Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 2.0.47 Changelog
  • SECURITY: CVE-2003-0192 (cve.mitre.org) Fixed a bug whereby certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one could result in the weak ciphersuite being used in place of the strong one. [Ben Laurie]
  • SECURITY: CVE-2003-0253 (cve.mitre.org) Fixed a bug in prefork MPM causing temporary denial of service when accept() on a rarely accessed port returns certain errors. Reported by Saheed Akhtar . [Jeff Trawick]
  • SECURITY: CVE-2003-0254 (cve.mitre.org) Fixed a bug in ftp proxy causing denial of service when target host is IPv6 but proxy server can't create IPv6 socket. Fixed by the reporter. [Yoshioka Tsuneo ]
  • SECURITY [VU#379828] Prevent the server from crashing when entering infinite loops. The new LimitInternalRecursion directive configures limits of subsequent internal redirects and nested subrequests, after which the request will be aborted. PR 19753 (and probably others). [William Rowe, Jeff Trawick, AndrĂ© Malo]
  • core_output_filter: don't split the brigade after a FLUSH bucket if it's the last bucket. This prevents creating unneccessary empty brigades which may not be destroyed until the end of a keepalive connection. [Juan Rivera ]
  • Add support for "streamy" PROPFIND responses. [Ben Collins-Sussman ]
  • mod_cgid: Eliminate a double-close of a socket. This resolves various operational problems in a threaded MPM, since on the second attempt to close the socket, the same descriptor was often already in use by another thread for another purpose. [Jeff Trawick]
  • mod_negotiation: Introduce "prefer-language" environment variable, which allows to influence the negotiation process on request basis to prefer a certain language. [AndrĂ© Malo]
  • Make mod_expires' ExpiresByType work properly, including for dynamically-generated documents. [Ken Coar, Bill Stoddard]