Thread View: gmane.comp.apache.apacheweek
1 messages
1 total messages
Started by Apache Week
Fri, 01 Oct 2004 17:21
Apache Week issue 349
Author: Apache Week
Date: Fri, 01 Oct 2004 17:21
Date: Fri, 01 Oct 2004 17:21
91 lines
3842 bytes
3842 bytes
APACHE WEEK
The essential weekly guide for users of the world's most popular Web server.
Issue 349: 1st October 2004
In this issue
* Apache httpd 2.0.52 Released
* In the news
Apache httpd 2.0.52 Released
Apache httpd 2.0.52 was released on 28^th September 2004 and is now
the latest version of the httpd 2.0 server. The previous version
was 2.0.51, released on the 15^th September 2004. [1]See what was
new in Apache httpd 2.0.51.
[2]Apache httpd 2.0.52 is available for download.
This is a security, bug fix and minor upgrade release, correcting a
security issue that was introduced in the 2.0.51 build. Due to the
security issues fixed in recent versions, any sites using versions
of 2.0 prior to Apache httpd 2.0.52 should consider upgrading to
Apache httpd 2.0.52. [3]Read more about the other security issues
that affect 2.0.
Security issues
* Fix a problem introduced in the 2.0.51 release in the merging of
the Satisfy directive, which was applied to the surrounding
context and could prevent authorisation checks from being applied.
The Common Vulnerabilities and Exposures project has assigned the
name [4]CAN-2004-0811 to this issue.
New features
The following new features have been added in httpd 2.0.52:
* rotatelogs: Add support for the -l option which enables logging in
local time ([5]BZ#24417)
Bugs fixed
The following bugs have been fixed in httpd 2.0.52:
* mod_ldap: fix possible crashes if the LDAP cache is disabled
* mod_mem_cache: fix a race condition which could cause a segfault
* fix the AllowEncodedSlashes directive to really allow URIs with
encoded slashes
In the news
ApacheCon 2004
It seems like only a few issues ago when we were wrapping up our
coverage from ApacheCon 2003. Now it's time to tell you that you'll
need to hurry if you want to catch ApacheCon 2004, held again at
the Alexis Park Hotel in Las Vegas in November. All the usual
Apache developers and groupies will be there, but unlike previous
years we won't be writing it up for the newsletter; we'd prefer to
get you to [6]go and register for the conference and turn up in
person. Also blogging seems to have caught on, so we'll be able to
link to lots of interesting reports from the conference without
having to leave the bar ourselves. The complete schedule for the
talks and tutorials is now online and includes sessions on new ASF
projects SpamAssassin and Derby, as well as presentations on all
your favourite projects and modules.
______________________________________________________________
This issue brought to you by: Mark J Cox, Joe Orton
Comments or criticisms? Please email us at
[7]editors@apacheweek.com.
[8]Apache Week is Copyright 2004 [9]Red Hat, Inc.
References
1. http://www.apacheweek.com/issues/04-09-23#apache2051
2. http://httpd.apache.org/download.cgi
3. http://www.apacheweek.com/features/security-20
4. http://cve.mitre.org/cgi-bin/cvename.cgi?nameΓN-2004-0811
5. http://nagoya.apache.org/bugzilla/show_bug.cgi?id$417
6. http://www.apachecon.com/
7. mailto:editors@apacheweek.com
8. http://www.apacheweek.com/
9. http://www.redhat.com/
----------------------------------------------------------------------
To unsubscribe visit https://www.redhat.com/mailman/listinfo/apacheweek
or send the message "unsubscribe" to apacheweek-request@redhat.com
----------------------------------------------------------------------
Thread Navigation
This is a paginated view of messages in the thread with full content displayed inline.
Messages are displayed in chronological order, with the original post highlighted in green.
Use pagination controls to navigate through all messages in large threads.
Back to All Threads