You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by "William A. Rowe, Jr." <wr...@rowe-clan.net> on 2002/06/18 09:38:29 UTC
[TEST] Apache 2.0.39 Release Candidate for Testing
The new Apache release is available for immediate testing. Please reply-to
dev@httpd.apache.org with any observed variance between this version and
your previous experience with Apache 2.0.36 and 2.0.35 releases.
The packages, until General Availability release tomorrow early a.m. will
be at;
http://httpd.apache.org/dev/dist/
.tar.gz and .tar.Z files are for Unix builds, -win32-src.zip file is for
the Windows
builders [with cr/lf line endings.] Win32 .exe and .msi installer packages are
online for testing as well.
Excerpting tomorrow's announcement;
This version of Apache is principally a security and bug fix
release. A summary of the bug fixes is given at the end of this document.
Of particular note is that 2.0.39 addresses and fixes the issues noted
in CAN-2002-0392 (mitre.org) [CERT VU#944335] regarding a vulnerability
in the handling of chunked transfer encoding. We would like to thank
Mark Litchfield of ngssoftware.com for discovering and reporting the
vulnerability.
Expect a followup announcement early tommorow of the Apache 1.3.25
release candidate.