You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rp...@apache.org on 2020/03/11 11:44:23 UTC
svn commit: r1875084 - in /httpd/site/trunk: content/ content/apreq/
content/dev/ content/info/ content/security/ templates/
Author: rpluem
Date: Wed Mar 11 11:44:23 2020
New Revision: 1875084
URL: http://svn.apache.org/viewvc?rev=1875084&view=rev
Log:
* s#www.apache.org/dist/httpd/#downloads.apache.org/httpd/# as advised by infra
Modified:
httpd/site/trunk/content/apreq/download.mdtext
httpd/site/trunk/content/dev/devnotes.mdtext
httpd/site/trunk/content/download.mdtext
httpd/site/trunk/content/index.mdtext
httpd/site/trunk/content/info/security_bulletin_20020809a.txt
httpd/site/trunk/content/security/CVE-2011-3192.txt
httpd/site/trunk/content/security/vulnerabilities-httpd.xml
httpd/site/trunk/templates/nav_flood.mdtext
Modified: httpd/site/trunk/content/apreq/download.mdtext
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/apreq/download.mdtext?rev=1875084&r1=1875083&r2=1875084&view=diff
==============================================================================
--- httpd/site/trunk/content/apreq/download.mdtext (original)
+++ httpd/site/trunk/content/apreq/download.mdtext Wed Mar 11 11:44:23 2020
@@ -23,7 +23,7 @@ Use the links below to download libapreq
signatures downloaded from our main distribution directory.
If you do not see the file you need in the links below, please see the
-[master distribution directory](http://www.apache.org/dist/httpd/libapreq/)
+[master distribution directory](http://downloads.apache.org/httpd/libapreq/)
or, preferably, its [mirror]([preferred]/httpd/libapreq/).
# Mirror # {#mirror}
@@ -44,8 +44,8 @@ type="submit" value="Change"></input></f
This release works with Apache HTTP Server 2.0. Please note that this
version will not work with older 1.3.X releases of the Apache HTTP Server.
[libapreq2-2.13]([preferred]/httpd/libapreq/libapreq2-2.13.tar.gz)
-[PGP](http://www.apache.org/dist/httpd/libapreq/libapreq2-2.13.tar.gz.asc)
-[MD5](http://www.apache.org/dist/httpd/libapreq/libapreq2-2.13.tar.gz.md5)
+[PGP](http://downloads.apache.org/httpd/libapreq/libapreq2-2.13.tar.gz.asc)
+[MD5](http://downloads.apache.org/httpd/libapreq/libapreq2-2.13.tar.gz.md5)
# Apache HTTP Request Library 1.34 is now available # {#v1_03}
@@ -53,8 +53,8 @@ This release works with Apache HTTP Serv
version will not work with newer 2.X releases of the Apache HTTP Server.
Please use [libapreq2-2.13](#v2_13) for use with Apache HTTP Server 2.0.
[libapreq-1.34]([preferred]/httpd/libapreq/libapreq-1.34.tar.gz)
-[PGP](http://www.apache.org/dist/httpd/libapreq/libapreq-1.34.tar.gz.asc)
-[MD5](http://www.apache.org/dist/httpd/libapreq/libapreq-1.34.tar.gz.md5)
+[PGP](http://downloads.apache.org/httpd/libapreq/libapreq-1.34.tar.gz.asc)
+[MD5](http://downloads.apache.org/httpd/libapreq/libapreq-1.34.tar.gz.md5)
# Verify the integrity of the files # {#verify}
@@ -62,10 +62,10 @@ It is essential that you verify the inte
the PGP or MD5 signatures.
The PGP signatures can be verified using PGP or GPG. First download the
-[KEYS](http://www.apache.org/dist/httpd/KEYS) as well as the `asc`
+[KEYS](http://downloads.apache.org/httpd/KEYS) as well as the `asc`
signature file for the particular distribution. Make sure you get these
files from the [main distribution
-directory](http://www.apache.org/dist/httpd/) , rather than from a mirror.
+directory](http://downloads.apache.org/httpd/) , rather than from a mirror.
Then verify the signatures using
<code>% pgpk -a KEYS<br></br>% pgpv
Modified: httpd/site/trunk/content/dev/devnotes.mdtext
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/dev/devnotes.mdtext?rev=1875084&r1=1875083&r2=1875084&view=diff
==============================================================================
--- httpd/site/trunk/content/dev/devnotes.mdtext (original)
+++ httpd/site/trunk/content/dev/devnotes.mdtext Wed Mar 11 11:44:23 2020
@@ -151,7 +151,7 @@ group discussion.
