announce@httpd.apache.org Archives

CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation

2009-11-07T01:32:20Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Subject: CVE-2009-3555 - apache/mod_ssl vulnerability and mitigation

Apache httpd is affected by CVE-2009-3555[1] (The SSL Injection 
or MiM attack[2]).

The Apache httpd webserver relies on OpenSSL for the implementation of 
the SSL/TLS protocol.

We strongly urge you to upgrade to OpenSSL 0.9.8l; and to be prepared 
to deploy OpenSSL 0.9.8m as it becomes available[3]. 

Note that these are for short term and mid-term mitigation only; the 
long term solution may well require a modification of the SSL and/or 
TLS protocols[4].

For those who are not able to upgrade OpenSSL swiftly and/or for 
those who need detailed logging - we recommend that you roll out 
this patch[5]:

  http://www.apache.org/dist/httpd/patches/
       apply_to_2.2.14 CVE-2009-3555-2.2.patch
 sha1: 28cd58f3758f1add39417333825b9d854f4f5f43

as soon as possible. This is a partial fix in lieu of the protocol 
issues being addressed and further changes to OpenSSL. Like the 
OpenSSL 0.9.8l stopgap measure this patch rejects 
in-session renegotiation.

If you are unable to patch and unable to roll our a newer version of 
OpenSSL, and you rely on Client Side Authentication with Certificates 
then we recommend that you 1) ensure that you limit your configuration 
to a single 'SSLClient require' on VirtualHost/Sever level and 2) 
remove all other (re)negotiation/require directives. However this does 
NOT fully protect you - it just curtails authentication in this 
specific setting.



1: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3555
2: http://www.links.org/?p=780, http://extendedsubset.com/?p=8
3: http://www.openssl.org/source/
   openssl-announce mailing list on
   http://www.openssl.org/support/community.html
4: http://www.ietf.org/mail-archive/web/tls/current/msg03963.html
5: svn diff -r833581:833594 https://svn.apache.org/repos/asf/
   httpd/httpd/trunk/modules/ssl 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)

iQCVAwUBSvTOITGmPZbsFAuBAQKpXgQAgoBq0FjmnFwxBYjZQ05cPgHYzE+rBQHg
f142MZWXreBoZyB1pV2CJpmf7BWtmBKQgKIMwk3fWfRs33rvnjhEWjrMBFA4ID8J
0CBLmiwBVxLfCTj7YIBJ71VPn4Mw3iviiIUb1qrW0RaOjGgf4j2ffsapnlpR6lR9
JHDVPFBXl8s=
=OYuY
-----END PGP SIGNATURE-----

Apache HTTP Server 2.2.13 Released

2009-08-09T05:24:29Z


   The Apache Software Foundation and the Apache HTTP Server Project are
   pleased to announce the release of version 2.2.13 of the Apache HTTP
   Server ("Apache").  This version of Apache is principally a security
   and bug fix release.  Notably, this version bundles the APR Library
   version 1.3.8 and APR Utility Library version 1.3.9, which address
   a security concern which may be triggered by some third party modules.

   We consider this release to be the best version of Apache available, and
   encourage users of all prior versions to upgrade.

   Apache HTTP Server 2.2.13 is available for download from:

     http://httpd.apache.org/download.cgi

   Apache 2.2 offers numerous enhancements, improvements, and performance
   boosts over the 2.0 codebase.  For an overview of new features
   introduced since 2.0 please see:

     http://httpd.apache.org/docs/2.2/new_features_2_2.html

   Please see the CHANGES_2.2 file, linked from the download page, for a
   full list of changes.  A condensed list, CHANGES_2.2.13 provides the
   complete list of changes since 2.2.12. A summary of security
   vulnerabilities which were addressed in the previous 2.2.12 and earlier
   releases is available:

     http://httpd.apache.org/security/vulnerabilities_22.html

   Apache HTTP Server 1.3.41 and 2.0.63 legacy releases are also currently
   available.  See the appropriate CHANGES from the url above.  See the
   corresponding CHANGES files linked from the download page.  The Apache
   HTTP Project developers strongly encourage all users to migrate to
   Apache 2.2, as only limited maintenance is performed on these legacy
   versions.

   This release includes the Apache Portable Runtime (APR) version 1.3.8
   bundled with the tar and zip distributions.  The APR libraries libapr
   and libaprutil (and on Win32, libapriconv) must all be updated to ensure
   binary compatibility and address many known security and platform bugs.

   This release builds on and extends the Apache 2.0 API.  Modules written
   for Apache 2.0 will need to be recompiled in order to run with Apache
   2.2, and require minimal or no source code changes.

     http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/VERSIONING

   When upgrading or installing this version of Apache, please bear in mind
   that if you intend to use Apache with one of the threaded MPMs (other
   than the Prefork MPM), you must ensure that any modules you will be
   using (and the libraries they depend on) are thread-safe.

[ANNOUNCE] libapreq2-2.12 Released

2009-03-13T23:05:56Z


        libapreq2-2.12 Released

The Apache Software Foundation and The Apache HTTP Server Project
are pleased to announce the 2.12 release of libapreq2.  This
Announcement notes significant changes introduced by this release.

libapreq2-2.12 is released under the Apache License
version 2.0.  It is now available through the ASF mirrors

      http://httpd.apache.org/apreq/download.cgi

and has entered the CPAN as 

  file: $CPAN/authors/id/J/JO/JOESUF/libapreq2-2.12.tar.gz
  size: 859412 bytes
  md5: 76e2acde0d82246dea6f2565f3746eec


libapreq2 is an APR-based shared library used for parsing HTTP cookies,
query-strings and POST data.  This package provides

    1) version 2.7.1 of the libapreq2 library,

    2) mod_apreq2, a filter module necessary for using libapreq2
       within the Apache HTTP Server,

    3) the Apache2::Request, Apache2::Cookie, and Apache2::Upload
       perl modules for using libapreq2 with mod_perl2.

========================================================================

Changes with libapreq2-2.12 (released March 13, 2009)

- C API [joes]
  Make the cookie parser a little more flexible.

- Interactive CGI module [issac]
  Allow cgi module to interactively prompt for parameters and cookies when
  running a script from the command line and not from a CGI interface

- Perl Glue [joes]
  Fix the linking of the perl modules to libapreq2 and libapr
  on Solaris.

- Perl Glue [joes]
  Fix install-time linking issue of the .so modules.
  Previously they would remain linked against the src
  library path, not the install path.

- C API [joes]
  Add optional interface for apreq_handle_apache2().

- C API [joes]
  Clean up buggy apreq_hook_find_param().

- Perl Glue Build [Philip M. Gollucci]
  config.status format changed format yet again in autoconf 2.62+.

- License [Mladen Turk]
  Add libapreq.rc and generate libapreq.res

- Build [Mladen Turk]
  Add APREQ_DECLARE_EXPORT/APREQ_DECLARE_STATIC
  in the same way as APR declares so that dllexport/dllimport
  get correctly handled.   

- Build [Randy Kobes]
  Add appropriate manifest command to embed manifest files on Win32 
  when using VC8

- C API [Andy Grundman, joes]
  Add missing bytes_read initializer to apreq_handle_custom().

- C API [suggested by Vinay Y S, tested by Steve Hay and Peter Walsham]
  For Win32, remove the
     flag |= APR_FILE_NOCLEANUP | APR_SHARELOCK;
  in apreq_file_cleanup, to avoid problems with file uploads.

- C API [joes]
  Fix leak associated to calling apreq_brigade_fwrite() on an upload
  brigade.

- Build [Philip M. Gollucci]
  SunOS (Solaris) 
  Users must use gmake not make for building.

- Build [Philip M. Gollucci]
  SunOS (Solaris)
  Code around bug in libtool (at least in 1.5.18, 1.5.20, 1.5.22)
  causing mod_apreq2 to be built instead of mod_apreq2.so

- C API [Philip M. Gollucci]
  Fix comparison signed vs unsigned comparison
  in apreq_fwritev() on SunOS/gcc where iovec.iov_len is a long.

- Build [Philip M. Gollucci]
  SunOS (Solaris)
  fix duplicate link error to libexpat.so -- by using the one from httpd
  exclusively now.

- Build [Philip M. Gollucci]
  code around |#_!!_#| autoconf 2.60 bug.

[ANNOUNCEMENT] Apache HTTP Server 2.2.11 Released

2008-12-14T15:59:22Z

                       Apache HTTP Server 2.2.11 Released

   The Apache Software Foundation and the Apache HTTP Server Project are
   pleased to announce the release of version 2.2.11 of the Apache HTTP
   Server ("Apache").  This version of Apache is principally a bug fix
   release.

