`
masterkey
  • 浏览: 337662 次
  • 性别: Icon_minigender_1
  • 来自: 北京
社区版块
存档分类
最新评论

apache 2.2.13

阅读更多

Changes with Apache 2.2.13

  *) SECURITY: CVE-2009-2412 (cve.mitre.org)
     Distributed with APR 1.3.8 and APR-util 1.3.9 to fix potential overflow
     in pools and rmm, where size alignment was taking place.
     [Matt Lewis <mattlewis@google.com>, Sander Striker]

  *) mod_ssl, ab: improve compatibility with OpenSSL 1.0.0 betas.  Report
     warnings compiling mod_ssl against OpenSSL to the httpd developers.
     [Guenter Knauf]

  *) mod_cgid: Do not add an empty argument when calling the CGI script.
     PR 46380 [Ruediger Pluem]

  *) Fix potential segfaults with use of the legacy ap_rputs() etc
     interfaces, in cases where an output filter fails.  PR 36780.
     [Joe Orton]

Changes with Apache 2.2.12

  *) SECURITY: CVE-2009-1891 (cve.mitre.org)
     Fix a potential Denial-of-Service attack against mod_deflate or other
     modules, by forcing the server to consume CPU time in compressing a
     large file after a client disconnects.  PR 39605.
     [Joe Orton, Ruediger Pluem]

  *) SECURITY: CVE-2009-1195 (cve.mitre.org)
     Prevent the "Includes" Option from being enabled in an .htaccess
     file if the AllowOverride restrictions do not permit it.
     [Jonathan Peatfield <j.s.peatfield damtp.cam.ac.uk>, Joe Orton,
      Ruediger Pluem, Jeff Trawick]

  *) SECURITY: CVE-2009-1890 (cve.mitre.org)
     Fix a potential Denial-of-Service attack against mod_proxy in a
     reverse proxy configuration, where a remote attacker can force a
     proxy process to consume CPU time indefinitely.  [Nick Kew, Joe Orton]

  *) SECURITY: CVE-2009-1191 (cve.mitre.org)
     mod_proxy_ajp: Avoid delivering content from a previous request which
     failed to send a request body. PR 46949 [Ruediger Pluem]

  *) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org)
     The bundled copy of the APR-util library has been updated, fixing three
     different security issues which may affect particular configurations
     and third-party modules.

  *) mod_include: fix potential segfault when handling back references
     on an empty SSI variable. [Ruediger Pluem, Lars Eilebrecht, Nick Kew]

  *) mod_alias: check sanity in Redirect arguments.
     PR 44729 [Sönke Tesch <st kino-fahrplan.de>, Jim Jagielski]

  *) mod_proxy_http: fix Host: header for literal IPv6 addresses.
     PR 47177 [Carlos Garcia Braschi <cgbraschi gmail.com>]

  *) mod_rewrite: Remove locking for writing to the rewritelog.
     PR 46942

  *) mod_alias: Ensure Redirect emits HTTP-compliant URLs.
     PR 44020

  *) mod_proxy_http: fix case sensitivity checking transfer encoding
     PR 47383 [Ryuzo Yamamoto <ryuzo.yamamoto gmail.com>]

  *) mod_rewrite: Fix the error string returned by RewriteRule.
     RewriteRule returned "RewriteCond: bad flag delimiters" when the 3rd
     argument of RewriteRule was not started with "[" or not ended with "]".
     PR 45082 [Vitaly Polonetsky <m_vitaly topixoft.com>]

  *) mod_proxy: Complete ProxyPassReverse to handle balancer URL's.  Given;
       BalancerMember balancer://alias http://example.com/foo
       ProxyPassReverse /bash balancer://alias/bar
     backend url http://example.com/foo/bar/that is now translated /bash/that
     [William Rowe]

  *) New piped log syntax: Use "||process args" to launch the given process
     without invoking the shell/command interpreter.  Use "|$command line"
     (the default behavior of "|command line" in 2.2) to invoke using shell,
     consuming an additional shell process for the lifetime of the logging
     pipe program but granting additional process invocation flexibility.
     [William Rowe]

  *) mod_ssl: Add server name indication support (RFC 4366) and better
     support for name based virtual hosts with SSL. PR 34607
     [Peter Sylvester <peter.sylvester edelweb.fr>,
      Kaspar Brand <asfbugz velox.ch>, Guenter Knauf, Joe Orton,
      Ruediger Pluem]

  *) mod_negotiation: Escape pathes of filenames in 406 responses to avoid
     HTML injections and HTTP response splitting.  PR 46837.
     [Geoff Keating <geoffk apple.com>]

  *) mod_include: Prevent a case of SSI timefmt-smashing with filter chains
     including multiple INCLUDES filters. PR 39369 [Joe Orton]