Like the <samp>httpd-site</samp> subtree, this one is used to maintain the
files that comprise a website - in this
-case, <samp>http://www.apache.org/dist/httpd/</samp>. Also like the previous
+case, <samp>http://downloads.apache.org/httpd/</samp>. Also like the previous
subtree, the directory on the server is a checked-out working copy of this
subtree. However, since this is a distribution directory, we only have the
surrounding documentation and control files checked into this subtree --
Modified: httpd/site/trunk/content/download.mdtext
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/download.mdtext?rev=1875084&r1=1875083&r2=1875084&view=diff
==============================================================================
--- httpd/site/trunk/content/download.mdtext (original)
+++ httpd/site/trunk/content/download.mdtext Wed Mar 11 11:44:23 2020
@@ -22,7 +22,7 @@ Use the links below to download the Apac
mirrors. You **must** [verify the integrity](#verify) of the downloaded
files using signatures downloaded from our main distribution directory.
The signatures can be verified with our
-[KEYS](https://www.apache.org/dist/httpd/KEYS) file.
+[KEYS](https://downloads.apache.org/httpd/KEYS) file.
Only current recommended releases are available on the main distribution
site and its mirrors. Historical releases, including the 1.3, 2.0 and 2.2
@@ -57,24 +57,24 @@ mirrors](//www.apache.org/mirrors/).
# Apache HTTP Server 2.4.41 (httpd): 2.4.41 is the latest available version <span>2019-08-14</span># {#apache24}
The Apache HTTP Server Project is pleased to
-[announce](//www.apache.org/dist/httpd/Announcement2.4.txt) the
+[announce](//downloads.apache.org/httpd/Announcement2.4.txt) the
release of version 2.4.41 of the Apache HTTP Server ("Apache" and "httpd").
This version of Apache is our latest GA release of the new generation 2.4.x
branch of Apache HTTPD and represents fifteen years of innovation by the
project, and is recommended over all previous releases!
For details, see the [Official
-Announcement](//www.apache.org/dist/httpd/Announcement2.4.html) and
+Announcement](//downloads.apache.org/httpd/Announcement2.4.html) and
the [CHANGES_2.4]([preferred]/httpd/CHANGES_2.4) and
[CHANGES_2.4.41]([preferred]/httpd/CHANGES_2.4.41) lists.
- Source: [httpd-2.4.41.tar.bz2]([preferred]/httpd/httpd-2.4.41.tar.bz2)
-[ [PGP](https://www.apache.org/dist/httpd/httpd-2.4.41.tar.bz2.asc) ] [
-[SHA256](https://www.apache.org/dist/httpd/httpd-2.4.41.tar.bz2.sha256) ]
+[ [PGP](https://downloads.apache.org/httpd/httpd-2.4.41.tar.bz2.asc) ] [
+[SHA256](https://downloads.apache.org/httpd/httpd-2.4.41.tar.bz2.sha256) ]
- Source: [httpd-2.4.41.tar.gz]([preferred]/httpd/httpd-2.4.41.tar.gz) [
-[PGP](https://www.apache.org/dist/httpd/httpd-2.4.41.tar.gz.asc) ] [
-[SHA256](https://www.apache.org/dist/httpd/httpd-2.4.41.tar.gz.sha256) ]
+[PGP](https://downloads.apache.org/httpd/httpd-2.4.41.tar.gz.asc) ] [
+[SHA256](https://downloads.apache.org/httpd/httpd-2.4.41.tar.gz.sha256) ]
- [Binaries]([preferred]/httpd/binaries/)
@@ -97,31 +97,31 @@ project page](//httpd.apache.org/mod_fcg
- Source as gzip with LF line endings:
[mod_fcgid-2.3.9.tar.gz]([preferred]/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.gz)
[
-[PGP](https://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.gz.asc)
+[PGP](https://downloads.apache.org/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.gz.asc)
] [
-[MD5](https://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.gz.md5)
+[MD5](https://downloads.apache.org/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.gz.md5)
] [
-[SHA1](https://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.gz.sha1)
+[SHA1](https://downloads.apache.org/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.gz.sha1)
]
- Source as bz2 with LF line endings:
[mod_fcgid-2.3.9.tar.bz2]([preferred]/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.bz2)
[
-[PGP](https://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.bz2.asc)
+[PGP](https://downloads.apache.org/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.bz2.asc)
] [
-[MD5](https://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.bz2.md5)
+[MD5](https://downloads.apache.org/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.bz2.md5)
] [
-[SHA1](https://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.bz2.sha1)
+[SHA1](https://downloads.apache.org/httpd/mod_fcgid/mod_fcgid-2.3.9.tar.bz2.sha1)
]
- Win32, Netware or OS/2 Source with CR/LF line endings:
[mod_fcgid-2.3.9-crlf.zip]([preferred]/httpd/mod_fcgid/mod_fcgid-2.3.9-crlf.zip)
[
-[PGP](https://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.9-crlf.zip.asc)
+[PGP](https://downloads.apache.org/httpd/mod_fcgid/mod_fcgid-2.3.9-crlf.zip.asc)
] [
-[MD5](https://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.9-crlf.zip.md5)
+[MD5](https://downloads.apache.org/httpd/mod_fcgid/mod_fcgid-2.3.9-crlf.zip.md5)
] [
-[SHA1](https://www.apache.org/dist/httpd/mod_fcgid/mod_fcgid-2.3.9-crlf.zip.sha1)
+[SHA1](https://downloads.apache.org/httpd/mod_fcgid/mod_fcgid-2.3.9-crlf.zip.sha1)
]
# Apache FTP module for Apache HTTP Server released as 0.9.6-beta <span>2008-10-08</span> # {#mod_ftp}
@@ -136,31 +136,31 @@ page](//httpd.apache.org/mod_ftp/).