   We consider this release to be the best version of Apache available, and
   encourage users of all prior versions to upgrade.

   Apache HTTP Server 2.2.11 is available for download from:

     http://httpd.apache.org/download.cgi

   Apache 2.2 offers numerous enhancements, improvements, and performance
   boosts over the 2.0 codebase.  For an overview of new features
   introduced since 2.0 please see:

     http://httpd.apache.org/docs/2.2/new_features_2_2.html

   Please see the CHANGES_2.2 file, linked from the download page, for a
   full list of changes.  A condensed list, CHANGES_2.2.11 provides the
   complete list of changes since 2.2.10. A summary of security
   vulnerabilities which were addressed in the previous 2.2.10 and earlier
   releases is available:

     http://httpd.apache.org/security/vulnerabilities_22.html

   Apache HTTP Server 1.3.41 and 2.0.63 legacy releases are also currently
   available.  See the appropriate CHANGES from the url above.  See the
   corresponding CHANGES files linked from the download page.  The Apache
   HTTP Project developers strongly encourage all users to migrate to
   Apache 2.2, as only limited maintenance is performed on these legacy
   versions.

   This release includes the Apache Portable Runtime (APR) version 1.3.3
   bundled with the tar and zip distributions.  The APR libraries libapr
   and libaprutil (and on Win32, libapriconv) must all be updated to ensure
   binary compatibility and address many known platform bugs.

   This release builds on and extends the Apache 2.0 API.  Modules written
   for Apache 2.0 will need to be recompiled in order to run with Apache
   2.2, and require minimal or no source code changes.

     http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/VERSIONING

   When upgrading or installing this version of Apache, please bear in mind
   that if you intend to use Apache with one of the threaded MPMs (other
   than the Prefork MPM), you must ensure that any modules you will be
   using (and the libraries they depend on) are thread-safe.

[ANNOUNCEMENT] Apache HTTP Server 2.2.10 Released

2008-10-31T11:52:46Z

                       Apache HTTP Server 2.2.10 Released

   The Apache Software Foundation and the Apache HTTP Server Project are
   pleased to announce the release of version 2.2.10 of the Apache HTTP
   Server ("Apache").  This version of Apache is principally a bug and
   security fix release. The following potential security flaws are
   addressed:

     * CVE-2008-2939 (cve.mitre.org)
       mod_proxy_ftp: Prevent XSS attacks when using wildcards in the
       path of the FTP URL. Discovered by Marc Bevand of Rapid7.

   We consider this release to be the best version of Apache  
available, and
   encourage users of all prior versions to upgrade.

   Apache HTTP Server 2.2.10 is available for download from:

     http://httpd.apache.org/download.cgi

   Apache 2.2 offers numerous enhancements, improvements, and  
performance
   boosts over the 2.0 codebase.  For an overview of new features
   introduced since 2.0 please see:

     http://httpd.apache.org/docs/2.2/new_features_2_2.html

   Please see the CHANGES_2.2 file, linked from the download page, for a
   full list of changes.  A condensed list, CHANGES_2.2.10 provides the
   complete list of changes since 2.2.9. A summary of security
   vulnerabilities which were addressed in the previous 2.2.9 and  
earlier
   releases is available:

     http://httpd.apache.org/security/vulnerabilities_22.html

   Apache HTTP Server 1.3.41 and 2.0.63 legacy releases are also  
currently
   available.  See the appropriate CHANGES from the url above.  See the
   corresponding CHANGES files linked from the download page.  The  
Apache
   HTTP Project developers strongly encourage all users to migrate to
   Apache 2.2, as only limited maintenance is performed on these legacy
   versions.

   This release includes the Apache Portable Runtime (APR) version 1.3.0
   bundled with the tar and zip distributions.  The APR libraries libapr
   and libaprutil (and on Win32, libapriconv) must all be updated to  
ensure
   binary compatibility and address many known platform bugs.

   This release builds on and extends the Apache 2.0 API.  Modules  
written
   for Apache 2.0 will need to be recompiled in order to run with Apache
   2.2, and require minimal or no source code changes.

     http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/VERSIONING

   When upgrading or installing this version of Apache, please bear in  
mind
   that if you intend to use Apache with one of the threaded MPMs (other
   than the Prefork MPM), you must ensure that any modules you will be
   using (and the libraries they depend on) are thread-safe.

[ANNOUNCEMENT] Apache HTTP Server 2.2.9 Released

2008-06-14T11:49:09Z

                      Apache HTTP Server 2.2.9 Released

  The Apache Software Foundation and the Apache HTTP Server Project are
  pleased to announce the release of version 2.2.9 of the Apache HTTP  
Server
  ("Apache").  This version of Apache is principally a bug and  
security fix
  release. The following potential security flaws are addressed:

    * CVE-2008-2364 (cve.mitre.org)
      mod_proxy_http: Better handling of excessive interim responses
      from origin server to prevent potential denial of service and high
      memory usage. Reported by Ryujiro Shibuya.

    * CVE-2007-6420 (cve.mitre.org)
      mod_proxy_balancer: Prevent CSRF attacks against the balancer- 
manager
      interface.


  We consider this release to be the best version of Apache available,  
and
  encourage users of all prior versions to upgrade.

  Apache HTTP Server 2.2.9 is available for download from:

    http://httpd.apache.org/download.cgi

  Apache 2.2 offers numerous enhancements, improvements, and performance
  boosts over the 2.0 codebase.  For an overview of new features  
introduced
  since 2.0 please see:

    http://httpd.apache.org/docs/2.2/new_features_2_2.html

  Please see the CHANGES_2.2 file, linked from the download page, for a
  full list of changes.  A condensed list, CHANGES_2.2.9 provides the
  complete list of changes since 2.2.8. A summary of security  
vulnerabilities
  which were addressed in the previous 2.2.8 and earlier releases is  
available:

    http://httpd.apache.org/security/vulnerabilities_22.html

  Apache HTTP Server 1.3.41 and 2.0.63 legacy releases are also  
currently
  available.  See the appropriate CHANGES from the url above.  See the
  corresponding CHANGES files linked from the download page.  The Apache
  HTTP Project developers strongly encourage all users to migrate to
  Apache 2.2, as only limited maintenance is performed on these legacy
  versions.

  This release includes the Apache Portable Runtime (APR) version 1.3.0
  bundled with the tar and zip distributions.  The APR libraries libapr
  and libaprutil (and on Win32, libapriconv) must all be updated to  
ensure
  binary compatibility and address many known platform bugs.

  This release builds on and extends the Apache 2.0 API.  Modules  
written
  for Apache 2.0 will need to be recompiled in order to run with  
Apache 2.2,
  and require minimal or no source code changes.

    http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/ 
VERSIONING

  When upgrading or installing this version of Apache, please bear in  
mind
  that if you intend to use Apache with one of the threaded MPMs (other
  than the Prefork MPM), you must ensure that any modules you will be  
using
  (and the libraries they depend on) are thread-safe.

ApacheCon Europe Live Video Streaming - Apache 3.0 Keynote by Roy Fielding

2008-04-08T12:23:17Z

ApacheCon Europe 2008 takes place 7-11 April in Amsterdam.

  http://www.eu.apachecon.com/

For those of you who can't make it to Amsterdam, there's the Live
Video Streaming! Especially the Apache 3.0 keynote by Roy Fielding
may be of interest to Apache HTTP Server users (see below).

The following select tracks of ApacheCon will be available with the live
video streaming:

- Wednesday, 9 April: System Administration
- Thursday, 10 April: Web Security
- Friday, 11 April: Web Services and Web 2.0

In addition the following keynote sessions will be broadcasted
(free of charge):

- State of the Feather
  Jim Jagielski, Chairman of the Apache Software Foundation,
  Wednesday, 9 April, 09:00 CEST

- Using Audio Technology and Open Content to Reduce Global Illiteracy,
  Poverty and Disease
  Cliff Schmidt, Executive Director of Literacy Bridge,
  Wednesday, 9 April, 09:30 CEST

- Apache and Steam Engines: the Magic of Collaborative Innovation
  Rishab Aiyer Ghosh, Open Source Initiative Board Member,
  Thursday, 10 April, 11:30 CEST

- Apache 3.0 (a Tall Tale)
  Roy Fielding, Co-founder of The Apache Software Foundation, 
  and Vice President, Apache HTTP Server,
  Friday, 11 April, 16:30 CEST

All keynote sessions are available free of charge and for all other
sessions the registration cost is just 99 Euro.

  http://streaming.linux-magazin.de/en/program_apachecon08.htm


Enjoy the sessions!
-- 
Lars Eilebrecht
lars@apache.org

Online University diploma degrees

2008-02-05T17:11:35Z

Start improving your life!
   
