[NOTE that x.{odd}.z versions are strictly Alpha/Beta releases,
while x.{even}.z versions are Stable/GA releases.]
- 2.4.19 : In development.
+ 2.4.21 : In development.
+ 2.4.20 : Tagged on April 4, 2016. Released on April 11, 2016.
+ 2.4.19 : Tagged on March 21, 2016, not released.
2.4.18 : Tagged on December 8, 2015. Released on December 14, 2015.
2.4.17 : Tagged on October 9, 2015. Released October 13, 2015.
2.4.16 : Tagged on July 9, 2015. Released July 15, 2015
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
+ *) Suppress 'h2' announcements in Upgrade: header as such Upgrade: requests
+ are not honored by mod_http2.
+ trunk patches: http://svn.apache.org/r1740075
+ http://svn.apache.org/r1740119
+ 2.4.x: trunk works modulo CHANGES
+ +1: icing
+
*) mod_proxy_hcheck: Dynamic reverse proxy backend health check module
Trunk version of patch: <various>
Backport version for 2.4.x of patch:
- http://home.apache.org/~jim/patches/hcheck-2.4-v2.patch
+ http://home.apache.org/~jim/patches/hcheck-2.4-v3.patch
<Plus docs>
+1: jim
- ylavic: Looks like the changes on struct proxy_worker_shared would break
- startup with "BalancerPersist on" due to the strict checks on
- the sizes of existing slotmems (slotmem_create/attach)?
- jim: Yes, that is right (re: breakage)... this would be noted at
- release.
- ylavic: OK, this is just that persisted slotmems won't be reused on first
- startup, not that the startup will fail (as I first thought).
-
- *) core/util_script: relax alphanumeric filter of enviroment variable names
- on Windows to allow '(' and ')' for passing PROGRAMFILES(X86) et.al.
- unadulterated in 64 bit versions of Windows. PR 46751.
- trunk patch: http://svn.apache.org/r1705217
- 2.4.x patch: trunk patch works
- +1: jailletc36
- ylavic: As asked on dev@ (in reply to r1705217), what about CVE-2014-6271
- (shellshock) with unix-like shells (or even maybe native windows
- ones too)?
*) mod_ssl: Add "no_crl_for_cert_ok" flag to SSLCARevocationCheck directive
to opt-in previous behaviour (2.2) with CRLs verification when checking
http://svn.apache.org/r1734807
http://svn.apache.org/r1735159
http://svn.apache.org/r1735337
+ http://svn.apache.org/r1737265
2.4.x patch: trunk works (modulo CHANGES) or
- http://home.apache.org/~ylavic/patches/httpd-2.4.x-no_crl_for_cert_ok.patch
+ http://home.apache.org/~ylavic/patches/httpd-2.4.x-no_crl_for_cert_ok-v2.patch
+1: ylavic
*) mod_proxy_http2: add http2 proxy support in new, experimental module.
Includes backport of r1729208 to set ALPN protocols for ssl backend
connections.
Trunk version of patch: <various>
- Backport version for 2.4.x of patch: https://www.eissing.org/proxy_http2_2.4v2.patch
- +1: icing
+ Backport version for 2.4.x of patch: https://www.eissing.org/proxy_http2_2.4v4.patch
+ +1: icing, ylavic
updated patch after review by cjaillet, merged 1735668,1735748 from trunk
+ updated patch with APLOGNOs by merging 1735931,1735935 from trunk
+ updated patch with APLOGNOs by merging 1735942 from trunk
+
+ *) mod_ssl: Return 502 instead of 500 when SSL peer check or
+ proxy_post_handshake hook fails.
+ Trunk patch: r1645529 (works)
+ 2.4.x patch which adds CHANGES: https://emptyhammock.com/media/downloads/r1645529-to-2.4.x.txt
+ +1: trawick
+ ylavic: there may be missing bits, see thread for commit r1736510.
+
+ *) mod_include: add the <!--#comment ...> syntax in order to include comments
+ in a SSI file.
+ Trunk patch: http://svn.apache.org/r1737476
+ 2.4.x patch: trunk patch works (compatibility note to be adjusted)
+ +1: jailletc36
- *) mod_authz_host: add "forward-dns" authorization provider
- trunk patch: http://svn.apache.org/r1734412
- 2.4.x patch: trunk should work (possible minor issue on next-number)
- +1: fabien
+ *) mpm_event, mpm_worker: Fix computation of MinSpareThreads' lower bound
+ according the number of listeners buckets.
+ trunk patch: http://svn.apache.org/r1737447
+ http://svn.apache.org/r1737449
+ http://svn.apache.org/r1737451
+ 2.4.x patch: trunk works (modulo CHANGES)
+ +1: ylavic
+
+ *) Correct scoreboard behaviors in multiple MPMs and mod_http2 to avoid
+ clobbering the most recent request line at unexpect times. Corrects
+ a notable regression in 2.4.20 and in some earlier edge cases.
+ PR 59333
+ See r1741310 for more precise patch details
+ trunk patch: http://svn.apache.org/r1741310
+ 2.4.x patch: https://raw.githubusercontent.com/wrowe/patches/master/backport-httpd-2.4-r1741310.patch
+ +1: wrowe
-
PATCHES/ISSUES THAT ARE BEING WORKED
*) http: Don't remove the Content-Length of zero from a HEAD response if
jim: Non-blocking seems the best way to handle...
+ * core: block Define and Undefine in vhost and directory context. Because
+ it is EXEC_ON_READ, it "breaks out" of these contexts anyway.
+ trunk patch: http://svn.apache.org/r1656063
+ http://svn.apache.org/r1656122
+ 2.4.x patch: http://people.apache.org/~covener/patches/2.4.x-define-limits.diff
+
+ +1: covener (I need to review the docs manually in this area)
+
+ * core: improve error message when docroot is unreadable.
+ trunk patch: http://svn.apache.org/r1506474
+ 2.4.x patch: trunk works
+ +1: jorton,
+
PATCHES/ISSUES THAT ARE STALLED
* core: Add ap_errorlog_provider to make ErrorLog logging modular. This