- Source with LF line endings (bzip2 compressed):
[mod_ftp-0.9.6-beta.tar.bz2]([preferred]/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.bz2)
[
-[PGP](https://www.apache.org/dist/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.bz2.asc)
+[PGP](https://downloads.apache.org/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.bz2.asc)
] [
-[SHA1](https://www.apache.org/dist/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.bz2.sha1)
+[SHA1](https://downloads.apache.org/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.bz2.sha1)
] [
-[MD5](https://www.apache.org/dist/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.bz2.md5)
+[MD5](https://downloads.apache.org/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.bz2.md5)
]
- Source with LF line endings (gzip compressed):
[mod_ftp-0.9.6-beta.tar.gz]([preferred]/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.gz)
[
-[PGP](https://www.apache.org/dist/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.gz.asc)
+[PGP](https://downloads.apache.org/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.gz.asc)
] [
-[SHA1](https://www.apache.org/dist/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.gz.sha1)
+[SHA1](https://downloads.apache.org/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.gz.sha1)
] [
-[MD5](https://www.apache.org/dist/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.gz.md5)
+[MD5](https://downloads.apache.org/httpd/mod_ftp/mod_ftp-0.9.6-beta.tar.gz.md5)
]
- Win32, Netware or OS/2 Source with CR/LF line endings:
[mod_ftp-0.9.6-beta-crlf.zip]([preferred]/httpd/mod_ftp/mod_ftp-0.9.6-beta-crlf.zip)
[
-[PGP](https://www.apache.org/dist/httpd/mod_ftp/mod_ftp-0.9.6-beta-crlf.zip.asc)
+[PGP](https://downloads.apache.org/httpd/mod_ftp/mod_ftp-0.9.6-beta-crlf.zip.asc)
] [
-[SHA1](https://www.apache.org/dist/httpd/mod_ftp/mod_ftp-0.9.6-beta-crlf.zip.sha1)
+[SHA1](https://downloads.apache.org/httpd/mod_ftp/mod_ftp-0.9.6-beta-crlf.zip.sha1)
] [
-[MD5](https://www.apache.org/dist/httpd/mod_ftp/mod_ftp-0.9.6-beta-crlf.zip.md5)
+[MD5](https://downloads.apache.org/httpd/mod_ftp/mod_ftp-0.9.6-beta-crlf.zip.md5)
]
# Verify the integrity of the files # {#verify}
Modified: httpd/site/trunk/content/index.mdtext
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/index.mdtext?rev=1875084&r1=1875083&r2=1875084&view=diff
==============================================================================
--- httpd/site/trunk/content/index.mdtext (original)
+++ httpd/site/trunk/content/index.mdtext Wed Mar 11 11:44:23 2020
@@ -32,7 +32,7 @@ Foundation](http://www.apache.org/).
# Apache httpd 2.4.41 Released <span>2019-08-14</span>
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to
-[announce](http://www.apache.org/dist/httpd/Announcement2.4.html) the
+[announce](http://downloads.apache.org/httpd/Announcement2.4.html) the
release of version 2.4.41 of the Apache HTTP Server ("httpd").
This latest release from the 2.4.x stable branch represents the best available
@@ -41,8 +41,8 @@ version of Apache HTTP Server.
Apache HTTP Server version 2.4.41 or newer is required in order to operate a TLS 1.3 web server with OpenSSL 1.1.1.