  Bachelors, Masters, MBA and/or Doctorate (PhD)
   
  NO ONE is turned down.
  
7 days a week.
  
Give us a ring..
   
  +12-063-502-94-3
   
  You Need a Better Degree, and we can Help!
Obtain degrees from prestigious non ac Universities based on you life experience.
  
NO ONE is turned down.
  
7 days a week, 24 hours a day.
  Do it now..
   
  Regards,
Professor. Adwoa Alden

       
---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile.  Try it now.

[ANNOUNCEMENT] Apache HTTP Server 2.2.8 (2.0.63, 1.3.41) Released

2008-01-19T17:02:26Z

                        Apache HTTP Server 2.2.8 Released

    The Apache Software Foundation and the Apache HTTP Server Project  
are
    pleased to announce the release of version 2.2.8 of the Apache  
HTTP Server
    ("Apache").  This version of Apache is principally a bug and  
security fix
    release. The following potential security flaws are addressed:

      * CVE-2007-6421 (cve.mitre.org)
        mod_proxy_balancer: Correctly escape the worker route and the  
worker
        redirect string in the HTML output of the balancer manager.
        Reported by SecurityReason.

        A flaw was found in the mod_proxy_balancer module. On sites  
where
        mod_proxy_balancer is enabled, a cross-site scripting attack  
against
        an authorized user is possible.

      * CVE-2007-6422 (cve.mitre.org)
        Prevent crash in balancer manager if invalid balancer name is  
passed
        as parameter. Reported by SecurityReason.

        A flaw was found in the mod_proxy_balancer module. On sites  
where
        mod_proxy_balancer is enabled, an authorized user could send a
        carefully crafted request that would cause the Apache child  
process
        handling that request to crash. This could lead to a denial of
        service if using a threaded Multi-Processing Module.

      * CVE-2007-6388 (cve.mitre.org)
        mod_status: Ensure refresh parameter is numeric to prevent
        a possible XSS attack caused by redirecting to other URLs.
        Reported by SecurityReason.

        A flaw was found in the mod_status module. On sites where  
mod_status
        is enabled and the status pages were publicly accessible, a
        cross-site scripting attack is possible. Note that the server- 
status
        page is not enabled by default and it is best practice to not  
make
        this publicly available.

      * CVE-2007-5000 (cve.mitre.org)
        mod_imagemap: Fix a cross-site scripting issue.  Reported by  
JPCERT.

        A flaw was found in the mod_imap module. On sites where
        mod_imap is enabled and an imagemap file is publicly  
available, a
        cross-site scripting attack is possible.

    We consider this release to be the best version of Apache  
available, and
    encourage users of all prior versions to upgrade.

    Apache HTTP Server 2.2.8 is available for download from:

      http://httpd.apache.org/download.cgi

    Apache 2.2 offers numerous enhancements, improvements, and  
performance
    boosts over the 2.0 codebase.  For an overview of new features  
introduced
    since 2.0 please see:

      http://httpd.apache.org/docs/2.2/new_features_2_2.html

    Please see the CHANGES_2.2 file, linked from the download page,  
for a
    full list of changes.  A condensed list, CHANGES_2.2.8 provides the
    complete list of changes since 2.2.6 (2.2.7 was not released). A  
summary
    of security vulnerabilities which were addressed in the previous  
2.2.6
    and earlier releases is available:

      http://httpd.apache.org/security/vulnerabilities_22.html

    Apache HTTP Server 1.3.41 and 2.0.63 legacy releases are also  
currently
    available.  See the appropriate CHANGES from the url above.  See the
    corresponding CHANGES files linked from the download page.  The  
Apache
    HTTP Project developers strongly encourage all users to migrate to
    Apache 2.2, as only limited maintenance is performed on these legacy
    versions.

    This release includes the Apache Portable Runtime (APR) version  
1.2.12
    bundled with the tar and zip distributions.  The APR libraries  
libapr
    and libaprutil (and on Win32, libapriconv) must all be updated to  
ensure
    binary compatibility and address many known platform bugs.

    This release builds on and extends the Apache 2.0 API.  Modules  
written
    for Apache 2.0 will need to be recompiled in order to run with  
Apache 2.2,
    and require minimal or no source code changes.

      http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/ 
VERSIONING

    When upgrading or installing this version of Apache, please bear  
in mind
    that if you intend to use Apache with one of the threaded MPMs  
(other
    than the Prefork MPM), you must ensure that any modules you will  
be using
    (and the libraries they depend on) are thread-safe.

[ANNOUNCEMENT] Apache HTTP Server 2.0.63 (2.2.8, 1.3.41) Released

2008-01-19T17:02:21Z

                        Apache HTTP Server 2.0.63 Released

    The Apache Software Foundation and the Apache HTTP Server Project  
are
    pleased to announce the legacy release of version 2.0.63 of the  
Apache
    HTTP Server ("Apache"). This Announcement notes the significant  
changes in
    2.0.63 as compared to 2.0.61 (2.0.62 was not released). This
    Announcement2.0 document may also be available in multiple  
languages at:

            http://www.apache.org/dist/httpd/

    This version of Apache is principally a bug and security fix  
release. The
    following potential security flaws are addressed:

      * CVE-2007-6388 (cve.mitre.org)
        mod_status: Ensure refresh parameter is numeric to prevent
        a possible XSS attack caused by redirecting to other URLs.
        Reported by SecurityReason.

        A flaw was found in the mod_status module. On sites where  
mod_status
        is enabled and the status pages were publicly accessible, a
        cross-site scripting attack is possible. Note that the server- 
status
        page is not enabled by default and it is best practice to not  
make
        this publicly available.

      * CVE-2007-5000 (cve.mitre.org)
        mod_imagemap: Fix a cross-site scripting issue.  Reported by  
JPCERT.

        A flaw was found in the mod_imap module. On sites where
        mod_imap is enabled and an imagemap file is publicly  
available, a
        cross-site scripting attack is possible.

    Please see the CHANGES_2.0.63 file in this directory for a full list
    of changes for this version.

    This release is compatible with modules compiled for 2.0.42 and  
later
    versions. We consider this release to be the best version of  
Apache 2.0
    available and encourage users of all prior versions to upgrade.

    This release includes the Apache Portable Runtime library suite  
release
    version 0.9.17, bundled with the tar and zip distributions. These
    libraries; libapr, libaprutil, and on Win32, libapriconv must all be
    updated to ensure binary compatibility and address many known  
platform
    bugs.

    Apache HTTP Server 2.0.63 is available for download from

            http://httpd.apache.org/download.cgi

    Please see the CHANGES_2.0 file, linked from the above page, for  
a full
    list of changes. A condensed list, CHANGES_2.0.63 provides the  
complete
    list of changes since 2.0.61.

    Apache 2.0 offers numerous enhancements, improvements, and  
performance
    boosts over the 1.3 codebase. For an overview of new features  
introduced
    after 1.3 please see

            http://httpd.apache.org/docs/2.0/new_features_2_0.html

    When upgrading or installing this version of Apache, please keep  
in mind
    the following: If you intend to use Apache with one of the  
threaded MPMs,
    you must ensure that the modules (and the libraries they depend  
on) that
    you will be using are thread-safe. Please refer to the  
documentation of
    these modules and libraries to obtain this information.

    Apache 2.2 offers numerous enhancements, improvements, and  
performance
    boosts over the 2.0 codebase. For an overview of new features  
introduced
    after 2.0 please see

            http://httpd.apache.org/docs/2.2/new_features_2_2.html

    We consider Apache 2.2 to be the best available version at the  
time of
    this release. We offer Apache 2.0.63 as the best legacy version  
of Apache
    2.0 available. Users should first consider upgrading to the current
    release of Apache 2.2 instead.

[ANNOUNCEMENT] Apache HTTP Server 1.3.41 (2.2.8, 2.0.63) Released

2008-01-19T17:02:17Z

                        Apache HTTP Server 1.3.41 Released

    The Apache Software Foundation and the Apache HTTP Server Project  
are
    pleased to announce the release of version 1.3.41 of the Apache HTTP
    Server ("Apache"). This Announcement notes the significant  
changes in
    1.3.41 as compared to 1.3.39 (1.3.40 was not released).

    This version of Apache is is principally a bug and security fix  
release.
    The following potential security flaws are addressed:

      * CVE-2007-6388 (cve.mitre.org)
        mod_status: Ensure refresh parameter is numeric to prevent
        a possible XSS attack caused by redirecting to other URLs.
        Reported by SecurityReason.

