+- MyTFLS社区 (https://community.mytfls.com)
+-- 论坛: 电脑区 (https://community.mytfls.com/forum-19.html)
+--- 论坛: 软件地带 (https://community.mytfls.com/forum-43.html)
+--- 主题: Apache 2.2.2 Change log (/thread-11369.html)
Apache 2.2.2 Change log - Metmet - 2006-5-1
Changes with Apache 2.2.2
*) mod_deflate: work correctly in an internal redirect
[Brian J. France <list firehawksystems com>]
*) mod_proxy_balancer: Initialize members of a balancer correctly.
PR 38227. [James A. Robinson <jim.robinson stanford.edu>]
*) mod_proxy: Do not release connections from connection pool twice.
PR 38793. [Ruediger Pluem, matthias <mk-asf gigacodes.de>]
*) core: Prevent reading uninitialized memory while reading a line of
protocol input. PR 39282. [Davi Arnaut <davi haxent.com.br>]
*) mod_dbd: Update defaults, improve error reporting.
[Chris Darroch <chrisd pearsoncmg com>, Nick Kew]
*) mod_dbd: Create own pool and mutex to avoid problem use of
process pool in request processing.
[Chris Darroch <chrisd pearsoncmg com>]
*) HTML-escape the Expect error message. Not classed as security as
an attacker has no way to influence the Expect header a victim will
send to a target site. Reported by Thiago Zaninotti
<thiango nstalker.com>. [Mark Cox]
*) htdbm: Fix crash processing -d option in 64-bit mode on HP-UX.
[Jeff Trawiclancer: Initialize members of a balancer correctly.
PR 38227. [James A. Robinson <jim.robinson stanford.edu>]
*) mod_proxy: Do not release connections from connection pool twice.
PR 38793. [Ruediger Pluem, matthias <mk-asf gigacodes.de>]
*) core: Prevent reading uninitialized memory while reading a line of
protocol input. PR 39282. [Davi Arnaut <davi haxent.com.br>]
*) mod_dbd: Update defaults, improve error reporting.
[Chris Darroch <chrisd pearsoncmg com>, Nick Kew]
*) mod_dbd: Create own pool and mutex to avoid problem use of
process pool in request processing.
[Chris Darroch <chrisd pearsoncmg com>]
*) HTML-escape the Expect error message. Not classed as security as
an attacker has no way to influence the Expect header a victim will
send to a target site. Reported by Thiago Zaninotti
<thiango nstalker.com>. [Mark Cox]
*) htdbm: Fix crash processing -d option in 64-bit mode on HP-UX.
[Jeff Trawick]
*) htdbm: Warn the user when adding a plaintext password on a platform
where it wouldn't work with the server (i.e., anywhere that has
crypt()). [Jeff Trawick]
*) mod_proxy: don't reuse a connection that may be to the wrong backend
PR 39253 [Ruediger Pluem]
*) Default handler: Don't return output filter apr_status_t values.
PR 31759. [Jeff Trawick, Ruediger Pluem, Joe Orton]
*) mod_dbd: Create own pool and mutex to avoid problem use of
process pool in request processing.
[Chris Darroch <chrisd pearsoncmg com>]
*) HTML-escape the Expect error message. Not classed as security as
an attacker has no way to influence the Expect header a victim will
send to a target site. Reported by Thiago Zaninotti
<thiango nstalker.com>. [Mark Cox]
*) htdbm: Fix crash processing -d option in 64-bit mode on HP-UX.
[Jeff Trawick]
*) htdbm: Warn the user when adding a plaintext password on a platform
where it wouldn't work with the server (i.e., anywhere that has
crypt()). [Jeff Trawick]
*) mod_proxy: don't reuse a connection that may be to the wrong backend
PR 39253 [Ruediger Pluem]
*) Default handler: Don't return output filter apr_status_t values.
PR 31759. [Jeff Trawick, Ruediger Pluem, Joe Orton]
Changes with Apache 2.2.1
*) SECURITY: CVE-2005-3357 (cve.mitre.org)
mod_ssl: Fix a possible crash during access control checks if a
non-SSL request is processed for an SSL vhost (such as the
"HTTP request received on SSL port" error message when an 400
ErrorDocument is configured, or if using "SSLEngine optional").
