Projects / Apache / Releases

All releases of Apache

  •  21 Jan 2008 01:00
Avatar

    Release Notes: A flaw was found in the mod_status module. On sites where mod_status is enabled and the status pages were publicly accessible, a cross-site scripting attack was possible. A flaw was found in the mod_imap module. On sites where mod_imap is enabled and an imagemap file is publicly available, a cross-site scripting attack was possible.

    •  21 Jan 2008 00:59
    Avatar

      Release Notes: A flaw was found in the mod_proxy_balancer module that permitted a cross-site scripting attack against an authorized user. A flaw was found in the mod_proxy_balancer module that allowed an authorized user to send a carefully crafted request that would cause the Apache child process handling that request to crash. A flaw was found in the mod_status module that allowed a cross-site scripting attack. A flaw was found in the mod_imap module. On sites where mod_imap is enabled and an imagemap file is publically available, a cross-site scripting attack was possible.

      •  11 Sep 2007 10:45
      Avatar

        Release Notes: This version of Apache is a security fix release only. A possible XSS attack against a site with a public server-status page and ExtendedStatus enabled was fixed. Apache now ensures that the parent process cannot be forced to kill non-child processes by checking scoreboard PID data with parent process privately stored PID data.

        •  11 Sep 2007 10:45
        Avatar

          Release Notes: This version of Apache is principally a bug and security fix release. mod_proxy now prevents reading past the end of a buffer when parsing date-related headers. mod_cache now prevents a segmentation fault if attributes are listed in a Cache-Control header without any value. The prefork and worker MPMs now ensure that the parent process cannot be forced to kill processes outside its process group. A possible XSS attack against a site with a public server-status page and ExtendedStatus enabled was fixed.

          •  11 Sep 2007 10:45
          Avatar

            Release Notes: This version of Apache is principally a bug and security fix release. mod_proxy now prevents reading past the end of a buffer when parsing date-related headers. mod_cache now prevents a segmentation fault if attributes are listed in a Cache-Control header without any value. The prefork, worker, and event MPMs now ensure that the parent process cannot be forced to kill processes outside its process group. A possible XSS attack against a site with a public server-status page and ExtendedStatus enabled was fixed. mod_mem_cache now copies headers into longer lived storage.

            •  24 Aug 2006 21:29
            Avatar

              Release Notes: This is principally a bug and security fix release. It fixes an off-by-one flaw in the mod_rewrite module.

              •  02 May 2006 11:33
              Avatar

                Release Notes: This release contains fixes for htdbm, mod_deflate, mod_proxy, mod_proxy_balancer, and mod_dbd. Additionally, the reading of uninitialized memory while reading a line of protocol input is prevented and the Expect error message is HTML-escaped.

                •  04 Dec 2005 13:19
                Avatar

                  Release Notes: This version offers numerous enhancements, improvements, and performance boosts over the 2.0 codebase.

                  •  18 Oct 2005 20:46
                  Avatar

                    Release Notes: This version is principally a bug and security fix release.

                    •  14 Oct 2005 20:48
                    Avatar

                      Release Notes:

                      Screenshot

                      Project Spotlight

                      episoder

                      A tool to tell you about new episodes of your favourite TV shows.

                      Screenshot

                      Project Spotlight

                      BalanceNG

                      A modern software IP load balancer.