Project description.

The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.

The goal of this project is to provide a secure, efficient and extensible server that provides HTTP services in sync with the current HTTP standards

Apache 2.4.0 Changelog
  • SECURITY: CVE-2012-0031 (cve.mitre.org) Fix scoreboard issue which could allow an unprivileged child process to cause the parent to crash at shutdown rather than terminate cleanly. [Joe Orton]
  • mod_ssl: Fix compilation with xlc on AIX. PR 52394. [Stefan Fritsch]
  • SECURITY: CVE-2012-0021 (cve.mitre.org) mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format string is in use and a client sends a nameless, valueless cookie, causing a denial of service. The issue existed since version 2.2.17 and 2.3.3. PR 52256. [Rainer Canavan ]
  • mod_ssl: when compiled against OpenSSL 1.0.1 or later, allow explicit control of TLSv1.1 and TLSv1.2 through the SSLProtocol directive. [Kaspar Brand]
  • mod_ssl: set OPENSSL_NO_SSL_INTERN when compiling against OpenSSL 1.0.1 or later, to improve binary compatibility with future OpenSSL releases. [Kaspar Brand]
  • mod_mime: Don't arbitrarily bypass AddOutputFilter during a ProxyPass, but then allow AddOutputFilter during a RewriteRule [P]. Make mod_mime behave identically in both cases. PR52342. [Graham Leggett]
  • Move ab, logresolve, httxt2dbm and apxs to bin from sbin, along with corresponding man pages. [Graham Leggett]
  • Distinguish properly between the bindir and sbindir directories when installing binaries. Previously all binaries were silently installed to sbindir, whether they were system administration commands or not. [Graham Leggett]