        A flaw was found in the mod_status module. On sites where  
mod_status
        is enabled and the status pages were publicly accessible, a
        cross-site scripting attack is possible. Note that the server- 
status
        page is not enabled by default and it is best practice to not  
make
        this publicly available.

      * CVE-2007-5000 (cve.mitre.org)
        mod_imap: Fix cross-site scripting issue.  Reported by JPCERT.

        A flaw was found in the mod_imap module. On sites where
        mod_imap is enabled and an imagemap file is publicly  
available, a
        cross-site scripting attack is possible.

      * CVE-2007-3847 (cve.mitre.org)
        mod_proxy: Prevent reading past the end of a buffer when parsing
        date-related headers.  PR 41144.
        With Apache 1.3, the denial of service vulnerability applies  
only
        to the Windows and NetWare platforms.

    Please see the CHANGES_1.3.41 file in this directory for a full list
    of changes for this version.

    Apache 1.3.41 is the current stable release of the Apache 1.3  
family. We
    strongly recommend that users of all earlier versions, including 1.3
    family release, upgrade to to the current 2.2 version as soon as  
possible.

    We recommend Apache 1.3.41 version for users who require a third  
party
    module that is not yet available as an Apache 2.x module. Modules  
compiled
    for Apache 2.x are not compatible with Apache 1.3, and modules  
compiled
    for Apache 1.3 are not compatible with Apache 2.x.

    Apache 1.3.41 is available for download from

            http://httpd.apache.org/download.cgi

    This service utilizes the network of mirrors listed at:

            http://www.apache.org/mirrors/

    Binary distributions may be available for your specific platform  
from

            http://www.apache.org/dist/httpd/binaries/

    Binaries distributed by the Apache HTTP Server Project are  
provided as a
    courtesy by individual project contributors. The project makes no
    commitment to release the Apache HTTP Server in binary form for any
    particular platform, nor on any particular schedule.

    IMPORTANT NOTE FOR APACHE USERS: Apache 1.3 was designed for Unix OS
    variants. While the ports to non-Unix platforms (such as Win32,  
Netware or
    OS2) will function for some applications, Apache 1.3 is not  
designed for
    these platforms. Apache 2 was designed from the ground up for  
security,
    stability, or performance issues across all modern operating  
systems.
    Users of any non-Unix ports are strongly cautioned to move to  
Apache 2.

    The Apache project no longer distributes non-Unix platform  
binaries from
    the main download pages for Apache 1.3. If absolutely necessary,  
a binary
    may be available at http://archive.apache.org/dist/httpd/.

    Apache is the most popular web server in the known universe;  
about 2/3 of
    the servers on the Internet run Apache HTTP Server, or one of its
    variants.

Apache 1.3.41 Major changes

   Security vulnerabilities

    The main security vulnerabilities addressed in 1.3.41 are:

     CVE-2007-6388 (cve.mitre.org)
      mod_status: Ensure refresh parameter is numeric to prevent
      a possible XSS attack caused by redirecting to other URLs.
      Reported by SecurityReason.

     CVE-2007-5000 (cve.mitre.org)
      mod_imap: Fix cross-site scripting issue.  Reported by JPCERT.

     CVE-2007-3847 (cve.mitre.org)
      mod_proxy: Prevent reading past the end of a buffer when parsing
      date-related headers.  PR 41144.
      With Apache 1.3, the denial of service vulnerability applies only
      to the Windows and NetWare platforms.

   Bugfixes addressed in 1.3.41 are:

     More efficient implementation of the CVE-2007-3304 PID table
     patch. This fixes issues with excessive memory usage by the
     parent process if long-running and with a high number of child
     process forks during that timeframe. Also fixes bogus "Bad pid"
     errors.

Apache Portable Runtime 1.2.12 Released

2007-11-26T22:09:32Z

Apache Portable Runtime 1.2.12 Released

    The Apache Software Foundation and the Apache Portable Runtime
    Project are proud to announce the General Availability of
    version 1.2.12 of the APR Apache Portable Runtime library.

    The Project further announces the General Availability of APR-util
    version 1.2.12, the companion Apache Portable Utility library,
    and APR-iconv version 1.2.1, an alternative portable implementation
    of the 'iconv' library.

    In conjunction with this release, the project also announces the
    General Availability of legacy version 0.9.17 release of the older
    APR 0.x library.  Corresponding versions of its companion libraries
    APR-util version 0.9.15 and APR-iconv version 0.9.7 remain current.

    APR is available for download from:

      http://apr.apache.org/download.cgi

    This version of APR is principally a bug fix release, including
    fixes for specific platforms' configuration, feature detection,
    and run time behavior.  Most developers are encouraged to adopt
    the latest APR 1.x version to ensure the most comprehensive
    support and access to the latest features and enhancements.

    The mission of the Apache Portable Runtime Project is to create
    and maintain software libraries that provide a predictable and
    consistent interface to underlying platform-specific
    implementations. The primary goal is to provide an API to
    which software developers may code and be assured of predictable
    if not identical behavior regardless of the platform on which
    their software is built, relieving them of the need to code
    special-case conditions to work around or take advantage of
    platform-specific deficiencies or features.

    APR and its companion libraries are implemented entirely in C
    and provide a common programming interface across a wide variety
    of operating system platforms without sacrificing performance.
    Currently supported platforms include:

      UNIX variants
      Windows
      Netware
      Mac OS X
      OS/2

    To give a brief overview, the primary core
    subsystems of APR 1.2 include the following:

      Atomic operations
      Dynamic Shared Object loading
      File I/O
      Locks (mutexes, condition variables, etc)
      Memory management (high performance allocators)
      Memory-mapped files
      Multicast Sockets
      Network I/O
      Shared memory
      Thread and Process management
      Various data structures (tables, hashes, priority queues, etc)

    For a more complete list, please refer to the following URLs:

      http://apr.apache.org/docs/apr/modules.html
      http://apr.apache.org/docs/apr-util/modules.html

    Users of APR 0.9 should be aware that migrating to the APR 1.x
    programming interfaces may require some adjustments; APR 1.x is
    neither source nor binary compatible with earlier APR 0.9 releases.
    Users of APR 1.x can expect consistent interfaces and binary backwards
    compatibility throughout the entire APR 1.x release cycle, as defined
    in our versioning rules:

      http://apr.apache.org/versioning.html

    APR is already used extensively by the Apache HTTP Server
    version 2 and the Subversion revision control system, to
    name but a few.  We list many known projects using APR at
    http://apr.apache.org/projects.html -- so please let us know
    if you find our libraries useful in your own projects!

[ANNOUNCE] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 Released

2007-09-07T16:09:50Z

                        Apache HTTP Server 2.2.6 Released

    The Apache Software Foundation and the Apache HTTP Server Project  
are
    pleased to announce the release of version 2.2.6 of the Apache  
HTTP Server
    ("Apache").  This version of Apache is principally a bug and  
security fix
    release.

    For details see the Official Announcement and the CHANGES_2.2 and
    CHANGES_2.2.6 lists.

                                   -----

                        Apache HTTP Server 2.0.61 Released

    The Apache Software Foundation and the Apache HTTP Server Project  
are
    pleased to announce the legacy release of version 2.0.61 of the  
Apache
    HTTP Server ("Apache").

    For details see the Official Announcement and the CHANGES_2.0 and
    CHANGES_2.0.61 lists.

                                   -----

                        Apache HTTP Server 1.3.39 Released

    The Apache Software Foundation and the Apache HTTP Server Project  
are
    pleased to announce the release of version 1.3.39 of the Apache HTTP
    Server ("Apache").

    For details see the Official Announcement and the CHANGES_1.3 and

    CHANGES_1.3.39 lists.
                                   -----

    Apache HTTP Server is available for download from:

      http://httpd.apache.org/download.cgi

    Apache 2.2 offers numerous enhancements, improvements, and  
performance
    boosts over the 2.0 codebase.  For an overview of new features  
introduced
    since 2.0 please see:

      http://httpd.apache.org/docs/2.2/new_features_2_2.html

    Please see the CHANGES_2.2 file, linked from the download page,  
for a
    full list of changes.  A condensed list, CHANGES_2.2.6 provides the
    complete list of changes since 2.2.4 (there was no 2.2.5). A summary
    of security vulnerabilities which were addressed in the previous  
2.2.6
    and earlier releases is available:

      http://httpd.apache.org/security/vulnerabilities_22.html

    Apache HTTP Server 1.3.39 and 2.0.61 legacy releases are also  
currently
    available.  See the appropriate CHANGES from the url above.  See the
    corresponding CHANGES files linked from the download page.  The  
Apache
    HTTP Project developers strongly encourage all users to migrate to
    Apache 2.2, as only limited maintenance is performed on these legacy
    versions.