  *) mod_rewrite: When evaluating a proxy rule in directory context, do
     escape the filename by default. PR 46428 [Joe Orton]

  *) mod_proxy_ajp: Check more strictly that the backend follows the AJP
     protocol. [Mladen Turk]

  *) mod_ssl: Add SSLProxyCheckPeerExpire and SSLProxyCheckPeerCN directives
     to enable stricter checking of remote server certificates.
     [Ruediger Pluem]

  *) mod_substitute: Fix a memory leak. PR 44948
     [Dan Poirier <poirier pobox.com>]

  *) mod_proxy_ajp: Forward remote port information by default.
     [Rainer Jung]

  *) mod_disk_cache/mod_mem_cache: Fix handling of CacheIgnoreHeaders
     directive to correctly remove headers before storing them.
     [Lars Eilebrecht]

  *) mod_deflate: revert changes in 2.2.8 that caused an invalid
     etag to be emitted for on-the-fly gzip content-encoding.
     PR 39727 will require larger fixes and this fix was far more
     harmful than the original code. PR 45023. [Roy T. Fielding]

  *) mod_disk_cache: The module now turns off sendfile support if
     'EnableSendfile off' is defined globally. PR 41218.
     [Lars Eilebrecht, Issac Goldstand]

  *) prefork: Fix child process hang during graceful restart/stop in
     configurations with multiple listening sockets.  PR 42829.  [Joe Orton,
     Jeff Trawick]

  *) mod_ssl: Add SSLRenegBufferSize directive to allow changing the
     size of the buffer used for the request-body where necessary
     during a per-dir renegotiation.  PR 39243.  [Joe Orton]

  *) mod_rewrite: Introduce DiscardPathInfo|DPI flag to stop the troublesome
     way that per-directory rewrites append the previous notion of PATH_INFO
     to each substitution before evaluating subsequent rules.
     PR38642 [Eric Covener]

  *) mod_authnz_ldap: Reduce number of initialization debug messages and make
     information more clear. PR 46342 [Dan Poirier]

  *) mod_cache: Introduce 'no-cache' per-request environment variable
     to prevent the saving of an otherwise cacheable response.
     [Eric Covener]

  *) core: Translate the status line to ASCII on EBCDIC platforms in
     ap_send_interim_response() and for locally generated "100 Continue"
     responses.  [Eric Covener]

  *) CGI: return 504 (Gateway timeout) rather than 500 when a script
     times out before returning status line/headers.
     PR 42190 [Nick Kew]

  *) prefork: Log an error instead of segfaulting when child startup fails
     due to pollset creation failures.  PR 46467.  [Jeff Trawick]

  *) mod_ext_filter: fix error handling when the filter prog fails to start,
     and introduce an onfail configuration option to abort the request
     or to remove the broken filter and continue.
     PR 41120 [Nick Kew]

  *) mod_include: support generating non-ASCII characters as entities in SSI
     PR 25202 [Nick Kew]

  *) core/utils: Enhance ap_escape_html API to support escaping non-ASCII chars
     [Nick Kew]

  *) mod_rewrite: fix "B" flag breakage by reverting r589343
     PR 45529 [Bob Ionescu <bobsiegen googlemail.com>]

  *) mod_cgid: fix segfault problem on solaris.
     PR 39332 [Masaoki Kobayashi <masaoki techfirm.co.jp>, Jeff Trawick]

  *) mod_ldap: Avoid a segfault when result->rc is checked in uldap_connection_init
     when result is NULL. This could happen if LDAP initialization failed.
     PR 45994.  [Dan Poirier <poirier pobox.com>]

  *) Set Listen protocol to "https" if port is set to 443 and no proto is specified
     (as documented but not implemented). PR 46066  [Dan Poirier <poirier pobox.com>]

  *) mod_cache: Correctly save Content-Encoding of cachable entity. PR 46401
     [Dan Poirier <poirier pobox.com>]

  *) Output -M and -S dumps (modules and vhosts) to stdout instead of stderr.
     PR 42571 and PR 44266 (dup).  [Dan Poirier <poirier pobox.com>]

  *) mod_cache: When an explicit Expires or Cache-Control header is set, cache
     normally non-cacheable response statuses. PR 46346.
     [Alex Polvi <alex polvi.net>]

分享到:
评论

相关推荐

    apache_2.2.13-x64-no-ssl.msi

    apache 服务 apache_2.2.13-x64-no-ssl.msi

    apache_2.2.13-win32-x86-openssl-0.9.8k.msi

    apache_2.2.13-win32-x86-openssl-0.9.8k.msi

    Apache_2.2.13

    这是php的必安软件!一个直接可以在windows上面安装的可执行文件,不需要解压,不需要注册码。直接安装就可以了。

    Linux环境下安装svn的PDF文档

    ./configure --with-apxs=/usr/local/apache2/bin/apxs --with-apr=/usr/local/apache2/ --with-apr-util=/usr/local/apache2/ --prefix=/usr/local/subversion --with-ssl --with-zlib --enable-maintainer-mode ...

