Release Notes: This release fixes hostname validation (SQL injection, path traversals) and other bugs.
Release Notes: This release fixes some security bugs (CVE-2013-4508, CVE-2013-4559, CVE-2013-4560) and contains other small fixes.
Release Notes: 1.4.33 contains small bugfixes and some minor new features.
Release Notes: This release fixes a DoS bug (CVE-2012-5533) and contains other small fixes.
Release Notes: Many important changes. This release fixes a segfault (a crash on the first HTTPS request), disables mmap due to a possible crash if the file is truncated while reading, and more.
Release Notes: This version fixes a signedness error in http_auth (CVE-2011-4362), disables client initiated renegotiations, supports mitigating BEAST attacks (both SSL), and fixes connection stalls.
Release Notes: This release fixes a name conflict with OpenSSL, some cgi* bugs, should improve SSL support, and adds the "solaris-eventports" fdevent handler.
Release Notes: 1.4.27 introduced some serious bugs in the fdevent system; one resulted in segfaults with FreeBSD. This should be fixed now.
Release Notes: This release fixes SSL (SNI handling and SSL_CTX_set_options) and mod_cgi and mod_proxy (response handling). There is a new fdevent handler "libev" ("linux-rtsig" was removed). IPv6 sockets are now bound to IPv6 only in almost all cases ("dual-stack" is disabled).
Release Notes: There have been some important bugfixes (request parser handling for split header data, an fd leak in mod_cgi, a segfault with broken configs in mod_rewrite/mod_redirect, HUP detection, and an OOM/DoS vulnerability).