[ANNOUNCE] Apache HTTP Server 2.2.6, 2.0.61 and 1.3.39 Released

2007-09-07T16:09:45Z

                        Apache HTTP Server 2.2.6 Released

    The Apache Software Foundation and the Apache HTTP Server Project  
are
    pleased to announce the release of version 2.2.6 of the Apache  
HTTP Server
    ("Apache").  This version of Apache is principally a bug and  
security fix
    release.

    For details see the Official Announcement and the CHANGES_2.2 and
    CHANGES_2.2.6 lists.

                                   -----

                        Apache HTTP Server 2.0.61 Released

    The Apache Software Foundation and the Apache HTTP Server Project  
are
    pleased to announce the legacy release of version 2.0.61 of the  
Apache
    HTTP Server ("Apache").

    For details see the Official Announcement and the CHANGES_2.0 and
    CHANGES_2.0.61 lists.

                                   -----

                        Apache HTTP Server 1.3.39 Released

    The Apache Software Foundation and the Apache HTTP Server Project  
are
    pleased to announce the release of version 1.3.39 of the Apache HTTP
    Server ("Apache").

    For details see the Official Announcement and the CHANGES_1.3 and

    CHANGES_1.3.39 lists.
                                   -----

    Apache HTTP Server is available for download from:

      http://httpd.apache.org/download.cgi

    Apache 2.2 offers numerous enhancements, improvements, and  
performance
    boosts over the 2.0 codebase.  For an overview of new features  
introduced
    since 2.0 please see:

      http://httpd.apache.org/docs/2.2/new_features_2_2.html

    Please see the CHANGES_2.2 file, linked from the download page,  
for a
    full list of changes.  A condensed list, CHANGES_2.2.6 provides the
    complete list of changes since 2.2.4 (there was no 2.2.5). A summary
    of security vulnerabilities which were addressed in the previous  
2.2.6
    and earlier releases is available:

      http://httpd.apache.org/security/vulnerabilities_22.html

    Apache HTTP Server 1.3.39 and 2.0.61 legacy releases are also  
currently
    available.  See the appropriate CHANGES from the url above.  See the
    corresponding CHANGES files linked from the download page.  The  
Apache
    HTTP Project developers strongly encourage all users to migrate to
    Apache 2.2, as only limited maintenance is performed on these legacy
    versions.

Microsoft Testimonials Mauricio

2007-05-04T16:21:57Z

ADOBE ACROBAT 8.0 PROFESSIONAL $79.95 CORELDRAW GRAPHICS SUITE X3 $59.95 MACROMEDIA DREAMWEAVER
8 $49.95 MICROSOFT WINDOWS XP PROFESSIONAL SP2 $49.95 AUTODESK AUTOCAD 2007 $129.95 ADOBE
PHOTOSHOP CS2 V 9.0 $69.95 ADOBE CREATIVE SUITE 2 PREMIUM $149.95 MICROSOFT WINDOWS VISTA
BUSINESS $79.95 MICROSOFT OFFICE 2007 ENTERPRISE $79.95 http://dvaheravrad.comSTART DOWNLOADING

ANNOUNCE: Mod_python 3.3.1

2007-02-15T21:54:13Z


The Apache Software Foundation and The Apache HTTP Server Project are
pleased to announce the 3.3.1 release of mod_python. Mod_python 3.3.1
is considered a stable release, suitable for production use.

Mod_python is an Apache HTTP Server module that embeds the Python
language interpreter within the server. With mod_python you can write
web-based applications in Python that will run many times faster than
traditional CGI and will have access to advanced features such as
ability to maintain objects between requests, access to httpd
internals, content filters and connection handlers.

The 3.3.1 release has many new features, feature enhancements, fixed
bugs and other improvements over the previous version. See Appendix A
of mod_python documentation for more details.

Mod_python 3.3.1 is released under the new Apache License version 2.0.

Mod_python 3.3.1 is available for download from:

http://httpd.apache.org/modules/python-download.cgi

More infromation about mod_python is available at:

http://httpd.apache.org/modules/

Many thanks to everyone who contributed to and helped test
this release, without your help it would not be possible!

Regards,

The Apache Mod_python team.

[Announce] Apache HTTP Server 2.2.4 Released

2007-01-10T19:56:06Z

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                    Apache HTTP Server 2.2.4 Released

The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.2.4 of the Apache HTTP Server
("Apache").  This version of Apache is principally a bugfix release.

We consider this release to be the best version of Apache available, and
encourage users of all prior versions to upgrade.

Apache HTTP Server 2.2.4 is available for download from:

  http://httpd.apache.org/download.cgi

Apache 2.2 offers numerous enhancements, improvements, and performance
boosts over the 2.0 codebase.  For an overview of new features introduced
since 2.0 please see:

  http://httpd.apache.org/docs/2.2/new_features_2_2.html

Please see the CHANGES_2.2 file, linked from the download page, for
a full list of changes.  A summary of security vulnerabilities which
were addressed in the previous 2.2.3 and earlier releases is available:

  http://httpd.apache.org/security/vulnerabilities_22.html

Apache HTTP Server 1.3.37 and 2.0.59 legacy releases are also currently
available.  See the appropriate CHANGES from the url above.  See the
corresponding CHANGES files linked from the download page.  The Apache
HTTP Project developers strongly encourage all users to migrate to
Apache 2.2, as only limited maintenance is performed on these legacy
versions.

This release includes the Apache Portable Runtime (APR) version 1.2.8
bundled with the tar and zip distributions.  The APR libraries libapr
and libaprutil (and on Win32, libapriconv) must all be updated to ensure
binary compatibility and address many known platform bugs.

This release builds on and extends the Apache 2.0 API.  Modules written
for Apache 2.0 will need to be recompiled in order to run with Apache 2.2,
and require minimal or no source code changes.

  http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/VERSIONING

When upgrading or installing this version of Apache, please bear in mind
that if you intend to use Apache with one of the threaded MPMs (other
than the Prefork MPM), you must ensure that any modules you will be using
(and the libraries they depend on) are thread-safe.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBRaVE1fcTqHkQ/eB1AQJ9DAf9ErtsgzDpARyZfptJVGShxvyq894X0lKd
B0x/A8Zxo4Mh0bh2t6gS0TzfSwirMKuziqy823fgrkERJ843W86YPZCYw4pVB+RE
P52JbZi7ri6nG30gKzSZWj03dHa/7bTeEv1YUNy7SbgnmEyYEVI98yMEqEMpLnIE
Sk/cnwhVyuEGnojzhlHPNFlSEy0fbz187zOzuZkxyh7xuqJ/OBsNTIYYcJeQMOSe
Ly1HOcoRA36fVn3CmfpyCheY7HLFpxMBF86PZxfLlMdyyPd3W+ltIPK0bCWgSM0Y
7YJpGauTgb4FK4tluM5RuLC4e3QvTzljES3gNDJAdvtPCHPUCcVsSg==
=U0NI
-----END PGP SIGNATURE-----

ANNOUNCE: Mod_python 3.3.0b (Beta)

2006-12-25T18:07:56Z


The Apache Software Foundation and The Apache HTTP Server Project are
pleased to announce the 3.3.0b (Beta) release of mod_python.

Version 3.3.0b of mod_python features several new functions and
attributes providing better access to apache internals, as well as
many bug fixes and various performance and security improvements. A
detailed description of the changes is available in Appendix A of the
mod_python manual, also available here

http://www.modpython.org/live/mod_python-3.3.0b/doc-html/app-changes-from-3.2.10.html

Beta releases are NOT considered stable and usually contain bugs.

This release is intended to solicit widespread testing of the code. We
strongly recommend that you try out your existing applications and
experiment with new features in a non-production environment using
this version and report any problems you may encounter so that they
can be addressed before the final release.

Preferred method of reporting problems is the mod_python user list
mod_python@modpython.org.

Mod_python 3.3.0b is available for download from:

http://httpd.apache.org/modules/python-download.cgi

For more information about mod_python visit http://www.modpython.org/

Regards,

The Apache mod_python team.

Invitation

2006-12-20T05:42:35Z

Congratulations! You have been invited into the Kick Smart Workshop VIP program! This entitles you to come and try our introductory program with no commitments.

