2.2.19 was released 2011-05-22, can we please get a bump?
Changes with Apache 2.2.19 *) Revert ABI breakage in 2.2.18 caused by the function signature change of ap_unescape_url_keep2f(). This release restores the signature from 2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex(). [Eric Covener] Changes with Apache 2.2.18 *) Log an error for failures to read a chunk-size, and return 408 instead 413 when this is due to a read timeout. This change also fixes some cases of two error documents being sent in the response for the same scenario. [Eric Covener] PR49167 *) core: Only log a 408 if it is no keepalive timeout. PR 39785 [Ruediger Pluem, Mark Montague <markmont umich.edu>] *) core: Treat timeout reading request as 408 error, not 400. Log 408 errors in access log as was done in Apache 1.3.x. PR 39785 [Nobutaka Mantani <nobutaka nobutaka.org>, Stefan Fritsch, Dan Poirier] *) Core HTTP: disable keepalive when the Client has sent Expect: 100-continue but we respond directly with a non-100 response. Keepalive here led to data from clients continuing being treated as a new request. PR 47087. [Nick Kew] *) htpasswd: Change the default algorithm for htpasswd to MD5 on all platforms. Crypt with its 8 character limit is not useful anymore; improve out of disk space handling (PR 30877); print a warning if a password is truncated by crypt. [Stefan Fritsch] *) mod_win32: Added shebang check for '! so that .vbs scripts work as CGI. Win32's cscript interpreter can only use a single quote as comment char. [Guenter Knauf] *) configure: Fix htpasswd/htdbm libcrypt link errors with some newer linkers. [Stefan Fritsch] *) MinGW build improvements. PR 49535. [John Vandenberg <jayvdb gmail.com>, Jeff Trawick] *) mod_ssl, ab: Support OpenSSL compiled without SSLv2 support. [Stefan Fritsch] *) core: AllowEncodedSlashes new option NoDecode to allow encoded slashes in request URL path info but not decode them. PR 35256, PR 46830. [Dan Poirier] *) mod_rewrite: Allow to unset environment variables. PR 50746. [Rainer Jung] *) suEXEC: Add Suexec directive to disable suEXEC without renaming the binary (Suexec Off), or force startup failure if suEXEC is required but not supported (Suexec On). [Jeff Trawick] *) mod_proxy: Put the worker in error state if the SSL handshake with the backend fails. PR 50332. [Daniel Ruggeri <DRuggeri primary.net>, Ruediger Pluem] *) prefork: Update MPM state in children during a graceful restart. Allow the HTTP connection handling loop to terminate early during a graceful restart. PR 41743. [Andrew Punch <andrew.punch 247realmedia.com>] *) mod_ssl: Correctly read full lines in input filter when the line is incomplete during first read. PR 50481. [Ruediger Pluem] *) mod_autoindex: Merge IndexOptions from server to directory context when the directory has no mod_autoindex directives. PR 47766. [Eric Covener] *) mod_cache: Make sure that we never allow a 304 Not Modified response that we asked for to leak to the client should the 304 response be uncacheable. PR45341 [Graham Leggett] *) mod_dav: Send 400 error if malformed Content-Range header is received for a put request (RFC 2616 14.16). PR 49825. [Stefan Fritsch] *) mod_userdir: Add merging of enable, disable, and filename arguments to UserDir directive, leaving enable/disable of userlists unmerged. PR 44076 [Eric Covener] *) core: Honor 'AcceptPathInfo OFF' during internal redirects, such as per-directory mod_rewrite substitutions. PR 50349. [Eric Covener] *) mod_cache: Check the request to determine whether we are allowed to return cached content at all, and respect a "Cache-Control: no-cache" header from a client. Previously, "no-cache" would behave like "max-age=0". [Graham Leggett] *) mod_mem_cache: Add a debug msg when a streaming response exceeds MCacheMaxStreamingBuffer, since mod_cache will follow up with a scary 'memory allocation failed' debug message. PR 49604. [Eric Covener] *) proxy_connect: Don't give up in the middle of a CONNECT tunnel when the child process is starting to exit. PR50220. [Eric Covener] This was 3 months ago, can we please push this to ~arch? Thanks.
Here: http://mahatma.bspu.unibel.by/download/gentoo-apache-2.2.19/ Also contains latest mpm-itk patch (20110321). There are 2 patchset - separated as 20110824 & 20110825 (in ebuild - second). First is just fixed (ondemand) clone of 2.2.17 patchset with upstream mpm-itk. Second contains +2 my own patches: fix for shared mem in mod_auth_digest and simple update to mpm-itk to use cgroups, using optional 3rd parameter - "AssignUserID USER GROUP [/dev/cgroup/CGROUP/tasks]". In both, files outside /patches/ not revised copy from 2.2.17. PS Years ago I have reclamation about .bz2 attachment ;) then look on web.
PPS Oh, sorry, strange dates - midnight timeshift in my mind...
Created attachment 284831 [details, diff] apache-tools/files/apache-tools-2.2.19-Makefile.patch --nodeps confusing... Related - apache-tools (placed also on same url)
Created attachment 284833 [details, diff] apache-tools-2.2.17.ebuild.patch Trivial.
Hello, Apache 2.2.20 has just been released. It fixes a critital bug in handling of byte-range requests. Please bump! Changes with Apache 2.2.20 *) SECURITY: CVE-2011-3192 (cve.mitre.org) core: Fix handling of byte-range requests to use less memory, to avoid denial of service. If the sum of all ranges in a request is larger than the original file, ignore the ranges and send the complete file. PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener] *) mod_authnz_ldap: If the LDAP server returns constraint violation, don't treat this as an error but as "auth denied". [Stefan Fritsch] *) mod_filter: Fix FilterProvider conditions of type "resp=" (response headers) for CGI. [Joe Orton, Rainer Jung] *) mod_reqtimeout: Fix a timed out connection going into the keep-alive state after a timeout when discarding a request body. PR 51103. [Stefan Fritsch] *) core: Do the hook sorting earlier so that the hooks are properly sorted for the pre_config hook and during parsing the config. [Stefan Fritsch] [Apache 2.1.0-dev includes those bug fixes and changes with the Apache 2.0.xx tree as documented, and except as noted, below.]
*** Bug 381393 has been marked as a duplicate of this bug. ***
*** This bug has been marked as a duplicate of bug 380475 ***
Denis thank you for your work! It really helped me. 2.2.20 is in the tree. If you want your patches integrated, please, open separate bugs for each, show where that patches came from and make sure patches were approved (or at least commented) by upstream.
