Release Notes: This release is for Apache 1.3.39.
Release Notes: This release is for Apache 1.3.36.
Release Notes: This version was adjusted for Apache 1.3.35. Some small fixes were made.
Release Notes: A security issue (CAN-2005-2700) has been fixed where "SSLVerifyClient require" was not enforced in per-location context if "SSLVerifyClient optional" was configured in the global virtual host configuration.
Release Notes: This version was ported to the OpenSSL 0.9.8 API. Connection timeout handling was fixed. The ca-bundle.crt file from Mozilla's "certdata.txt" was updated. Timeout handling in POST request processing was fixed. A double-definition of OPENSSL_free under OpenSSL 0.9.6 was fixed.
Release Notes: This is the companion version to Apache 1.3.33. There is no functional change, just an adjusted patch set.
Release Notes: This is the companion mod_ssl version for Apache 1.3.32.
Release Notes: Fixed a security bug caused by a format string vulnerability.
Release Notes: This version upgrades to Apache 1.3.29 and fixes a few bugs. It avoids memory corruption in certificate handling caused by a heap memory double-freeing situation, allows the "HTTPS" variable to be passed through by suEXEC, clears the OpenSSL error code in the pass phrase reading code, reverts the recent change where ap_cleanup_for_exec() called ap_kill_alloc_shared(), and correctly checks for SSL_R_HTTP_REQUEST.
Release Notes: Upgraded to Apache 1.3.28.