Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 2.3.7 Changelog
  • SECURITY: CVE-2010-1452 ( mod_dav, mod_cache, mod_session: Fix Handling of requests without a path segment. PR 49246 [Mark Drayton, Jeff Trawick]
  • mod_ldap: Properly check the result returned by apr_ldap_init. PR 46076. [Stefan Fritsch]
  • mod_rewrite: Log errors if rewrite map files cannot be opened. PR 49639. [Stefan Fritsch]
  • mod_proxy_http: Support the 'ping' property for backend HTTP/1.1 servers via leveraging 100-Continue as the initial "request". [Jim Jagielski]
  • core/mod_authz_core: Introduce new access_checker_ex hook that enables mod_authz_core to bypass authentication if access should be allowed by IP address/env var/... [Stefan Fritsch]
  • core: Introduce note_auth_failure hook to allow modules to add support for additional auth types. This makes ap_note_auth_failure() work with mod_auth_digest again. PR 48807. [Stefan Fritsch]
  • socache modules: return APR_NOTFOUND when a lookup is not found [Nick Kew]
  • mod_authn_socache: new module [Nick Kew]
  • configure: Add reallyall option for --enable-mods-shared. [Stefan Fritsch]
  • Fix Windows build when using VC6. [Gregg L. Smith ]
  • mod_rewrite: Allow to set environment variables without explicitly giving a value. [Rainer Jung]
  • mod_rewrite: Remove superfluous EOL from rewrite logging. [Rainer Jung]
  • mod_include: recognise "text/html; parameters" as text/html PR 49616 [Andrey Chernov ]
  • CGI vars: allow PATH to be set by SetEnv, consistent with LD_LIBRARY_PATH PR 43906 [Nick Kew]
  • Core: Extra robustness: don't try authz and segfault if authn fails to set r->user. Log bug and return 500 instead. PR 42995 [Nick Kew]
  • HTTP protocol filter: fix handling of longer chunk extensions PR 49474 []
  • Update SSL cipher suite and add example for SSLHonorCipherOrder. [Lars Eilebrecht, Rainer Jung]
  • move AddOutputFilterByType from core to mod_filter. This should fix nasty side-effects that happen when content_type is set more than once in processing a request, and make it fully compatible with dynamic and proxied contents. [Nick Kew]
  • mod_log_config: Implement logging for sub second timestamps and request end time. [Rainer Jung]