Release Notes: This version of Apache is principally a bug and security fix release. mod_proxy now prevents reading past the end of a buffer when parsing date-related headers. mod_cache now prevents a segmentation fault if attributes are listed in a Cache-Control header without any value. The prefork and worker MPMs now ensure that the parent process cannot be forced to kill processes outside its process group. A possible XSS attack against a site with a public server-status page and ExtendedStatus enabled was fixed.
Release Notes: This major release features loadable MPMs, major improvements to OCSP support, mod_lua, dynamic reverse proxy configuration, improved authentication/authorization, a FastCGI proxy, a new expression parser, and a small object caching API.
Release Notes: This release was updated to reflect the OpenSSL project's release 0.9.8m of the openssl library, and addresses the TLS renegotiation prefix injection attack. This release further addresses security issues within mod_proxy_ajp, mod_isapi, and mod_headers respectively.
Release Notes: This release is intended as the final release of version 1.3 of the Apache HTTP Server, which has reached end-of-life status. It fixes a security issue in mod_proxy in order to prevent chunk-size integer overflows on platforms where sizeof(int) < sizeof(long).
Release Notes: This version of Apache is principally an alpha release to test new technology and features that are incompatible or too large for the stable 2.2.x branch.
Release Notes: This version of Apache is principally a security and bugfix release. Notably, it bundles the APR Library version 1.3.8 and APR Utility Library version 1.3.9, which address a security concern that may be triggered by some third party modules.