Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 1.3.32 Changelog
  • mod_rewrite: Fix query string handling for proxied URLs. PR 14518. [michael teitler , Jan Kratochvil ]
  • mod_rewrite: Fix 0 bytes write into random memory position. PR 31036. [Andr? Malo]
  • mod_digest: Fix nonce string calculation since 1.3.31 which would force re-authentication for every connection if AuthDigestRealmSeed was not configured. PR 30920. [Joe Orton]
  • Trigger an error when a LoadModule directive attempts to load a module which is built-in. This is a common error when switching from a DSO build to a static build. [Jeff Trawick, Geoffrey Young]
  • Fix trivial bug in mod_log_forensic that caused the child to seg fault when certain invalid requests were fired at it with forensic logging is enabled. PR 29313. [Will Slater ]
  • Fix memory leak in the cache handling of mod_rewrite. PR 27862. [chunyan sheng , Andr? Malo]
  • mod_rewrite no longer confuses the RewriteMap caches if different maps defined in different virtual hosts use the same map name. PR 26462. [Andr? Malo]
  • mod_setenvif: Remove "support" for Remote_User variable which never worked at all. PR 25725. [Andr? Malo]
  • mod_usertrack: Escape the cookie name before pasting into the regexp. [Andr? Malo]
  • Win32: Improve error reporting after a failed attempt to spawn a piped log process or rewrite map process. [Jeff Trawick]
  • SECURITY: CVE-2004-0492 (cve.mitre.org) Reject responses from a remote server if sent an invalid (negative) Content-Length. [Mark Cox]
  • Fix a bunch of cases where the return code of the regex compiler was not checked properly. This affects mod_usertrack and core. PR 28218. [Andr? Malo]
  • No longer breaks mod_dav, frontpage and others. Repair a patch in 1.3.31 which prevented discarding the request body for requests that will be keptalive but are not currently keptalive. PR 29237. [Jim Jagielski, Rasmus Lerdorf]
  • COMPATIBILITY: Added new compile-time flag: UCN_OFF_HONOR_PHYSICAL_PORT. It controls how UseCanonicalName Off determines the port value if the client doesn't provide one in the Host header. If defined during compilation, UseCanonicalName Off will use the physical port number to generate the canonical name. If not defined, it tries the current Port value followed by the default port for the current scheme. [Jim Jagielski]