You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "KFanyo_Subs@Digiflex Systems" <kf...@digiflexsystems.com> on 2004/08/24 00:23:03 UTC
RE: cvs commit: httpd-2.0 CHANGES
-----Original Message-----
From: jorton@apache.org [mailto:jorton@apache.org]
Sent: Monday, August 23, 2004 4:53 PM
To: httpd-2.0-cvs@apache.org
Subject: cvs commit: httpd-2.0 CHANGES
jorton 2004/08/23 13:53:22
Modified: . CHANGES
Log:
Synch with 2.0 branch.
Revision Changes Path
1.1564 +27 -19 httpd-2.0/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/httpd-2.0/CHANGES,v
retrieving revision 1.1563
retrieving revision 1.1564
diff -d -w -u -r1.1563 -r1.1564
--- CHANGES 20 Aug 2004 21:41:48 -0000 1.1563
+++ CHANGES 23 Aug 2004 20:53:22 -0000 1.1564
@@ -14,19 +14,9 @@
*) Fix some compiler warnings in proxy
[Geoffrey Young <ge...@modperlcookbook.org>]
- *) suexec: Pass the SERVER_SIGNATURE envvar through to CGIs.
- [Zvi Har'El <rl math.technion.ac.il>]
-
- *) apachectl: Fix a problem finding envvars if sbindir != bindir.
- PR 30723. [Friedrich Haubensak <hsk imb-jena.de>]
-
*) mod_ssl: Add SSL_CLIENT_V_REMAIN variable, representing the
number of days until the client cert expires. [Joe Orton]
- *) mod_userdir: Ensure that the userdir identity is used for
- suexec userdir access in a virtual host which has suexec configured.
- PR 18156. [Joshua Slive]
-
*) SECURITY: CAN-2004-0751 (cve.mitre.org)
mod_ssl: Fix a segfault in the SSL input filter which could be
triggered if using "speculative" mode, for instance by a
@@ -49,9 +39,6 @@
*) Added proxy_ajp.c module for proxy support to ajp:// backends.
[Jean Frederic Clere]
- *) SECURITY: CAN-2004-0748 (cve.mitre.org)
- mod_ssl: Fix a potential infinite loop. PR 29964. [Joe Orton]
-
*) mod_disk_cache: Implement binary format for on-disk header files.
[Brian Akins <bakins web.turner.com>, Justin Erenkrantz]
@@ -70,8 +57,6 @@
*) Add load balancer support to the scoreboard in preparation for
load balancing support in mod_proxy. [Mladen Turk]
- *) mod_ssl: Build on RHEL 3. PR 18989. [Justin Erenkrantz]
-
*) mod_nw_ssl: Added the directive NWSSLUpgradeable to mod_nw_ssl to
allow a non-secure connection to be upgraded to secure connections
[Brad Nicholes]
@@ -121,10 +106,6 @@
*) <IfModule> now recognizes the module identifier in addition to the
file name. PR 29003. [Edward Rudd <eddie omegaware.com>, André
Malo]
- *) mod_ssl: Add "SSLUserName" directive to set r->user based on a
- chosen SSL environment variable. PR 20957.
- [Martin v. Loewis <martin v.loewis.de>]
-
*) mod_ssl: Add "SSLHonorCipherOrder" directive to enable the
OpenSSL 0.9.7 flag which uses the server's cipher order rather
than the client's. PR 28665.
@@ -437,6 +418,28 @@
Changes with Apache 2.0.51
+ *) mod_ssl: Add "SSLUserName" directive to set r->user based on a
+ chosen SSL environment variable. PR 20957.
+ [Martin v. Loewis <martin v.loewis.de>]
+
+ *) suexec: Pass the SERVER_SIGNATURE envvar through to CGIs.
+ [Zvi Har'El <rl math.technion.ac.il>]
+
+ *) apachectl: Fix a problem finding envvars if sbindir != bindir.
+ PR 30723. [Friedrich Haubensak <hsk imb-jena.de>]
+
+ *) mod_ssl: Build on RHEL 3. PR 18989. [Justin Erenkrantz]
+
+ *) SECURITY: CAN-2004-0748 (cve.mitre.org)
+ mod_ssl: Fix a potential infinite loop. PR 29964. [Joe Orton]
+
+ *) mod_ssl: Avoid startup failure after unclean shutdown if using
shmcb.
+ PR 18989. [Joe Orton]
+
+ *) mod_userdir: Ensure that the userdir identity is used for
+ suexec userdir access in a virtual host which has suexec configured.
+ PR 18156. [Joshua Slive]
+
*) mod_rewrite no longer confuses the RewriteMap caches if
different maps defined in different virtual hosts use the
same map name. PR 26462. [André Malo]
@@ -519,6 +522,11 @@
Close a denial of service vulnerability identified by Georgi
Guninski which could lead to memory exhaustion with certain
input data. [Jeff Trawick]
+
+ *) mod_cgi: Handle output on stderr during script execution on Unix
+ platforms; preventing deadlock when stderr output fills pipe buffer.
+ Also fixes case where stderr from nph- scripts could be lost.
+ PR 22030, 18348. [Joe Orton, Jeff Trawick]
*) mod_alias now emits a warning if it detects overlapping *Alias*
directives. [André Malo]