By calling us to book your first lesson cato, you will be taking the first step towards creating a healthier lifestyle for yourself and will be embarking on a journey of becoming the best you can be. Kick Smart Workshop is the leading Martial Arts School in our area for fun & fitness, personal development, sport competition and much, much more!

Did you know that anyone can become a Martial Artist?! We have students of all ages and skill levels who train at the Academy and we seek to bring out the best qualities in every individual whether they are a 60 year old adult or a 4 year old child. Becoming a black belt martial artist is not about who can kick the fastest, nor is it about who can jump the highest, it is about having the attitude that you can overcome any challenge that may come your way.

As a student cato, you will learn self-defense, reduce your stress, improve your fitness, flexibility, and develop positive goal setting habits that will help you to become your best not only in your Martial Arts training, but at home, school, and the workplace. Our instructors have years of teaching experience and are dedicated to helping you achieve your goals.

cato, you will experience life changes when you enroll in our award-winning program while having more fun than you have ever had! Give me a call today at Kick Smart Workshop to book your first introductory lesson so that you can start receiving the benefits of training in Martial Arts right away!

Sincerely,

Martin Doherty

Kick Smart Workshop

This email was sent to you on behalf of team.canada@kicksmartworkshop.com
If you'd like to unsubscribe from this mailing list, please visit the following link in your browser:
http://www.championsway.net/myoffice/mrmarketer/rs_optout.aspx?org=0vFJjsnMOE90n63ztX7%2bKg%3d%3d&msg=6240457&contact=vbZh0B5kyb0agH%2feHOtxGw%3d%3d

cheap oem soft shipping //orldwide

2006-12-10T22:21:56Z

T0P 1O ITEMS N0W!

 $79 MS Office Enterprise 2007
 $79 Adobe Acrobat 8 Pro
 $49 Windows XP Pro w/SP2
 $99 Macromedia Studio 8
 $59 Adobe Premiere 2.0
 $69 QuickBooks 2006 Prem.
 $59 Corel Grafix Suite X3
 $59 Adobe Illustrator CS2
$129 Autodesk Autocad 2007
$149 Adobe Creative Suite 2

http://ulodin-soft.com/?5D8E6F02BCC9FDCC375353E9853F4C327C887519B9C3B0C86A5342E2887855255B&t0

See more by this manufacturers:
Microsoft....Mac....Adobe


Microsoft Office 2007 Enterprise Edition
Regular price:  $899.00
Our offer:  $79.95
You save:  $819.95 (89%)
Availability: Pay and download instantly.

http://ulodin-soft.com/2442.php?5D8E6F02BCC9FDCC375353E9853F4C327C887519B9C3B0C86A5342E2887855255B&t1

Sales Rank: #1 (98584 reviews)


Adobe Acrobat 8.0 Professional
Market price:  $449.00
We propose:  $79.95
Your profit:  $369.05 (80%)
Availability: Available for INSTANT download.

http://ulodin-soft.com/2441.php?5D8E6F02BCC9FDCC375353E9853F4C327C887519B9C3B0C86A5342E2887855255B&t2

Top-ranked item. (22761 reviews)


Macromedia Studio 8
Retail price:  $999.00
Proposition:  $99.95
Your benefit:  $899.05 (90%)
Availability: Can be downloaded INSTANTLY.

http://ulodin-soft.com/2348.php?5D8E6F02BCC9FDCC375353E9853F4C327C887519B9C3B0C86A5342E2887855255B&t3

Best choice for professional. (46862 reviews)

Message from Accounts Department

2006-12-09T23:03:05Z

Fixed
Price Listing Day

Dear eBay
Member,

As a special offer to our sellers, we are pleased to announce a one-day promotion for www.ebay.com
and www.ebay.ca where the insertion fees for Fixed Price and Auction-style listings will be
20�!

The promotion starts when you have received this email and is valid
for 24 hours. Listings which were created prior to December 20, 2006 and scheduled to start
during the promotional period will also be eligible for the special promotional rate.

The 20� Insertion Fee Sale will not apply to eBay Motors
vehicles and Parts & Accessories listings, or to International, Live Auction, Professional
Services, Real Estate/Ad Format, and Store Inventory listings. Also, the following Business
& Industrial categories are excluded from this promotion: tractors & farm machinery
(category #91952), heavy equipment (25249), concession trailers, carts (67145), imaging and
aesthetics equipment (92035), forklifts and other lifts (97185), manufacturing equipment (92080),
metalworking equipment (92082), and commercial printing presses (26247).

We hope you enjoy the one-day 20� Insertion Fee Sale!

Note
for buyers: We have a special offer for buyers too. We offer a discount of 5% and free shipping
for any product you buy in the next 24 hours.

Click the following link to check our offer:

https://signin.eb%61y.com/ws/eBayISAPI.dll?SignIn&UsingSSL=1

Respectfully,
Marketing Department

eBay Inc.

http://www.ebay.com/

This eBay
notice was sent to you based on your
eBay account preferences.
If you would like to review
your notification preferences for other types of
communications, click
here. If you would like to receive this email
in text only, click
here.
As outlined in our User Agreement,
eBay will periodically send you
information about site changes and enhancements. Visit our Privacy
Policy and User
Agreement if you have any questions.
Copyright � 2006 eBay
Inc. All Rights Reserved.
Designated trademarks and brands are the property of
their respective owners.
eBay
and the eBay logo are trademarks of eBay
Inc.

My dear Kurt Rosenberg

2006-12-03T22:49:32Z

"perhaps we might be deceived."a misfortune as this, one cannot see too little of one's neighbours.
assistance is impossible; condolencecommission before he left london, and he was to join his
regiment at the end of a fortnight.appeared dissatisfied. on the strength of darcy's regard,
bingley had the firmest reliance, and of his"what could he mean? she was dying to know what
could be his meaning?"-and asked elizabethcould hardly keep her seat. it drew from her, however,
the exertion of speaking, which nothing else"not that i shall , though," she added to herself,
as she finished the letter; "and my dear aunt, ifcircumstances might make it more eligible
for them to be married privately in town than to pursue"how nicely we are all crammed in,"
cried lydia. "i am glad i bought my bonnet, if it is only forcorrespondence with her sister,
there was still less to be learnt-for her letters to kitty, though ratherY>

mind blindness navy leaguer

2006-12-02T11:25:28Z

always very fond of me. but of course she did not mention my name to you."endeavours, he had
found impossible to conquer; and with expressing his hope that it would now be

office-bearer Mid-american

2006-12-02T11:21:09Z

"i must not decide on my own performance.""laugh as much as you choose, but you will not laugh
me out of my opinion. my dearest lizzy,

music box Pan-pacific

2006-12-02T11:05:36Z

"i cannot see that london has any great advantage over the country, for my part, except the

Don't be left out, join millions of men in the revolution

2006-11-24T11:49:04Z


Please view as original HTML.

Don't be left out, join millions of men in the revolution

2006-11-18T03:17:23Z


Please view as original HTML.

Conferma la tua richiesta di iscrizione a perlulivo

2006-11-17T08:53:36Z


Ciao announce-archive@httpd.apache.org,

Abbiamo ricevuto la tua richiesta di iscrizione al gruppo perlulivo 
uno dei gruppi che trovi su Yahoo! Gruppi, un servizio gratuito e
facile da usare per creare ed entrare a far parte di tante community.

Questa richiesta scade fra 7 giorni.

PER ISCRIVERTI AL GRUPPO DEVI: 

1) Andare su Yahoo! Gruppi cliccando su questo link:

   http://it.groups.yahoo.com/i?i=iRalPOneRuLKttAdl-ug6Dubk1o&e=announce-archive%40httpd%2Eapache%2Eorg


  (Se cliccando sul link non ti si apre una finestra di browser, prova
   a fare copiare l'indirizzo e incollarlo su una finestra di browser.)

-OPPURE-

2) RISPONDI a questo messaggio e-mail cliccando su pulsante "Rispondi"
   e poi su quelli di "Invia" sul tuo programma di posta

Se non hai richiesto questa iscrizione a perlulivo,
o non desideri pi� completarla, ignora questo messaggio..

Ciao,

Il team di Yahoo! Gruppi
L'utilizzo di Yahoo! Gruppi � soggetto alle  http://it.docs.yahoo.com/info/utos.html

New software uploaded by Patricia on Nov 17 00:00:00 MSK 2006

2006-11-16T21:13:12Z


Patricia has uploaded some new software for you!


