Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 2.1.7 Changelog
  • SECURITY: CVE-2005-2491 (cve.mitre.org): Fix integer overflows in PCRE in quantifier parsing which could be triggered by a local user through use of a carefully-crafted regex in an .htaccess file. [Philip Hazel]
  • mod_proxy/mod_proxy_balancer: Provide a simple, functional interface to add additional balancer lb selection methods without requiring code changes to mod_proxy/mod_proxy_balancer; these can be implemented via sub-modules now. [Jim Jagielski]
  • mod_cache: Fix incorrectly served 304 responses when expired cache entity is valid, but cache is unwritable and headers cannot be updated. [Colm MacCarthaigh ]
  • mod_cache: Remove entities from the cache when re-validation receives a 404 or other content-no-longer-present error. [Rüdiger Plüm ruediger.pluem vodafone.com]
  • mod_disk_cache: Properly remove files from cache when needed. [Rüdiger Plüm ruediger.pluem vodafone.com]
  • mod_disk_cache: Support htcacheclean removing directories. [Andreas Steinmetz]
  • htcacheclean: Add -t option to remove empty directories. [Colm MacCarthaigh ]
  • Remove the base href tag from mod_proxy_ftp, as it breaks relative links for clients not using an Authorization header. [Graham Leggett, Jon Snow ]
  • mod_cache: Restore the HTTP status of cached responses. [Hansjoerg Pehofer ]
  • mod_cache: Store varied contents all in the same prefix for a varied URI. [Paul Querna]
  • mod_cache: Run the CACHE_SAVE and CACHE_OUT Filters after other content filters. [Paul Querna]
  • mod_negotiation: Correctly report 404 instead of 403 for missing files. [Paul Querna]
  • new hook (request_status) that gets ran in proxy_handler just before the final return. This gives modules an opportunity to do something based on the proxy status. (minor MMN bump) [Brian Akins , Ian Holsman]
  • Add additional SSLSessionCache option, 'nonenotnull', which is similar to 'none' (disabling any external shared cache) but forces OpenSSL to provide a non-null session ID. [Jim Jagielski]
  • Add httxt2dbm to support/ for creating RewriteMap DBM Files. [Paul Querna]
  • Add SSL_COMPRESS_METHOD variable (included in +StdEnvVars) to note the negotiated compression. [Georg v. Zezschwitz ]
  • Fixed complaints about unpackaged files within the RPM build after changes to the config files. [Graham Leggett]
  • Fix shutdown for the Worker MPM when an Accept Filter is used. Instead of just closing the socket, a HTTP request is made, to make sure the child is always awakened. [Paul Querna]