Projects / Apache / Releases

All releases of Apache

  •  17 Apr 2005 23:09
Avatar

    Release Notes: This version of Apache is principally a bugfix release.

    •  08 Feb 2005 19:53
    Avatar

      Release Notes:

      •  30 Oct 2004 15:38
      Avatar

        Release Notes: This release fixes a potential buffer overflow with escaped characters in the SSI tag string. Responses from a remote server are rejected if sent an invalid (negative) Content-Length. Additionally, this release fixes query string handling for proxied URLs, a 0 bytes write into random memory position, nonce string calculation since 1.3.31 (which would force re-authentication for every connection if AuthDigestRealmSeed was not configured), and a trivial bug in mod_log_forensic that caused the child to segfault with certain invalid requests.

        •  30 Oct 2004 15:36
        Avatar

          Release Notes: This release fixes merging of the Satisfy directive, which was applied to the surrounding context and could allow access despite configured authentication.

          •  29 Oct 2003 14:34
          Avatar

            Release Notes: General bug fixes were made, and fixes were made for security issues (cve.mitre.org: CAN-2003-0789, CAN-2003-0542).

            •  09 Jul 2003 14:38
            Avatar

              Release Notes: Fixes were made for security issues (cve.mitre.org: CAN-2003-0192, CAN-2003-0253, CAN-2003-0254 and VU#379828). Other bugs were fixed. Feature enhancements were added.

              •  28 May 2003 18:08
              Avatar

                Release Notes: A bug has been fixed that could be triggered remotely through mod_dav and possibly other mechanisms, causing an Apache child process to crash. A denial-of-service vulnerability affecting basic authentication on Unix platforms related to thread-safety in apr_password_validate() has been fixed.

                •  21 Jan 2003 01:44
                Avatar

                  Release Notes: Fixes for security issues regarding the Windows platform (cve.mitre.org: CAN-2003-0016, CAN-2003-0017), bugfixes, and feature enhancements.

                  •  05 Oct 2002 14:39
                  Avatar

                    Release Notes: Fixes for a security vulnerability noted in CAN-2002-0840 regarding a cross-site scripting vulnerability in the default error page when using wildcard DNS and prevented POST requests for CGI scripts from serving the source code when DAV is enabled on the location.

                    •  05 Oct 2002 14:38
                    Avatar

                      Release Notes: Fixes for the security vulnerability noted in CAN-2002-0839 regarding ownership permissions of System V shared memory-based scoreboards, the security vulnerability noted in CAN-2002-0840 regarding a cross-site scripting vulnerability in the default error page when using wildcard DNS, and the security vulnerability noted in CAN-2002-0843 regarding some possible overflows in ab.c which could be exploited by a malicious server.

                      Screenshot

                      Project Spotlight

                      episoder

                      A tool to tell you about new episodes of your favourite TV shows.

                      Screenshot

                      Project Spotlight

                      BalanceNG

                      A modern software IP load balancer.