while x.{even}.z versions are Stable/GA releases.]
2.4.26 : In development.
- 2.4.25 : Tagged on December 16, 2016.
+ 2.4.25 : Tagged on December 16, 2016. Released on December 21, 2016.
2.4.24 : Tagged on December 16, 2016, not released.
2.4.23 : Tagged on June 30, 2016. Released on July 05, 2016.
2.4.22 : Tagged on June 20, 2016, not released.
RELEASE SHOWSTOPPERS:
+ *) mod_proxy_hcheck: Ensure thread-safety when concurrent healthchecks are
+ in use (ProxyHCTPsize > 0). PR 60071.
+ trunk patch: http://svn.apache.org/r1779573
+ 2.4.x patch: trunk works (modulo CHANGES)
+ +1: ylavic, jim
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
+ *) core: %{DOCUMENT_URI} used in nested SSI expressions should point to the
+ URI originally requsted by the user, not the nested documents URI. This
+ restores the behavior of this variable to match the "legacy" SSI parser.
+ PR60624.
+ trunk patch: http://svn.apache.org/r1780095
+ 2.4.x patch: trunk works
+ +1: covener, wrowe, ylavic
+
+ *) core: EBCDIC fixes for interim responses with additional headers.
+ trunk patch: http://svn.apache.org/r1777354
+ 2.4.x patch: http://people.apache.org/~covener/patches/ebcdic-interim.diff
+ +1: covener, wrowe, ylavic (by inspection)
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
http://svn.apache.org/r1740998
http://svn.apache.org/r1742697
http://svn.apache.org/r1756976
- 2.4.x patch: http://home.apache.org/~ylavic/patches/httpd-2.4.x-r1740928_and_co.patch
+ http://svn.apache.org/r1781313
+ 2.4.x patch: http://home.apache.org/~ylavic/patches/httpd-2.4.x-r1740928_and_co-v3.patch
+1: ylavic
- *) event: close a race condition where we might re-enable listeners while they
- are already or about to be closed.
- trunk patch: http://svn.apache.org/r1774541
- 2.4.x patch: trunk works
+ *) mod_proxy_hcheck: Don't validate timed out responses.
+ trunk patch: http://svn.apache.org/r1779574
+ http://svn.apache.org/r1779623
+ 2.4.x patch: trunk works *after r1779573 above* (modulo CHANGES)
+1: ylavic, jim
- *) mod_proxy_express.c: Silence compiler warning
- "111: warning: 'backend' may be used uninitialized in this function"
- trunk patch: http://svn.apache.org/r1741570
+ *) mod_ssl: backport fix for PR 46037
+ trunk patch: http://svn.apache.org/r1781575
+ http://svn.apache.org/r1781577
+ http://svn.apache.org/r1781580
+ http://svn.apache.org/r1781687
+ http://svn.apache.org/r1783305
+ 2.4.x patch: http://people.apache.org/~jfclere/patches/patch.46037.txt
+ +1: jfclere, jim
+ wrowe asks: Can we capitalize Verify in SSLOCSPNoverify to keep
+ with conventions?
+ ylavic: +1 with http://svn.apache.org/r1788430, fixing the merge of
+ SSLOCSPNoverify and capitalizing as suggested above.
+
+ *) mod_cache: Fix a regression in 2.4.25 for the forward proxy case by
+ computing and using the same entity key according to when the cache
+ checks, loads and saves the request. PR 60577.
+ trunk patch: http://svn.apache.org/r1783842
+ 2.4.x patch: trunk works (modulo CHANGES)
+ +1: ylavic, jim
+
+ *) mod_proxy_hcheck: Honor checks in Vhosts
+ trunk patch: http://svn.apache.org/r1784203
+ http://svn.apache.org/r1784205
+ http://svn.apache.org/r1784227
+ http://svn.apache.org/r1784228
+ http://svn.apache.org/r1784275
+ http://svn.apache.org/r1785871
+ http://svn.apache.org/r1786009
+ 2.4.x patch: trunk works *after r1779573 above* (modulo CHANGES)
+ FULL hcheck patch: http://home.apache.org/~jim/patches/httpd2.4-hcheck.patch
+ (includes all hcheck related patches, including showstopper)
+ +1: jim
+ ylavic: 'tpsize' needs to be reset (to HC_THREADPOOL_SIZE) in pre_config,
+ otherwise if mod_proxy_hcheck is builtin/static and for example
+ ProxyHCTPsize were commented out on restart, we wouldn't use the
+ default value (as expected).
+
+ *) mod_autoindex: Add IndexOptions UseOldDateFormat to allow the date
+ format from 2.2 in the Last Modified column. PR60846.
+ trunk patch: http://svn.apache.org/r1787525
+ http://svn.apache.org/r1787553
2.4.x patch: trunk works
- +1: rjung
-
- *) mod_ssl: Silence compiler warning
- "686: warning: 'ok' may be used uninitialized in
- this function"
- This is a false positive, because the value of "ok"
- will only be used if stapling_get_cached_response()
- sets "rsp" to non-NULL in which case it will always
- have set "ok".