PR 37791. [R??diger Pl??m, Joe Orton]
*) SECURITY: CVE-2005-3352 (cve.mitre.org)
mod_imagemap: Escape untrusted referer header
*) htdbm: Warn the user when adding a plaintext password on a platform
where it wouldn't work with the server (i.e., anywhere that has
crypt()). [Jeff Trawick]
*) mod_proxy: don't reuse a connection that may be to the wrong backend
PR 39253 [Ruediger Pluem]
*) Default handler: Don't return output filter apr_status_t values.
PR 31759. [Jeff Trawick, Ruediger Pluem, Joe Orton]
Changes with Apache 2.2.1
*) SECURITY: CVE-2005-3357 (cve.mitre.org)
mod_ssl: Fix a possible crash during access control checks if a
non-SSL request is processed for an SSL vhost (such as the
"HTTP request received on SSL port" error message when an 400
ErrorDocument is configured, or if using "SSLEngine optional").
PR 37791. [R??diger Pl??m, Joe Orton]
*) SECURITY: CVE-2005-3352 (cve.mitre.org)
mod_imagemap: Escape untrusted referer header before outputting
in HTML to avoid potential cross-site scripting. Change also
made to ap_escape_html so we escape quotes. Reported by JPCERT.
[Mark Cox]
*) mod_proxy_ajp: Flushing of the output after each AJP chunk is now
configurable at runtime via the 'flushpackets' and 'flushwait' worker
params. Minor MMN bump. [Jim Jagielski]
*) mod_proxy: Fix incorrect usage of local and shared worker init.
PR 38403. [Jim Jagielski]
Changes with Apache 2.2.1
*) SECURITY: CVE-2005-3357 (cve.mitre.org)
mod_ssl: Fix a possible crash during access control checks if a
non-SSL request is processed for an SSL vhost (such as the
"HTTP request received on SSL port" error message when an 400
ErrorDocument is configured, or if using "SSLEngine optional").
PR 37791. [R??diger Pl??m, Joe Orton]
*) SECURITY: CVE-2005-3352 (cve.mitre.org)
mod_imagemap: Escape untrusted referer header before outputting
in HTML to avoid potential cross-site scripting. Change also
made to ap_escape_html so we escape quotes. Reported by JPCERT.
[Mark Cox]
*) mod_proxy_ajp: Flushing of the output after each AJP chunk is now
configurable at runtime via the 'flushpackets' and 'flushwait' worker
params. Minor MMN bump. [Jim Jagielski]
*) mod_proxy: Fix incorrect usage of local and shared worker init.
PR 38403. [Jim Jagielski]
*) mod_isapi: Fix compiler errors on Unix platforms.
[William Rowe]
*) mod_proxy_http: Do send keep-alive header if the client sent
connection: keep-alive and do not close backend connection if the client
sent connection: close. PR 38524. [Ruediger Pluem, Joe Orton]
*) mod_disk_cache: Return the correct error codes from bucket read
failures, instead of APR_EGENERAL.
[Brian Akins <brian.akins turner.com>]
*) Add APR/APR-Util Compiled we escape quotes. Reported by JPCERT.
[Mark Cox]
*) mod_proxy_ajp: Flushing of the output after each AJP chunk is now
configurable at runtime via the 'flushpackets' and 'flushwait' worker
params. Minor MMN bump. [Jim Jagielski]
*) mod_proxy: Fix incorrect usage of local and shared worker init.
PR 38403. [Jim Jagielski]
*) mod_isapi: Fix compiler errors on Unix platforms.
[William Rowe]
*) mod_proxy_http: Do send keep-alive header if the client sent
connection: keep-alive and do not close backend connection if the client
sent connection: close. PR 38524. [Ruediger Pluem, Joe Orton]
*) mod_disk_cache: Return the correct error codes from bucket read
failures, instead of APR_EGENERAL.
[Brian Akins <brian.akins turner.com>]
*) Add APR/APR-Util Compiled and Runtime Version numbers to the
output of 'httpd -V'. [William Rowe]
*) http: If a connection is aborted while waiting for a chunked line,
flag the connection as errored out. [Justin Erenkrantz]
*) core: Reject invalid Expect header immediately. PR 38123.
