You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Ben Laurie <be...@gonzo.ben.algroup.co.uk> on 1996/06/10 11:15:23 UTC

Re: Apache 1.1b3 released (fwd)

Brian Behlendorf wrote:
> 
> 
> Here's what I sent.
> 
> 	Brian
> 
> --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
> brian@organic.com  |  We're hiring!  http://www.organic.com/Home/Info/Jobs/
> 
> ---------- Forwarded message ----------
> Date: Mon, 10 Jun 1996 02:08:50 -0700 (PDT)
> From: Brian Behlendorf <br...@organic.com>
> To: apache-announce@apache.org
> Subject: Apache 1.1b3 released
> 
> 
> The third beta release of Apache 1.1 is now available.  You can get this 
> distribution from the main US server at http://www.apache.org/, or at any 
> one of the 26 mirror sites (though it may take a day or two for the 
> mirrors to pick up the new release).  
> 
> The changes from 1.1b2 are listed below.  We expect this to be the last 
> beta before the official release of 1.1, so please give it a workout on 
> your servers and let us know about any bugs you might find. 
> 
> Enjoy.
> 
>   *) Much of cgi-bin and all of cgi-src has been removed, due to
>      various security holes found and that we could no longer support
>      them.  
> 
>   *) The "Set-Cookie" header is now special-special-cased to not 
>      merge multiple instances, since certain popular browsers can not 
>      handle multiple Set-Cookie instructions in a single header.
> 
>   *) rprintf() added to buffer code, occurances of sprintf removed.

I don't think this has been done thoroughly. I did mod_status.c because it
used a lot of sprintfs with many qualifiers in the format strings but I didn't
scan the rest of the code for sprintfs. I'm not sure anyone has.

> 
>   *) CONNECT method for proxy module, which means tunning SSL should work.
>      (No crypto needed)  Also a NoCache config directive.
> 
>   *) Several API additions: pstrndup(), table_unset() and get_token()
>      functions now available to modules.
> 
>   *) mod_imap fixups, in particular Location: headers are now complete
>      URL's.
> 
>   *) New "info" module which reports on installed module set through a 
>      special URL, a la mod_status
> 
>   *) "ServerPath" directive added - allows for graceful transition
>      for Host:-header-based virtual hosts.
> 
>   *) Anonymous authentication module improvements
> 
>   *) MSQL authentication module improvements
> 
>   *) Status module design improved - output now tables-based
> 
>   *) htdigest utility included for use with digest authentication
>      module.
>  
>   *) mod_negotiation: Accept values with wildcards to be treated with
>      less priority than those without wildcards at the same quality
>      value.
> 
>   *) Bugs which were fixed:
>         a) numerous mod_proxy bugs
>         b) CGI early-termination bug 
>         c) Keepalives not working with virtual hosts
>         d) RefererIgnore problems
>         e) closing fd's twice in mod_include (causing core dumps on
>            Linux and elsewhere).
> 
> 
> 	Brian
> 
> --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
> brian@organic.com  |  We're hiring!  http://www.organic.com/Home/Info/Jobs/
> 
> 
> 
> 
> 

-- 
Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant and    Fax:   +44 (181) 994 6472
Technical Director          Email: ben@algroup.co.uk
A.L. Digital Ltd,           URL: http://www.algroup.co.uk
London, England.