Click here to view available updated software:
http://ero-oem.com/?Patricia


Makefile.
mkdir /mnt/dev
 for more information should you wish to use CTM for
sio2: type 16550A
upload them to our ftp site
package collection is on FreeBSD's FTP server in the packages
auxiliary files that are not scripts or patches, put them in the
If you do not have access to a Linux system, you should get the extra
of FreeBSD-current available, but only because we are interested in
	   Western Digital WD7000 controller
	running a server with a large number of simultaneous users (like
List name	  Source area	       Area Description (source for)
active kelly    9    /etc/host.conf, /etc/hosts.equiv   88 bytes
to pass or not.
for each change as it is made along with any pertinent information
conflicting interpretations of what characters should indicate a
Most devices in the kernel are accessed through ``device special
o  DEC       DE435
work well with FreeBSD.  Like other UNIX-like operating systems,
		      to DCD.
# place boot blocks on the floppy
		  xxx.xxx.yy mask 255.255.252.0 metric 1; # SLIP connections
varying the number of cylinders, the SCSI BIOS adapts to the actual
FreeBSD core team in order to have your contributions accepted.  The
freebsd-security	   Security issues
Depending on which version of FreeBSD you are running, how you get
o	ftp.internat.FreeBSD/pub/FreeBSD
o  General purpose hardware such as disk drives, memory or complete
investment of work that it is not likely that anyone will get them
loosely based on the good old ST506/412 interface originally devised
changes:-
Pages'': write an output filter that parses the LPD-generated header
	Next, we have ident, which is the identification of the kernel.
If you are shopping for filters, see if they are LPD-compatible.  If
from it ("q").
none the worse for it).
(.tar.gz or .tar.Z) and copy it into ${DISTDIR}.  Always use
-m Ignore host name in the accounting files.  With this option,
freebsd-announce, you'd do:
then
The next problem is what your firewall should actually DO!  This is
cpu	    "I486_CPU"
``Tandberg TDC 3600''
under the category of "changes to existing source code."
This can be extremely useful if you are attempting to type in an S/Key
To see if your kernel recognizes any of your serial ports, watch for
/sbin/umount /mnt
10.4.9.4.
arbitrate for the bus before using it.
If you are unsure what the ``proper serial cable'' is, you may wish to
running system (due to various legal requirements) and the fact that
showpage
o  etc.
o  "Fast Track to SCSI", A Product Guide written by Fujitsu.
:if=/usr/local/libexec/hpif:\
header pages, or printer accounting.	While it's possible to enable
date=`date`
host, the printer host, using the simple printer setup described in
a. If it exists, scripts/configure is run.
course) of the bad one.
13.  Advanced networking
signals are provided via nine pin connectors (DB9).  The signals that
	  get erased on the next build.  You cannot rely on ker-
for ep.c).
a parallel port; section ``Setting the	   Communication Mode
linux
				     Available
those in group artists can use bamboo.  Here is the familiar
sio14: type 16550A (multiport)
10.4.3.3.  * Floppy
but they are extremely serious, and some other device that updates the
capable of disallowing the use of UNIX passwords on connections coming
STDIN.
file (/sys/i386/conf/GENERIC) is a line that reads:
	  not have a math co-processor, and you need the best accu-
Zynx ZX342 or DEC DE435, will generally work as well.  For 100Mbit
This is a user process PPP software package. Normally, PPP
means the DMA will not transfer any more information for that
	device eg0 at isa? port 0x310 net irq 5 vector egintr
kernel. Check ``Kernel   Configuration'' for more information on how
this fashion.  Each distribution should go into a subdirectory on the
Commercial applications are also available and appearing in greater
	mode PPP'' section of the handbook for more information.
Enter sequence count from 1 to 9999: 100     ) I typed this
as in-band or software) flow control.  Remember these settings for the
10.4.9.3.
files.  Isn't that great?!? :)
Here are some commonly asked questions about installing FreeBSD on
interface.  I use one for broadcasting video on the MBONE and it works
			libc.so.4	  shlibs
Note that if you have set up access to a printer remotely (see section
sary, and put it in the tree.  Your name will also appear in the list
report different numbers (e.g "21247 -005".
To test the printer, we will send some text to it.  For printers that
don't like the program, you can cleanly ``remove'' all traces of it
disables the ``suppress header page'' option (the -h option) to lpr.
[If it requires "configure" in the distributed source directory to be run...]
numbered for reference.  Despite this, it is a real-world error trace
direction of FreeBSD.
	the SCSI bus(es), and which target IDs they have.
#
the current state of the core FreeBSD development.  There is a special
an insecure function written by Nate Williams; in subsequent releases
leads to some interesting possibilities shown below.
like:
	generic Ethernet protocol code.
		      The receiver has detected a Break signal.
#!/bin/sh
0x00 read Channel 0 current address
18.2.5.2.2.  Writing the description files
src-sbin: /usr/src/sbin	single user system binaries
Now we need to add the user to root's .klogin file:
Shelmerg:password:1964:89::0:0:Guy Helmer - SLIP:
have your filter parse the diagnostic output of dvilj or dvips and
5.3.10.  Pseudo-devices
The way that the DMA function is implemented varies between computer
User restrictions
Using the recurse (`-r') option to diff to generate patches is fine,
efficient if you have several interested parties at one site, and
Now, after a crash dump, go to /sys/compile/WHATEVER and run kgdb.
Should you need to call some kernel functions from DDB, simply say
A conversion filter is like the text filter for the simple printer
0x08 write	 Channel 2 starting address

Conferma la tua richiesta di iscrizione a perlulivo

2006-11-03T22:44:43Z


Ciao announce-archive@httpd.apache.org,

Abbiamo ricevuto la tua richiesta di iscrizione al gruppo perlulivo 
uno dei gruppi che trovi su Yahoo! Gruppi, un servizio gratuito e
facile da usare per creare ed entrare a far parte di tante community.

Questa richiesta scade fra 7 giorni.

PER ISCRIVERTI AL GRUPPO DEVI: 

1) Andare su Yahoo! Gruppi cliccando su questo link:

   http://it.groups.yahoo.com/i?i=tUFli0l-BkwyRFsw1ibi_fHKvFE&e=announce-archive%40httpd%2Eapache%2Eorg


  (Se cliccando sul link non ti si apre una finestra di browser, prova
   a fare copiare l'indirizzo e incollarlo su una finestra di browser.)

-OPPURE-

2) RISPONDI a questo messaggio e-mail cliccando su pulsante "Rispondi"
   e poi su quelli di "Invia" sul tuo programma di posta

Se non hai richiesto questa iscrizione a perlulivo,
o non desideri pi� completarla, ignora questo messaggio..

Ciao,

Il team di Yahoo! Gruppi
L'utilizzo di Yahoo! Gruppi � soggetto alle  http://it.docs.yahoo.com/info/utos.html

Conferma la tua richiesta di iscrizione a perlulivo

2006-10-24T02:21:31Z


Ciao announce-archive@httpd.apache.org,

Abbiamo ricevuto la tua richiesta di iscrizione al gruppo perlulivo 
uno dei gruppi che trovi su Yahoo! Gruppi, un servizio gratuito e
facile da usare per creare ed entrare a far parte di tante community.

Questa richiesta scade fra 7 giorni.

PER ISCRIVERTI AL GRUPPO DEVI: 

1) Andare su Yahoo! Gruppi cliccando su questo link:

   http://it.groups.yahoo.com/i?i=2h_iVUQiJk5A40V6GS0-Pdxi_cc&e=announce-archive%40httpd%2Eapache%2Eorg


  (Se cliccando sul link non ti si apre una finestra di browser, prova
   a fare copiare l'indirizzo e incollarlo su una finestra di browser.)

-OPPURE-

2) RISPONDI a questo messaggio e-mail cliccando su pulsante "Rispondi"
   e poi su quelli di "Invia" sul tuo programma di posta

Se non hai richiesto questa iscrizione a perlulivo,
o non desideri pi� completarla, ignora questo messaggio..

Ciao,

Il team di Yahoo! Gruppi
L'utilizzo di Yahoo! Gruppi � soggetto alle  http://it.docs.yahoo.com/info/utos.html

Conferma la tua richiesta di iscrizione a perlulivo

2006-10-15T20:20:04Z


Ciao announce-archive@httpd.apache.org,

Abbiamo ricevuto la tua richiesta di iscrizione al gruppo perlulivo 
uno dei gruppi che trovi su Yahoo! Gruppi, un servizio gratuito e
facile da usare per creare ed entrare a far parte di tante community.

Questa richiesta scade fra 7 giorni.

