Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 1.3.29 Changelog
  • SECURITY: CVE-2003-0542 (cve.mitre.org) Fix buffer overflows in mod_alias and mod_rewrite which occurred if one configured a regular expression with more than 9 captures. [Andr? Malo]
  • Within ap_bclose(), ap_pclosesocket() is now called consistently for sockets and ap_pclosef() for files. Also, closesocket() is used consistenly to close socket fd's. The previous confusion between socket and file fd's would cause problems with some applications now that we proactively close fd's to prevent leakage. PR 22805 [Radu Greab , Jim Jagielski] If a request fails and the client will be redirected to another URL due to ErrorDocument, see if we need to drop the connection after sending the 302 response. This fixes a problem where Apache treated the body of the failed request as the next request on a keepalive connection. The subsequent 501 error sent to the browser prevented some browsers from fetching the error document. [Jeff Trawick]
  • Fixed mod_usertrack to not get false positive matches on the user-tracking cookie's name. PR 16661. [Manni Wood ]
  • Enabled RFC1413 ident functionality for both Win32 and NetWare platforms. This also included an alternate thread safe implementation of the socket timout functionality when querying the identd daemon. [Brad Nicholes, William Rowe] Prevent creation of subprocess Zombies when using CGI wrappers such as suExec and cgiwrap. PR 21737. [Numerous]
  • ab: Overlong credentials given via command line no longer clobber the buffer. [Andr? Malo]
  • Fix ProxyPass for ftp requests - the original code was segfaulting since many of the values were not being filled out in the request_rec. [Tollef Fog Heen , Thom May]