[Ruediger Pluem]
*) Fix mis-shifted 32 bit scope, masked to 64 bits as a method.
[Will Rowe, Joe Orton]
*) mod_proxy: Fix KeepAlives not being allowed and set to
backend servers. PR 38602. [Ruediger Pluem, Jim Jagielski]
*) Fix instdso.sh "sed syntax error" installation issue on some
platforms. PR 38108. [Masaoki Kobayashi <masaoki techfirm.co.jp>]
*) mod_ssl: Fix possible crashes in shmcb with gcc 4 on platforms
requiring word-aligned pointers. PR 38838. [Joe Orton]
[Brian Akins <brian.akins turner.com>]
*) Add APR/APR-Util Compiled and Runtime Version numbers to the
output of 'httpd -V'. [William Rowe]
*) http: If a connection is aborted while waiting for a chunked line,
flag the connection as errored out. [Justin Erenkrantz]
*) core: Reject invalid Expect header immediately. PR 38123.
[Ruediger Pluem]
*) Fix mis-shifted 32 bit scope, masked to 64 bits as a method.
[Will Rowe, Joe Orton]
*) mod_proxy: Fix KeepAlives not being allowed and set to
backend servers. PR 38602. [Ruediger Pluem, Jim Jagielski]
*) Fix instdso.sh "sed syntax error" installation issue on some
platforms. PR 38108. [Masaoki Kobayashi <masaoki techfirm.co.jp>]
*) mod_ssl: Fix possible crashes in shmcb with gcc 4 on platforms
requiring word-aligned pointers. PR 38838. [Joe Orton]
*) mod_proxy: If we get an error reading the upstream response,
close the connection. [Justin Erenkrantz, Roy T. Fielding,
Jim Jagielski, Ruediger Pluem]
*) mod_proxy_ajp: Support common headers of the AJP protocol in responses.
PR 38340. [Aleksey Pesternikov <apesternikov yahoo.com>]
*) mod_proxy_balancer: Do not overwrite the status of initialized workers and
respect the configured status of uninitilized workers when creating a new
child process. [Ruediger
*) Fix mis-shifted 32 bit scope, masked to 64 bits as a method.
[Will Rowe, Joe Orton]
*) mod_proxy: Fix KeepAlives not being allowed and set to
backend servers. PR 38602. [Ruediger Pluem, Jim Jagielski]
*) Fix instdso.sh "sed syntax error" installation issue on some
platforms. PR 38108. [Masaoki Kobayashi <masaoki techfirm.co.jp>]
*) mod_ssl: Fix possible crashes in shmcb with gcc 4 on platforms
requiring word-aligned pointers. PR 38838. [Joe Orton]
*) mod_proxy: If we get an error reading the upstream response,
close the connection. [Justin Erenkrantz, Roy T. Fielding,
Jim Jagielski, Ruediger Pluem]
*) mod_proxy_ajp: Support common headers of the AJP protocol in responses.
PR 38340. [Aleksey Pesternikov <apesternikov yahoo.com>]
*) mod_proxy_balancer: Do not overwrite the status of initialized workers and
respect the configured status of uninitilized workers when creating a new
child process. [Ruediger Pluem]
*) mod_proxy_ajp: Crosscheck the length of the body chunk with the length of
the ajp message to prevent mod_proxy_ajp from reading beyond the buffer
boundaries and thus revealing possibly sensitive memory contents to the
client. [Ruediger Pluem]
*) Ensure that the proper status line is written to the client, fixing
incorrect status lines caused by filters which modify r->status without
resetting r->status_line, such as the built-in byterange filter.
requiring word-aligned pointers. PR 38838. [Joe Orton]
*) mod_proxy: If we get an error reading the upstream response,
close the connection. [Justin Erenkrantz, Roy T. Fielding,
Jim Jagielski, Ruediger Pluem]
*) mod_proxy_ajp: Support common headers of the AJP protocol in responses.
PR 38340. [Aleksey Pesternikov <apesternikov yahoo.com>]
*) mod_proxy_balancer: Do not overwrite the status of initialized workers and
respect the configured status of uninitilized workers when creating a new
child process. [Ruediger Pluem]
*) mod_proxy_ajp: Crosscheck the length of the body chunk with the length of
the ajp message to prevent mod_proxy_ajp from reading beyond the buffer
boundaries and thus revealing possibly sensitive memory contents to the
client. [Ruediger Pluem]
*) Ensure that the proper status line is written to the client, fixing
incorrect status lines caused by filters which modify r->status without
resetting r->status_line, such as the built-in byterange filter.