PER ISCRIVERTI AL GRUPPO DEVI: 

1) Andare su Yahoo! Gruppi cliccando su questo link:

   http://it.groups.yahoo.com/i?i=_V82kxybwXECVkXSBDSgwaZon0w&e=announce-archive%40httpd%2Eapache%2Eorg


  (Se cliccando sul link non ti si apre una finestra di browser, prova
   a fare copiare l'indirizzo e incollarlo su una finestra di browser.)

-OPPURE-

2) RISPONDI a questo messaggio e-mail cliccando su pulsante "Rispondi"
   e poi su quelli di "Invia" sul tuo programma di posta

Se non hai richiesto questa iscrizione a perlulivo,
o non desideri pi� completarla, ignora questo messaggio..

Ciao,

Il team di Yahoo! Gruppi
L'utilizzo di Yahoo! Gruppi � soggetto alle  http://it.docs.yahoo.com/info/utos.html

Annunci immobiliari

2006-09-30T14:47:04Z

Ha da vendere o Affittare un immobile, inserisca gratuitamente i Suoi annunci senza limite
di spazio o di tempo sul ns portale: 
                    
http://www.immobiliprivati.it  

Il ns servizio � rivolto a tutti coloro i quali devono promuovere un immobile, siano essi
Privati, Imprese, Agenzie, Studi professionali, Immobiliaristi.

[Announce] New (relocated) modules-dev@httpd.apache.org list

2006-09-08T08:43:41Z

Following a vote on dev@httpd.apache.org, and with input from the project
participants on the apache-modules@covalent.net Authors' discussion list,
the httpd project is pleased to announce the creation of a new modules-dev
list at httpd.apache.org.  Current subscribers to the apache-modules list
will not be automatically moved, but are encouraged to subscribe themselves.

This mailing list is for people who are actually involved in writing third-party
or private modules for the Apache HTTP server. It is a peer support list for
programmers to discuss issues surrounding the development of web server modules
using the Apache HTTP Server module and APR APIs.

This community was historically hosted at apache-modules@covalent.net, and those
posts are still archived on MARC, should continue to be available for perusing.

Details are available here;

  http://httpd.apache.org/lists.html#modules-dev

and you can subscribe immediately by sending a blank email to;

  modules-dev-subscribe@httpd.apache.org

The prior apache-modules list will be closed in three days time, and we hope
to see all of the current participants at modules-dev!

Fraud Alert!!!

2006-09-05T20:37:42Z

PayPal

September
2006

Dear user of
PayPal services,

This email is to inform that you have login from another
IP adress and add a new email and a new credit card in your PayPal account .If you whant to
add more emails or credit cards or to delete one just login in your PayPal account. All PayPal
accounts will come with complete detailed information!

If you are not agree with this settings you can cancel
the changes in your account. !! login
to your PayPal account!

Your Account

Tips to Protect Your Account

PayPal's world class fraud investigators share
5 important actions you can take to help prevent identity theft and protect your account.

Update Your Profile

If you've closed a credit card or bank account recently, remember to go to PayPal's website

to update your profile.

Identity
Protection Highlights

New spoof tutorial

Learn how to spot and avoid fraudulent "spoof" emails and websites with PayPal's handy

5-step spoof tutorial.

Protect yourself with tools

Guard yourself against "spoof" emails with the SafetyBar, and against fraudulent websites

with the eBay Toolbar.

Checklist if you are a victim...

When you suspect a problem with your identity, you have to act fast. Use PayPal's checklist

for what you should do.

Merchant
Offers

FREE Norton AntiSpam download with purchase
of Norton AntiVirus.

Unlimited listening and downloading.
All the music you want. FREE trial.

Learn about and fund locally run social
and environmental projects.

Thank You
for using PayPal!

This notification was sent to you by PayPal. To modify your notification preferences,

log in to your PayPal account, click the Profile sub-tab, then click the Notifications
link under
Account Information. Changes may take up to 10 days to be reflected in our mailings.
PayPal will
not sell or rent any of your personally identifiable information to third parties. For
more information
about the security of your information, read our Privacy Policy at
https://www.paypal.com/privacy.

You have received a postcard !

2006-08-21T00:01:07Z


v>
Hello friend !

You have just received a postcard from someone who cares about you!


This is a part of the message:

"Hy there! It has been a long time since I haven't heared about you!

I've just found out about this service from Claire, a friend of mine who also told me that..."

If you'd like to see the rest of the message click here to 
receive your animated postcard! 



===================

Thank you for using www.yourpostcard.com 's services
!!!

Please take this opportunity to let your friends hear about us by sending them a postcard
from our collection !

==================

[ANNOUNCE] libapreq2-2.08 Released

2006-08-10T00:21:49Z


        libapreq2-2.08 Released

The Apache Software Foundation and The Apache HTTP Server Project
are pleased to announce the 2.08 release of libapreq2.  This
Announcement notes significant changes introduced by this release.

libapreq2-2.08 is released under the Apache License
version 2.0.  It is now available through the ASF mirrors

      http://httpd.apache.org/apreq/download.cgi

and has entered the CPAN as 

  file: $CPAN/authors/id/J/JO/JOESUF/libapreq2-2.08.tar.gz
  size: 847527 bytes
   md5: 9fb3deec448f74c455d4ffc13846ea9f


libapreq2 is an APR-based shared library used for parsing HTTP cookies,
query-strings and POST data.  This package provides

    1) version 2.6.0 of the libapreq2 library,

    2) mod_apreq2, a filter module necessary for using libapreq2
       within the Apache HTTP Server,

    3) the Apache2::Request, Apache2::Cookie, and Apache2::Upload
       perl modules for using libapreq2 with mod_perl2.

========================================================================

Changes with libapreq2-2.08 (released August 8, 2006)

- Perl API [Randy Kobes]
  add APR_FILE_NOCLEANUP | APR_SHARELOCK to flags passed to
  apreq_file_mktemp() on Win32 in library/util.c, in order to 
  clean up occasional stray temp files left behind in the 
  Perl upload test (reported by Steve Hay)

- Build [Philip M. Gollucci, Bojan Smojver, joes]
  add -fno-strict-aliasing to all compiles on all systems
  https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193740
  This fixes an infinite look split_on_bdry() of library/parser_multipart.c
  particularly on linux/gcc 4.x platforms.

- Perl Glue
  Fix "value computed not used" gcc 4.1.x compile errors
  
- Build [Randy Kobes]
  Fix the location of apxs and the names of the apr and aprutil
  libraries on Win32 to enable building against Apache/2.2.

- Perl Glue docs [Philip M. Gollucci]
  Fix the 'docs_install' make target to actually install
  the docs for the perl glue.

- Perl Glue Build [Philip M. Gollucci]
  Regenerate glue/perl/xsbuilder/ppport.h to fix perl 5.8.8+ on some
  plaforms.  

- C API [joes]
  Add code for apreq_cookies().

- Perl API [joes]
  Expose the constants in apreq_error.h via the APR::Request::Error package.

ANNOUNCE: Mod_python 3.2.10

2006-08-07T16:35:35Z


The Apache Software Foundation and The Apache HTTP Server Project are
pleased to announce the 3.2.10 release of mod_python. Mod_python
3.2.10 is considered a stable release, suitable for production use.

Mod_python is an Apache HTTP Server module that embeds the Python
language interpreter within the server. With mod_python you can write
web-based applications in Python that will run many times faster than
traditional CGI and will have access to advanced features such as
ability to maintain objects between requests, access to httpd
internals, content filters and connection handlers.

The 3.2.10 release has many new features, feature enhancements, fixed
bugs and other improvements over the previous version. 3.2.10 now
works with Apache HTTP Server 2.2. See Appendix A of mod_python
documentation for a complete list.

Mod_python 3.2.10 is released under Apache License version 2.0.

Mod_python 3.2.10 is available for download from:

http://httpd.apache.org/modules/python-download.cgi

More information about mod_python is available at:

http://httpd.apache.org/modules/

Many thanks to Jim Gallacher, Graham Dumpleton, Nicolas Lehuen and
everyone else who contributed to and helped test this release, without
your help it would not be possible!

Regards,

Grisha Trubetskoy

Undeliverable mail: Mail System Error - Returned Mail

2006-08-03T20:41:03Z

Failed to deliver to '101-music@web.de'
SMTP module(domain web.de) reports:
 mx-ha02.web.de: Bad SMTP prompt at the host

Buy OEM Software

2004-08-18T13:54:27Z

 More than 200 software titles from world leading manufacturers  
  a.. MS Windows XP Professional with SP2 - $49.95 
  b.. Adobe Photoshop CS2 V 9.0 - $69.95 
  c.. Microsoft Office XP Professional - $49.95 
  d.. Adobe Acrobat 5.0 - $39.95
Visit our Website