חדשות, עדכונים, מדריכים ועזרים | עדכוני תוכנות ואפליקציות - (13.09.12) - גרסה חדשה: Apache 2.2.23 Released

(13.09.12) - גרסה חדשה: Apache 2.2.23 Released

עדכוני תוכנות ואפליקציות

חדשות, עדכונים, מדריכים ועזרים


מה חדש:

Changes with Apache 2.2.23  *) SECURITY: CVE-2012-0883 (cve.mitre.org)     envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the     current working directory to be searched for DSOs. [Stefan Fritsch]  *) SECURITY: CVE-2012-2687 (cve.mitre.org)     mod_negotiation: Escape filenames in variant list to prevent a     possible XSS for a site where untrusted users can upload files to     a location with MultiViews enabled. [Niels Heinen ]  *) htdbm, htpasswd: Don't crash if crypt() fails (e.g. with FIPS enabled).      [Paul Wouters , Joe Orton]  *) mod_ldap: Treat the "server unavailable" condition as a transient     error with all LDAP SDKs. [Filip Valder ]  *) core: Add filesystem paths to access denied / access failed messages.     [Eric Covener]  *) core: Fix error handling in ap_scan_script_header_err_brigade() if there     is no EOS bucket in the brigade. PR 48272. [Stefan Fritsch]  *) core: Prevent "httpd -k restart" from killing server in presence of     config error. [Joe Orton]  *) mod_ssl: when compiled against OpenSSL 1.0.1 or later, allow explicit     control of TLSv1.1 and TLSv1.2 through the SSLProtocol directive,     adding TLSv1.1 and TLSv1.2 support by default given 'SSLProtocol All'.     [Kaspar Brand, William Rowe]  *) mod_log_config: Fix %{abc}C truncating cookie values at first "=".     PR 53104. [Greg Ames]  *) Unix MPMs: Fix small memory leak in parent process if connect()     failed when waking up children.  [Joe Orton]  *) mod_proxy_ajp: Add support for 'ProxyErrorOverride on'. PR 50945.     [Peter Pramberger , Jim Jagielski]  *) Added SSLProxyMachineCertificateChainFile directive so the proxy client     can select the proper client certificate when using a chain and the     remote server only lists the root CA as allowed.  *) mpm_event, mpm_worker: Remain active amidst prevalent child process     resource shortages.  [Jeff Trawick]  *) mod_rewrite: Add "AllowAnyURI" option. PR 52774. [Joe Orton]  *) mod_rewrite: Fix the RewriteEngine directive to work within a     location. Previously, once RewriteEngine was switched on globally,     it was impossible to switch off. [Graham Leggett]  *) mod_proxy_balancer: Restore balancing after a failed worker has     recovered when using lbmethod_bybusyness.  PR 48735.  [Jeff Trawick]  *) mod_dumpio: Properly handle errors from subsequent input filters.     PR 52914. [Stefan Fritsch]  *) mpm_worker: Fix cases where the spawn rate wasn't reduced after child     process resource shortages.  [Jeff Trawick]  *) mpm_prefork: Reduce spawn rate after a child process exits due to     unexpected poll or accept failure.  [Jeff Trawick]  *) core: Adjust ap_scan_script_header_err*() to prevent mod_cgi and mod_cgid     from logging bogus data in case of errors. [Stefan Fritsch]  *) mod_disk_cache, mod_mem_cache: Decline the opportunity to cache if the     response is a 206 Partial Content. This stops a reverse proxied partial     response from becoming cached, and then being served in subsequent     responses. PR 49113. [Graham Leggett]  *) configure: Fix usage with external apr and apu in non-default paths     and recent gcc versions >= 4.6. [Jean-Frederic Clere]  *) core: Fix building against PCRE 8.30 by switching from the obsolete     pcre_info() to pcre_fullinfo(). PR 52623 [Ruediger Pluem, Rainer Jung]  *) mod_proxy: Add the forcerecovery balancer parameter that determines if     recovery for balancer workers is enforced. [Ruediger Pluem]