- trunk patch: http://svn.apache.org/1775173
+ +1 covener
+ wrowe notes: strncasecmp copy-paste error (should be strcasecmp), the
+ strn flavor was only for 'flag=' prefixes
+
+ *) mod_proxy: Allow the per-request environment variable "no-proxy" to
+ be used as an alternative to ProxyPass /path !. This is primarily
+ to set exceptions for ProxyPass specified in <Location> context.
+ trunk patch: http://svn.apache.org/r1781328
2.4.x patch: trunk works
- +1: rjung
+ +1: covener, ylavic
+ jailletc36: compatibility note is missing
- *) core: EBCDIC fix for strict host checking.
- trunk patch: http://svn.apache.org/r1775199
- 2.4.x patch: trunk work + CHANGES
- +1: covener
+ *) core: Add %{REMOTE_PORT} to the expression parser. PR59938
+ trunk patch: http://svn.apache.org/r1776459
+ 2.4.x patch: trunk works
+ +1: covener, ylavic
+ jailletc36: compatibility note is missing
PATCHES/ISSUES THAT ARE BEING WORKED
[ New entried should be added at the START of the list ]
+ *) mod_brotli: Backport of mod_brotli filter
+ trunk patch: http://svn.apache.org/r1761714
+ http://svn.apache.org/r1762512
+ http://svn.apache.org/r1762515
+ http://svn.apache.org/r1771791
+ http://svn.apache.org/r1779077
+ http://svn.apache.org/r1779091
+ http://svn.apache.org/r1779699
+ 2.4.x patch: http://home.apache.org/~jim/patches/brotli-2.4.patch
+ +1: jim, jorton,
+ -1: wrowe (Premature, waiting on github.com/google/brotli 0.6 release)
+ NOTE: Awaiting next release post 0.5.2
+
+ *) mod_remoteip: Add PROXY protocol support
+ trunk patch: http://svn.apache.org/r1776575
+ http://svn.apache.org/r1776578 (doc fix)
+ http://svn.apache.org/r1776627 (shortened name + doc fix)
+ http://svn.apache.org/r1776674 (attribution moved to CHANGES)
+ http://svn.apache.org/r1776740 (attribution updated in mod_remotip.c)
+ http://svn.apache.org/r1778268 (fix compiler warning)
+ http://svn.apache.org/r1780725 (set buckets aside)
+ http://svn.apache.org/r1781030 (fix strict GCC warning)
+ http://svn.apache.org/r1781031 (reference the filter by handle)
+ http://svn.apache.org/r1781701 (rework optional processing case)
+ 2.4 convenience patch (includes CHANGES):
+ http://people.apache.org/~druggeri/patches/RemoteIPProxyProtocol.2.4.x.patch
+ +1: druggeri, jim
+ -0.5: wrowe (Still reviewing support of unwise 'optional' schema vs. other
+ possibile solves; questioning reading-but-ignoring PROXY
+ protocol input, also seems unwise)
+
*) mod_ssl: Return 502 instead of 500 when SSL peer check or
proxy_post_handshake hook fails.
Trunk patch: r1645529 (works)
(& also, making the structure change with apr-util version
means it breaks binary compat across an apr-util upgrade?)
- * mod_auth_digest: Reduce severity from NOTICE to DEBUG this
- once-per-restart msg (I guess the concern was that the RNG
- could block after this message)
-
- AH01757: generating secret for digest authentication ...
+ * Support PCRE2 (10.x) in place of PCRE (8.x).
+ Submitted by: wrowe, Petr Pisar [ppisar redhat.com]
+ trunk patches:
+ http://svn.apache.org/r1773454
+ http://svn.apache.org/r1773741
+ http://svn.apache.org/r1773742
+ http://svn.apache.org/r1773839
+ http://svn.apache.org/r1773870
+ http://svn.apache.org/r1773882
+ wrowe notes that the current code is too inefficient, owing to the fact
+ that the ovector is a required allocation and is no longer allocated on
+ the stack, by design. The correct fix is an apr userdata allocation on
+ the appropriate pool, which would be thread-safe, but the actual API of
+ ap_regexec[_len]() offers us no pool. We cannot associate that pool with
+ the ap_regex_t, because a single regex may be used by many threads in
+ parallel and is not thread-safe beyond initialization.
+ So the only fix allowing us to use PCRE 10 in httpd 2.4 would be to write
+ this as a thread safe storage buffer for the majority of cases (<10 $args)
+ and we don't have a portable tls mechanism to do so.
- trunk patch: This was fixed in trunk as a trivial part of http://svn.apache.org/r1492395
- 2.4.x patch: Just change the loglevel to DEBUG.
- +1 covener
PATCHES/ISSUES THAT ARE STALLED