You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by wr...@apache.org on 2002/06/18 10:25:34 UTC
cvs commit: httpd-dist/binaries/win32 README.html
wrowe 2002/06/18 01:25:34
Modified: binaries/win32 README.html
Log:
Binaries are expected on time (.36 already exists.)
Revision Changes Path
1.23 +31 -35 httpd-dist/binaries/win32/README.html
Index: README.html
===================================================================
RCS file: /home/cvs/httpd-dist/binaries/win32/README.html,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- README.html 18 Jun 2002 04:52:41 -0000 1.22
+++ README.html 18 Jun 2002 08:25:34 -0000 1.23
@@ -1,5 +1,6 @@
<h2><a name="mirrors">Download from your
- <a href="http://www.apache.org/dyn/closer.cgi/httpd/binaries/win32/">nearest mirror site!</a></a></h2>
+ <a href="http://www.apache.org/dyn/closer.cgi/httpd/binaries/win32/"
+ >nearest mirror site!</a></a></h2>
<p>Do not download from www.apache.org. Please use a mirror site
to help us save apache.org bandwidth.
@@ -26,7 +27,7 @@
<p>If you will install Apache on Windows XP, be warned. There is a known bug
our users have identified; you may or may not encounter it yourself. It
is mitigated, but possibly not eliminated, as of the Apache 1.3.24 release.
- The effects of this bug within Apache 2.0 have only been observed
+ The effects of this bug within Apache 2.0 are particularly observed
in conjunction with https SSL/TLS connections, but could occur in other
contexts.</p>
@@ -52,39 +53,36 @@
<p>Apache 2.0 is released for General Availability.</p>
-<p>The Apache Group is proud to announce the release the first GA release
+<p>The Apache Group is proud to announce the release the third GA release
of Apache 2.0. Apache 2.0 has been running on the Apache.org website
since December of 2000 and has proven to be very reliable.</p>
-<p>A Win32 binary package for 2.0.39 will be made available shortly.</p>
-<!--
-<p>The Win32 MSI installer is available. The keep-window-open-on-error logic
- does not work under 2.0.36; the -w flag is not recognized. This version
- is only available at present in a -no_ssl flavor, due to ongoing questions
- of strong crypto redistribution. When a binary build with mod_ssl compiled
- in is made available, the -no_ssl will remain as an option for those in
- jurisdictions that restrict ssl encryption, as well as those T8 prohibited
- from downloading from the ASF's US-based servers.</p>
-
-<p>Only the .msi flavor has been created to date. An .exe flavor may be
- introduced some time in the future, for those few folks who do not have
- the Microsoft Installer already on the target machine. Because the
- distribution tree has changed, we haven't yet identified an effective way
- to incorporate the source tree into the binary product tree. You will
- find the source package in <a href="../../httpd-2.0.36-win32-src.zip"
- >/dist/httpd/httpd-2.0.36-win32-src.zip</a>.</p>
- -->
+<p>A full setup package (.exe) containing the Win9x/WinNT Microsoft System
+ Installer installer is available. If the Microsoft System Installer is
+ already on the machine, there is no need to download the .exe, save
+ yourself 3MB and download the .msi package.</p>
+
+<p>The keep-window-open-on-error logic does not work under 2.0.39; the -w flag
+ is not recognized.</p>
+
+<p>This version is only available at present in a -no_ssl flavor, due to
+ ongoing questions of strong crypto redistribution. When a binary build
+ with mod_ssl compiled in is made available, the -no_ssl flavor will remain
+ as an option for those in jurisdictions that restrict ssl encryption, as well
+ as those T8 prohibited from downloading from the ASF's US-based servers.</p>
+
+<p>Because the distribution tree has changed, we haven't yet identified an
+ effective way to incorporate the source tree into the binary product tree.
+ You will find the source package in <a href="../../httpd-2.0.39-win32-src.zip"
+ >/dist/httpd/httpd-2.0.39-win32-src.zip</a>. This .zip file contains only
+ source and build files, and no binaries.</p>
<h2><a name="old">The old stable release is Apache 1.3.25</a></h2>
-<p>A Win32 binary package for 1.3.25 will be made available shortly.</p>
-
-<p>Since Apache version 1.3.22, a full setup package (.exe) containing the
- Win9x/WinNT Microsoft System Installer installer is available. If the
- Microsoft System Installer is already on the machine, there is no need
- to download the .exe, save yourself 3MB and download the .msi package.
- [The .exe installer will not be created for beta releases of Apache 2.0.
- Get the Microsoft Installer if you wish to participate in the beta.]</p>
+<p>A full setup package (.exe) containing the Win9x/WinNT Microsoft System
+ Installer installer is available. If the Microsoft System Installer is
+ already on the machine, there is no need to download the .exe, save
+ yourself 3MB and download the .msi package.</p>
<p>The two -no_src versions, both the .exe and .msi installers DO NOT
contain the source code. There is no other difference, and if you do
@@ -93,7 +91,7 @@
packages and the -src .msi version.</p>
<p>You must have the Microsoft System Installer, version 1.2 or greater,
- already installed if you want to install the -src version. If this
+ already installed if you want to install the -src flavor. If this
bothers you, seek the .zip file in <a href="../..">/dist/httpd/</a>.
<b>/dist/httpd/ .zip files contain NO executable programs!</b> but
will compile on Windows without having to change Unix line endings
@@ -101,11 +99,9 @@
<p><strong>Looking for an older version? Don't.</strong> There have
been a number of essential bug and security fixes to the evolving
- support for Win32 under Apache. Most critically, there were potential
- denial of service attacks affecting Win32 that were closed with
- the release of 1.3.22, and 1.3.24 closes a serious vulnerability
- in CGI invocation of .bat and .cmd scripts. 1.3.25 closes a serious
- vulnerability in chunked transfer encoding as well.</p>
+ support for Win32 under Apache. Most critically, there was a serious
+ denial of service vulnerability affecting Win32 that was closed with
+ the release of 1.3.25 and 2.0.39. Do not use previous versions.</p>
<p><strong>Do not report configuration or installation questions as
bugs!</strong> The <a href="http://httpd.apache.org/userslist.html">Apache