[Download](download.cgi#apache24) | [ChangeLog for
-2.4.41](http://www.apache.org/dist/httpd/CHANGES_2.4.41) | [Complete ChangeLog for
-2.4](http://www.apache.org/dist/httpd/CHANGES_2.4) | [New Features in httpd
+2.4.41](http://downloads.apache.org/httpd/CHANGES_2.4.41) | [Complete ChangeLog for
+2.4](http://downloads.apache.org/httpd/CHANGES_2.4) | [New Features in httpd
2.4](docs/trunk/new_features_2_4.html) # {.centered}
# Apache httpd 2.2 End-of-Life <span>2018-01-01</span>
Modified: httpd/site/trunk/content/info/security_bulletin_20020809a.txt
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/info/security_bulletin_20020809a.txt?rev=1875084&r1=1875083&r2=1875084&view=diff
==============================================================================
--- httpd/site/trunk/content/info/security_bulletin_20020809a.txt (original)
+++ httpd/site/trunk/content/info/security_bulletin_20020809a.txt Wed Mar 11 11:44:23 2020
@@ -41,7 +41,7 @@ the following directive to the global se
Fixes for this vulnerability are also included in Apache HTTP server
version 2.0.40. The 2.0.40 release also contains fixes for two minor
path-revealing exposures. This release of Apache is available at
-http://www.apache.org/dist/httpd/
+http://downloads.apache.org/httpd/
More information will be made available by the Apache Software
Foundation and Auriemma Luigi <bu...@sitoverde.com> in the
Modified: httpd/site/trunk/content/security/CVE-2011-3192.txt
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/CVE-2011-3192.txt?rev=1875084&r1=1875083&r2=1875084&view=diff
==============================================================================
--- httpd/site/trunk/content/security/CVE-2011-3192.txt (original)
+++ httpd/site/trunk/content/security/CVE-2011-3192.txt Wed Mar 11 11:44:23 2020
@@ -105,9 +105,9 @@ legacy 2.0.65 release, once this is publ
If you cannot upgrade, or cannot wait to upgrade - you can apply the
appropriate source code patch and recompile a recent existing version;
- http://www.apache.org/dist/httpd/patches/apply_to_2.2.14/ (for 2.2.9 - .14)
- http://www.apache.org/dist/httpd/patches/apply_to_2.2.19/ (for 2.2.15 - .19)
- http://www.apache.org/dist/httpd/patches/apply_to_2.0.64/ (for 2.0.55 - .64)
+ http://downloads.apache.org/httpd/patches/apply_to_2.2.14/ (for 2.2.9 - .14)
+ http://downloads.apache.org/httpd/patches/apply_to_2.2.19/ (for 2.2.15 - .19)
+ http://downloads.apache.org/httpd/patches/apply_to_2.0.64/ (for 2.0.55 - .64)
If you cannot upgrade and/or cannot apply above patches in a timely manner
then you should consider to apply one or more of the mitigation suggested below.
Modified: httpd/site/trunk/content/security/vulnerabilities-httpd.xml
URL: http://svn.apache.org/viewvc/httpd/site/trunk/content/security/vulnerabilities-httpd.xml?rev=1875084&r1=1875083&r2=1875084&view=diff
==============================================================================
--- httpd/site/trunk/content/security/vulnerabilities-httpd.xml (original)
+++ httpd/site/trunk/content/security/vulnerabilities-httpd.xml Wed Mar 11 11:44:23 2020
@@ -830,7 +830,7 @@ httpd.conf RegisterHttpMethod directive
<p>To permit other .htaccess directives while denying the <Limit > directive, see the AllowOverrideList directive.</p>
<p>Source code patch (2.4) is at;</p>
<ul>
-<li><a href="https://www.apache.org/dist/httpd/patches/apply_to_2.4.27/CVE-2017-9798-patch-2.4.patch"
+<li><a href="https://downloads.apache.org/httpd/patches/apply_to_2.4.27/CVE-2017-9798-patch-2.4.patch"
>CVE-2017-9798-patch-2.4.patch</a></li>
</ul>
<p>Source code patch (2.2) is at;</p>
Modified: httpd/site/trunk/templates/nav_flood.mdtext
URL: http://svn.apache.org/viewvc/httpd/site/trunk/templates/nav_flood.mdtext?rev=1875084&r1=1875083&r2=1875084&view=diff
==============================================================================
--- httpd/site/trunk/templates/nav_flood.mdtext (original)
+++ httpd/site/trunk/templates/nav_flood.mdtext Wed Mar 11 11:44:23 2020
@@ -5,7 +5,7 @@
# Download!
- [From a Mirror](http://www.apache.org/dyn/closer.lua/httpd/flood/)
-- [From Here](http://www.apache.org/dist/httpd/)
+- [From Here](http://downloads.apache.org/httpd/)
# Documentation
- [Design](http://svn.apache.org/repos/asf/httpd/flood/trunk/DESIGN)