[NOTE that x.{odd}.z versions are strictly Alpha/Beta releases,
while x.{even}.z versions are Stable/GA releases.]
- 2.4.19 : In development.
+ 2.4.19 : In development. Jim to T&R March 21, 2015.
2.4.18 : Tagged on December 8, 2015. Released on December 14, 2015.
2.4.17 : Tagged on October 9, 2015. Released October 13, 2015.
2.4.16 : Tagged on July 9, 2015. Released July 15, 2015
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- *) Synch 2.4.x with trunk, Strip useless apr_brigade_cleanup() calls.
- trunk patch: http://svn.apache.org/r1601624
- 2.4.x patch: trunk patch works
- +1: jailletc36, jim, ylavic
-
- *) Use ap_array_str_contains to simplify code
- trunk patch: http://svn.apache.org/r1733523
- http://svn.apache.org/r1733691
- 2.4.x patch: trunk patch works
- +1: jailletc36, jim, ylavic
-
- *) mod_ssl: Don't lose track of the SSL context if the ssl_run_pre_handshake()
- hook returns an error.
- trunk patch: http://svn.apache.org/r1734006
- 2.4.x patch: trunk patch works (modulo CHANGES)
- +1: minfrin, jim, ylavic
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
- *) mod_ssl: Free dhparams when getting DH params. This fixes issue when
- SSLCryptoDevice does not get unregistered because of non-zero refcount
- during the mod_ssl unload happening on httpd startup.
- trunk patch: http://svn.apache.org/r1720129
- http://svn.apache.org/r1723295
- http://svn.apache.org/r1733088
- http://svn.apache.org/r1733089
- 2.4.x patch: http://home.apache.org/~ylavic/patches/httpd-2.4.x-dh_leaks.patch
- +1: ylavic
- rpluem says: Can we get an updated 2.4.x proposal that includes r1723295?
- ylavic: done + CHANGES (votes reset)
-
*) mod_proxy_hcheck: Dynamic reverse proxy backend health check module
Trunk version of patch: <various>
Backport version for 2.4.x of patch:
ylavic: OK, this is just that persisted slotmems won't be reused on first
startup, not that the startup will fail (as I first thought).
- *) core: Ensure that httpd exits with an error status when the MPM fails
- to run.
- trunk patch: http://svn.apache.org/r1629925
- http://svn.apache.org/r1629927
- http://svn.apache.org/r1629928
- http://svn.apache.org/r1733162
- http://svn.apache.org/r1733173
- 2.4.x patch: http://home.apache.org/~ylavic/patches/httpd-2.4.x-exit_with_error_on_mpm_failure.patch
- +1: ylavic, jim
-
*) core/util_script: relax alphanumeric filter of enviroment variable names
on Windows to allow '(' and ')' for passing PROGRAMFILES(X86) et.al.
unadulterated in 64 bit versions of Windows. PR 46751.
(shellshock) with unix-like shells (or even maybe native windows
ones too)?
- *) mod_reqtimeout: Prevent long response times from triggering a timeout once
- the request has been fully read. PR 59045.
- trunk patch: http://svn.apache.org/r1734239
- 2.4.x patch: trunk works (module CHANGES)
- +1: ylavic, rpluem
-
-
- *) mod_rewrite: bug in recently backported r1734125.
- trunk patch: http://svn.apache.org/r1734294.
- 2.4.x patch: trunk works
- +1 covener, rpluem
+ *) mod_ssl: Add "no_crl_for_cert_ok" flag to SSLCARevocationCheck directive
+ to opt-in previous behaviour (2.2) with CRLs verification when checking
+ certificate(s) with no corresponding CRL.
+ trunk patch: http://svn.apache.org/r1734561
+ http://svn.apache.org/r1734807
+ http://svn.apache.org/r1735159
+ http://svn.apache.org/r1735337
+ 2.4.x patch: trunk works (modulo CHANGES) or
+ http://home.apache.org/~ylavic/patches/httpd-2.4.x-no_crl_for_cert_ok.patch
+ +1: ylavic
+ *) mod_proxy_http2: add http2 proxy support in new, experimental module.
+ Includes backport of r1729208 to set ALPN protocols for ssl backend
+ connections.
+ Trunk version of patch: <various>
+ Backport version for 2.4.x of patch: https://www.eissing.org/proxy_http2_2.4v4.patch
+ +1: icing, ylavic
+ updated patch after review by cjaillet, merged 1735668,1735748 from trunk
+ updated patch with APLOGNOs by merging 1735931,1735935 from trunk
+ updated patch with APLOGNOs by merging 1735942 from trunk
+
+ *) CGIVar for controlling building of REQUEST_URI (and future uses)
+ As mentioned on dev@:
+ * This is intended to replace existing methods of configuring how various
+ CGI vars should be built over the long term, though only REQUEST_URI is
+ handled for now.
+ * If the mechanism should be usable by third-party modules for its own
+ concerns, a check for recognized-envvar can be removed from the command
+ processor and the rest of the code will let the third-party module do
+ the right thing since the rule for a var is a character string in a table,
+ not a separate core_dir_config flag with enumerated values.
+ Trunk patch: r1734947, 1735952
+ 2.4.x patch: https://emptyhammock.com/media/downloads/CGIVar-to-2.4.x.txt
+ +1: trawick, ylavic
+
+
PATCHES/ISSUES THAT ARE BEING WORKED
*) http: Don't remove the Content-Length of zero from a HEAD response if