    (2)Apatch安装.pdf

    Apache 2.2.13 安装教程 本文将详细介绍如何在 Windows 平台上安装 Apache 2.2.13 服务器,涵盖从下载软件到安装完成的所有步骤。 一、软件准备 在安装 Apache 服务器之前,需要下载相应的安装包。Apache 2.2.13 ...

    php+apache+mysql配置视频教程

    本教程以PHP 5.3和Apache 2.2.13版本为例,这是当时较新的组合,适用于许多常见的Web应用。 首先,让我们深入了解一下PHP。PHP(Hypertext Preprocessor)是一种开源的服务器端脚本语言,特别适合Web开发,可以嵌入...

    HiPHP v0.4.2

    0.4.2更新*重写核心代码*更名为HiPHP*增加rewrite配置(新增discuz phpwind wordpress的rewrite模版)软件简介:HiPHP 是一款图形界面的快速搭建apache2.2.13、PHP 5.2.11、MySQL 5.1.35、phpMyAdmin 3.2.3,网站...

    ESSamp php+mysql+apache环境搭建

    ESSamp是一款拥有图形界面的快速搭建网站服务器平台的绿色软件。您只需下载并解压ESSamp就能...Apache 2.2.13 PHP 5.2.10 MySQL 5.1.37 MySQL 4.1.22 phpMyAdmin 2.11.9.5 ZendOptimizer 3.3.3 eAccelerator 0.9.5.3

    ApacheTomcat集群整合教程

    这里下载的是与Apache 2.2.13版本匹配的mod_jk-1.2.28-httpd-2.2.3.so,它实现了Apache与Tomcat之间的通信。 4. **集群配置**:在一台主机上配置多个Tomcat实例(也称为服务器节点),每个实例对应一个独立的域名。...

    apache_2.2.13-win32-x86-no_ssl

    Apache HTTP Server 2.2.13 是一个广泛使用的开源Web服务器软件,尤其适用于Windows 32位系统。这个版本不包含SSL支持,意味着它不能处理加密的HTTPS连接,这在当今重视数据安全的时代可能略显不足。然而,对于那些...

    phpstudy Apache PHP MySQL phpMyAdmin ZendOptimizer

    Apache 2.2.13 最流行的HTTP服务器软件,快速、可靠、开源。 MySQL 5.0.85 执行性能高,运行速度快,容易使用,非常棒数据库。 phpMyAdmin 3.2.2 开源、基于WEB而小巧的MySQL管理程序。 ZendOptimizer 3.3.3 免费...

    tomcat6.0与apache2.2的完美组合

    本文将详细介绍如何在Windows环境下,将Apache 2.2.13与Tomcat 6.0.18进行整合,实现一台Apache服务器带两个Tomcat实例的配置。 首先,确保下载并安装了正确的软件版本。Apache可以从...

    VisualSVN Server 2.0.8 汉化包

    2.0.8版本内包含了Subversion 1.6.6(即SVN),Apache 2.2.13 VisualSVN Server目前分成免费的标准版和收费的企业版, 默认安装为标准版,输入买来的企业版授权码即转为企业版。 企业版比标准版多开放两个功能:访问...

    apachetomcat整合教程.txt

    - **选择版本**: 本教程使用的是Apache 2.2.13,下载 `apache_2.2.4-win32-x86-no_ssl.msi` 文件进行安装。 - **安装步骤**: - 运行下载好的MSI文件,按照向导提示进行安装。 - 安装过程中可以选择自定义安装路径...

    ESSamp v2.0.0.0

    ESSamp是一款拥有图形界面的快速搭建网站...2、MySQL默认用户名:root,密码为空3、ESSamp集成了以下软件:Apache 2.2.13PHP 5.2.10 MySQL 5.1.37MySQL 4.1.22phpMyAdmin 2.11.9.5ZendOptimizer 3.3.3eAccelerator 0.9.

    PHP Mysql本地环境一键搭建 网站源码程序本地测试软件

    绝对可用简单绿色 站长必备 是一款拥有图形界面的快速搭建网站服务器平台的绿色软件。...Apache 2.2.13 PHP 5.2.10 MySQL 5.1.37 MySQL 4.1.22 phpMyAdmin 2.11.9.5 ZendOptimizer 3.3.3 eAccelerator 0.9.5.3

    phpstudy2009

    Apache2.2.13最流行的HTTP服务器软件,快速、可靠、开源。 MySQL5.0.85执行性能高,运行速度快,容易使用,非常棒数据库。 phpMyAdmin3.2.2开源、基于WEB而小巧的MySQL管理程序。 ZendOptimizer3.3.3免费的PHP优化...

Global site tag (gtag.js) - Google Analytics