Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 2.2.3 Changelog
  • SECURITY: CVE-2006-3747 (cve.mitre.org) mod_rewrite: Fix an off-by-one security problem in the ldap scheme handling. For some RewriteRules this could lead to a pointer being written out of bounds. Reported by Mark Dowd of McAfee. [Mark Cox]
  • Win32: Minor fixes to build more cleanly under Visual Studio 2005 with command line builds. [William Rowe]
  • mod_authn_alias: Add a check to make sure that the base provider and the alias names are different and also that the alias has not been registered before. PR 40051. [Brad Nicholes]
  • mod_authnz_ldap: Fix a problem with invalid auth error detection for LDAP client SDKs that don't support the LDAP_SECURITY_ERROR macro. PR 39529. [Ray Price , Josh Fenlason ]
  • mod_cache: Do not overwrite the Content-Type in the cache, for successfully revalidated cached objects. PR 39647. [Ruediger Pluem]
  • mod_speling: Add directive to deal with case corrections only and ignore other misspellings [Olivier Thereaux ]
  • mod_dbd: Fix dependence on virtualhost configuration in defining prepared statements (possible segfault at startup in user modules such as mod_authn_dbd). [Nick Kew]
  • Add optional 'scheme://' prefix to ServerName directive, allowing correct determination of the canonical server URL for use behind a proxy or offload device handling SSL; fixing redirect generation in those cases. PR 33398. [Sander Temme]
  • Added server_scheme field to server_rec for above. Minor MMN bump. [Sander Temme]
  • mod_cache: Make caching of reverse SSL proxies possible again. PR 39593. [Ruediger Pluem, Joe Orton]
  • Worker MPM: On graceless shutdown or restart, send signals to each worker thread to wake them up if they're polling on a Keep-Alive connection. PR 38737. [Chris Darroch]
  • worker and event MPMs: fix excessive forking if fork() or child_init take a long time. PR 39275. [Greg Ames, Jeff Trawick, Chris Darroch ]
  • configure: Add "--with-included-apr" flag to force use of the bundled version of APR at build time. [Joe Orton]
  • Respect GracefulShutdownTimeout in the worker and event MPMs. [Chris Darroch, Garrett Rooney]
  • mod_mem_cache: Set content type correctly when delivering data from cache. PR 39266. [Ruediger Pluem]
  • mod_autoindex: Fix filename escaping with FancyIndexing disabled. PR 38910. [Robby Griffin ]
  • mod_charset_lite: Bypass translation when the source and dest charsets are the same. [Jeff Trawick]