Changes with Apache 2.4.3
+ *) SECURITY: CVE-2012-3502 (cve.mitre.org)
+ mod_proxy_ajp, mod_proxy_http: Fix an issue in back end
+ connection closing which could lead to privacy issues due
+ to a response mixup. PR 53727. [Rainer Jung]
+
*) SECURITY: CVE-2012-2687 (cve.mitre.org)
mod_negotiation: Escape filenames in variant list to prevent an
possible XSS for a site where untrusted users can upload files to
*) mod_authnz_ldap: Don't try a potentially expensive nested groups
search before exhausting all AuthLDAPGroupAttribute checks on the
- current group. PR52464 [Eric Covener]
+ current group. PR 52464 [Eric Covener]
*) mod_lua: Add new directive LuaAuthzProvider to allow implementing an
authorization provider in lua. [Stefan Fritsch]
[NOTE that x.{odd}.z versions are strictly Alpha/Beta releases,
while x.{even}.z versions are Stable/GA releases.]
- 2.4.3 : In development. Jim proposes a T&R around Aug 17.
+ 2.4.3 : Tagged on August 17, 2012.
2.4.2 : Tagged on April 5, 2012. Released Apr 17, 2012.
2.4.1 : Tagged on February 13, 2012. Released Feb 21, 2012.
2.4.0 : Tagged on January 16, 2012, not released.
#define AP_SERVER_MAJORVERSION_NUMBER 2
#define AP_SERVER_MINORVERSION_NUMBER 4
#define AP_SERVER_PATCHLEVEL_NUMBER 3
-#define AP_SERVER_DEVBUILD_BOOLEAN 1
+#define AP_SERVER_DEVBUILD_BOOLEAN 0
#define AP_SERVER_ADD_STRING "-dev"
/* Synchronize the above with docs/manual/style/version.ent */