Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 2.2.27 Changelog
  • SECURITY: CVE-2014-0098 (cve.mitre.org) Clean up cookie logging with fewer redundant string parsing passes. Log only cookies with a value assignment. Prevents segfaults when logging truncated cookies. [William Rowe, Ruediger Pluem, Jim Jagielski]
  • SECURITY: CVE-2013-6438 (cve.mitre.org) mod_dav: Keep track of length of cdata properly when removing leading spaces. Eliminates a potential denial of service from specifically crafted DAV WRITE requests [Amin Tora ]
  • core: draft-ietf-httpbis-p1-messaging-23 corrections regarding TE/CL conflicts. [Yann Ylavic , Jim Jagielski]
  • mod_proxy_http: Core dumped under high load. PR 50335. [Jan Kaluza ]
  • proxy_util: NULL terminate the right buffer in 'send_http_connect'. [Christophe Jaillet]
  • mod_proxy: Remove (never documented) syntax which is equivalent to . [Christophe Jaillet]
  • mod_ldap: Fix a potential memory leak or corruption. PR 54936. [Zhenbo Xu ]
  • mod_ssl: Do not perform SNI / Host header comparison in case of a forward proxy request. [Ruediger Pluem]
  • mod_rewrite: Add mod_rewrite.h to the headers installed on Windows. PR46679 [Bob Ionescu]