[Jeff Trawick]
*) mod_speling: Stop crashing with certain non-file requests. [Jeff Trawick]
*) mod_cache: Make caching of reverse proxies possible again. PR 38017.
[Ruediger Pluem]
*) Modify apr[util] .h detection to avoid breakage on VPATH builds
using Solaris make (amoung others) and avoid breakage in ./buildconf
when srclib/apr[-util] are symlinks rather than directories proper.
[William Rowe]
*) Avoid Server-driven negotiation when a script ha
*) mod_proxy_ajp: Crosscheck the length of the body chunk with the length of
the ajp message to prevent mod_proxy_ajp from reading beyond the buffer
boundaries and thus revealing possibly sensitive memory contents to the
client. [Ruediger Pluem]
*) Ensure that the proper status line is written to the client, fixing
incorrect status lines caused by filters which modify r->status without
resetting r->status_line, such as the built-in byterange filter.
[Jeff Trawick]
*) mod_speling: Stop crashing with certain non-file requests. [Jeff Trawick]
*) mod_cache: Make caching of reverse proxies possible again. PR 38017.
[Ruediger Pluem]
*) Modify apr[util] .h detection to avoid breakage on VPATH builds
using Solaris make (amoung others) and avoid breakage in ./buildconf
when srclib/apr[-util] are symlinks rather than directories proper.
[William Rowe]
*) Avoid Server-driven negotiation when a script has emitted an
explicit Status: header. PR 38070. [Nick Kew]
*) Fix to avoid feeding C99 to C++ compilers. [Joe Orton]
*) Chunk filter: Fix chunk filter to create correct chunks in the case that
a flush bucket is surrounded by data buckets. [Ruediger Pluem]
*) Fix syntax error in httpd.h with strict compilers. PR 37840.
[Per Olausson <pao darkheim.freeserve.co.uk>]
*) Fix recursive ErrorDo
*) mod_speling: Stop crashing with certain non-file requests. [Jeff Trawick]
*) mod_cache: Make caching of reverse proxies possible again. PR 38017.
[Ruediger Pluem]
*) Modify apr[util] .h detection to avoid breakage on VPATH builds
using Solaris make (amoung others) and avoid breakage in ./buildconf
when srclib/apr[-util] are symlinks rather than directories proper.
[William Rowe]
*) Avoid Server-driven negotiation when a script has emitted an
explicit Status: header. PR 38070. [Nick Kew]
*) Fix to avoid feeding C99 to C++ compilers. [Joe Orton]
*) Chunk filter: Fix chunk filter to create correct chunks in the case that
a flush bucket is surrounded by data buckets. [Ruediger Pluem]
*) Fix syntax error in httpd.h with strict compilers. PR 37840.
[Per Olausson <pao darkheim.freeserve.co.uk>]
*) Fix recursive ErrorDocument handling. PR 36090.
[Chris Darroch <chrisd pearsoncmg.com>]
*) Don't hang on error return from post_read_request. PR 37790.
[Nick Kew]
*) Fix off-by-one error in proxy_balancer. PR 37753.
[Kazuhiro Osawa <ko yappo ne jp>]
--
┏━━━━━━━━━━━┓
┃孤舟蓑笠翁,独钓寒江雪┃
a flush bucket is surrounded by data buckets. [Ruediger Pluem]
*) Fix syntax error in httpd.h with strict compilers. PR 37840.
[Per Olausson <pao darkheim.freeserve.co.uk>]
*) Fix recursive ErrorDocument handling. PR 36090.
[Chris Darroch <chrisd pearsoncmg.com>]
*) Don't hang on error return from post_read_request. PR 37790.
[Nick Kew]
*) Fix off-by-one error in proxy_balancer]
*) Don't hang on error return from post_read_request. PR 37790.
[Nick Kew]
*) Fix off-by-one error in proxy_balancer. PR 37753.
[Kazuhiro Osawa <ko yappo ne jp>]
--