [André Malo]
- *) mod_rewrite: Catch an edge case, where strange subsequent RewriteRules
- could lead to a 400 (Bad Request) response. [André Malo]
-
*) mod_rewrite: Fix LA-U and LA-F lookups in directory context. Previously
the current rewrite state was just used as lookup path, which lead to
strange and often useless results. Related to PR 8493. [André Malo]
*) Fix some broken log messages in WinNT MPM.
[Juan Rivera <Juan.Rivera citrix.com>]
- *) Add support for IMT minor-type wildcards (e.g., text/*) to
- ExpiresByType. PR#7991 [Ken Coar]
-
*) prefork MPM: Use the right permissions for the directory created
for gprof support. [Jim Carlson <jcarlson jnous.com>]
the current locale. level values are now really parsed as integers.
PR 17564. [André Malo]
- *) Added the WindowsSocketsWorkaround directive for Windows NT/2000/XP
- to work around problems with certain VPN and Firewall products that
- have buggy AcceptEx implementations.
- [Allan Edwards w/ suggestions from Bill Stoddard & Bill Rowe]
-
*) Extend mod_negotiation to evaluate the environment variables
no-gzip and gzip-only-text/html the same way as mod_deflate does.
[André Malo]
Changes with Apache 2.0.49
+ *) Fix mod_include's expression parser to recognize strings correctly
+ even if they start with an escaped token. [André Malo]
+
+ *) Add fatal exception hook for use by diagnostic modules. The hook
+ is only available if the --enable-exception-hook configure parm
+ is used and the EnableExceptionHook directive has been set to
+ "on". [Jeff Trawick]
+
+ *) Allow mod_auth_digest to work with sub-requests with different
+ methods than the original request. PR 25040.
+ [Josh Dady <jpd indecisive.com>]
+
+ *) mod_auth_ldap: Fix some segfaults in the cache logic. PR 18756.
+ [Matthieu Estrade <apache moresecurity.org>, Brad Nicholes]
+
+ *) The whole codebase was relicensed and is now available under
+ the Apache License, Version 2.0 (http://www.apache.org/licenses).
+ [Apache Software Foundation]
+
+ *) Fixed cache-removal order in mod_mem_cache.
+ [Jean-Jacques Clar, Cliff Woolley]
+
+ *) mod_setenvif: Fix the regex optimizer, which under circumstances
+ treated the supplied regex as literal string. PR 24219.
+ [André Malo]
+
+ *) ap_mpm.h: Fix include guard of ap_mpm.h to reference mpm
+ instead of mmn. [André Malo]
+
+ *) mod_rewrite: Catch an edge case, where strange subsequent RewriteRules
+ could lead to a 400 (Bad Request) response. [André Malo]
+
+ *) Keep focus of ITERATE and ITERATE2 on the current module when
+ the module chooses to return DECLINE_CMD for the directive.
+ PR 22299. [Geoffrey Young <geoff apache.org>]
+
+ *) Add support for IMT minor-type wildcards (e.g., text/*) to
+ ExpiresByType. PR#7991 [Ken Coar]
+
+ *) Fix segfault in mod_mem_cache cache_insert() due to cache size
+ becoming negative. PR: 21285, 21287
+ [Bill Stoddard, Massimo Torquati, Jean-Jacques Clar]
+
+ *) core.c: If large file support is enabled, allow any file that is
+ greater than AP_MAX_SENDFILE to be split into multiple buckets.
+ This allows Apache to send files that are greater than 2gig.
+ Otherwise we run into 32/64 bit type mismatches in the file size.
+ [Brad Nicholes]
+
+ *) proxy_http fix: mod_proxy hangs when both KeepAlive and
+ ProxyErrorOverride are enabled, and a non-200 response without a
+ body is generated by the backend server. (e.g.: a client makes a
+ request containing the "If-Modified-Since" and "If-None-Match"
+ headers, to which the backend server respond with status 304.)
+ [Graham Wiseman <gwiseman fscinternet.com>, Richard Reiner]
+
+ *) mod_dav: Reject requests which include an unescaped fragment in the
+ Request-URI. PR 21779. [Amit Athavale <amit_athavale lycos.com>]
+
+ *) Build array of allowed methods with proper dimensions, fixing
+ possible memory corruption. [Jeff Trawick]
+
+ *) mod_ssl: Fix potential segfault on lookup of SSL_SESSION_ID.
+ PR 15057. [Otmar Lendl <lendl nic.at>]
+
+ *) mod_ssl: Fix streaming output from an nph- CGI script. PR 21944
+ [Joe Orton]
+
+ *) mod_usertrack no longer inspects the Cookie2 header for
+ the cookie name. PR 11475. [Chris Darrochi <chrisd pearsoncmg.com>]
+
+ *) mod_usertrack no longer overwrites other cookies.
+ PR 26002. [Scott Moore <apache nopdesign.com>]
+
+ *) worker MPM: fix stack overlay bug that could cause the parent
+ process to crash. [Jeff Trawick]
+
+ *) Win32: Add Win32DisableAcceptEx directive. This Windows
+ NT/2000/CP directive is useful to work around bugs in some
+ third party layered service providers like virus scanners,
+ VPN and firewall products, that do not properly handle
+ WinSock 2 APIs. Use this directive if your server is issuing
+ AcceptEx failed messages.
+ [Allan Edwards, Bill Rowe, Bill Stoddard, Jeff Trawick]
+
+ *) Make REMOTE_PORT variable available in mod_rewrite.
+ PR 25772. [André Malo]
+
*) Fix a long delay with CGI requests and keepalive connections on
AIX. [Jeff Trawick]
[Tomasz Kepczynski <tomek jot23.org>]
*) Add AP_MPMQ_MPM_STATE function code for ap_mpm_query. (Not yet
- supported for BeOS, OS/2, or Win32 MPMs.) [Jeff Trawick,
- Brad Nicholes]
+ supported for BeOS or OS/2 MPMs.) [Jeff Trawick, Brad Nicholes,
+ Bill Stoddard]
*) Add mod_status hook to allow modules to add to the mod_status
report. [Joe Orton]