httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject cvs commit: apache-1.3 Announcement
Date Thu, 04 Oct 2001 08:40:51 GMT
wrowe       01/10/04 01:40:51

  Modified:    .        Announcement
  Log:
    Justified fixed courier is the single hardest format in the world to
    read.  Having generated in excess of a billion documents in my former
    life, I will play authority on that ;)
  
  Revision  Changes    Path
  1.73      +92 -92    apache-1.3/Announcement
  
  Index: Announcement
  ===================================================================
  RCS file: /home/cvs/apache-1.3/Announcement,v
  retrieving revision 1.72
  retrieving revision 1.73
  diff -u -r1.72 -r1.73
  --- Announcement	2001/10/04 08:17:36	1.72
  +++ Announcement	2001/10/04 08:40:51	1.73
  @@ -1,84 +1,84 @@
   
                               Apache 1.3.21 Released
   
  -   The  Apache  Software  Foundation  and  The  Apache Server Project are
  -   pleased  to  announce the release of version 1.3.21 of the Apache HTTP
  +   The Apache Software Foundation and The Apache Server Project are
  +   pleased to announce the release of version 1.3.21 of the Apache HTTP
      server.
   
  -   This  version  of  Apache  is principally a security fix release which
  -   closes  some  problems  where  a  directory  listing could be obtained
  +   This version of Apache is principally a security fix release which
  +   closes some problems where a directory listing could be obtained
      instead of the default index page. A summary of the bug fixs and major
      new features is given at the end of this document.
   
  -   We  consider  Apache 1.3.21 to be the best version of Apache available
  -   and  we strongly recommend that users of older versions, especially of
  -   the  1.1.x  and  1.2.x family, upgrade as soon as possible. No further
  +   We consider Apache 1.3.21 to be the best version of Apache available
  +   and we strongly recommend that users of older versions, especially of
  +   the 1.1.x and 1.2.x family, upgrade as soon as possible. No further
      releases will be made in the 1.2.x family.
   
      Apache 1.3.21 is available for download from
      
          http://httpd.apache.org/dist/httpd/
   
  -   Please  see the CHANGES_1.3 file in the same directory for a full list
  +   Please see the CHANGES_1.3 file in the same directory for a full list
      of changes.
   
      Binary distributions are available from
   
          http://httpd.apache.org/dist/httpd/binaries/
   
  -   The  source and binary distributions are also available via any of the
  +   The source and binary distributions are also available via any of the
      mirrors listed at
   
          http://www.apache.org/mirrors/
   
  -   As  of  Apache 1.3.17, Win32 binary distributions are now based on the
  +   As of Apache 1.3.17, Win32 binary distributions are now based on the
      Microsoft Installer (.MSI) technology. This change occured in order to
  -   resolve  the  many problems WinME and Win2K users experienced with the
  -   older   InstallShield-based   installer.exe  file.  While  development
  -   continues  to make this new installation method more robust, questions
  +   resolve the many problems WinME and Win2K users experienced with the
  +   older InstallShield-based installer.exe file.  While development
  +   continues to make this new installation method more robust, questions
      should be directed at the news:comp.infosystems.www.servers.ms-windows
      newsgroup.
   
  -   As  of  Apache 1.3.12 binary distributions contain all standard Apache
  -   modules  as  shared objects (if supported by the platform) and include
  -   full  source  code.  Installation  is  easily  done  by  executing the
  -   included  install  script.  See the README.bindist and INSTALL.bindist
  -   files  for  a  complete  explanation.  Please  note  that  the  binary
  -   distributions  are  only  provided  for  your  convenience and current
  +   As of Apache 1.3.12 binary distributions contain all standard Apache
  +   modules as shared objects (if supported by the platform) and include
  +   full source code.  Installation is easily done by executing the
  +   included install script.  See the README.bindist and INSTALL.bindist
  +   files for a complete explanation.  Please note that the binary
  +   distributions are only provided for your convenience and current
      distributions for specific platforms are not always available.
   
      For an overview of new features introduced after 1.2 please see
      
      http://httpd.apache.org/docs/new_features_1_3.html
   
  -   In  general,  Apache  1.3 offers several substantial improvements over
  -   version  1.2,  including  better  performance, reliability and a wider
  -   range  of  supported  platforms, including Windows 95/98 and NT (which
  -   fall  under  the  "Win32"  label),  OS2,  Netware,  and  TPE  threaded
  +   In general, Apache 1.3 offers several substantial improvements over
  +   version 1.2, including better performance, reliability and a wider
  +   range of supported platforms, including Windows NT and 2000 (which
  +   fall under the "Win32" label), OS2, Netware, and TPE threaded
      platforms.
   
      Apache is the most popular web server in the known universe; over half
  -   of  the  servers  on  the  Internet  are  running Apache or one of its
  +   of the servers on the Internet are running Apache or one of its
      variants.
   
  -   IMPORTANT  NOTE  FOR WIN32 USERS: Over the years, many users have come
  -   to  trust  Apache  as  a secure and stable server. It must be realized
  +   IMPORTANT NOTE FOR WIN32 USERS: Over the years, many users have come
  +   to trust Apache as a secure and stable server. It must be realized
      that the current Win32 code has not yet reached the levels of the Unix
  -   version,  but  is  of  acceptable quality. Win32 stability or security
  +   version, but is of acceptable quality. Win32 stability or security
      problems do not reflect on the Unix version.
   
                             Apache 1.3.21 Major changes
   
     Security vulnerabilities
   
  -     * A  vulnerability  was  found in the Win32 port of Apache 1.3.20. A
  -       client  submitting a very long URI could cause a directory listing
  +     * A vulnerability was found in the Win32 port of Apache 1.3.20.  A
  +       client submitting a very long URI could cause a directory listing
          to be returned rather than the default index page. A 403 Forbidden
          will now be returned
  -     * A  vulnerability was found in the split-logfile support program. A
  +     * A vulnerability was found in the split-logfile support program. A
          request with a specially crafted Host: header could allow any file
          with a .log extension on the system to be written to. PR#7848
  -     * A  vulnerability  was  found when Multiviews are used to negotiate
  +     * A vulnerability was found when Multiviews are used to negotiate
          the directory index. In some configurations, requesting a URI with
          a QUERY_STRING of M=D could return a directory listing rather than
          the expected index page.
  @@ -86,28 +86,28 @@
     New features
   
      The main new features in 1.3.21 (compared to 1.3.20) are:
  -     * The  user  manual  has  been updated. As well as a number of small
  -       fixes  these  updates  include  new  translations  into French and
  -       Japanese,  a  guide  to using Apache httpd on Cygwin, a lexicon of
  -       Apache   error   messages,   updated   TPF  documentation,  and  a
  +     * The user manual has been updated. As well as a number of small
  +       fixes these updates include new translations into French and
  +       Japanese, a guide to using Apache httpd on Cygwin, a lexicon of
  +       Apache error messages, updated TPF documentation, and a
          comprehensive guide to using log files
  -     * The  user manual has been moved out of the htdocs DocumentRoot and
  +     * The user manual has been moved out of the htdocs DocumentRoot and
          is now handled by an Alias directive in a similar way to the icons
          directory
        * The supplied icons are now also distributed in PNG format
  -     * A  significant  overhaul  to  the the Apache Bench program, ab has
  -       taken  place,  as  first  reported  in April. The new Apache Bench
  -       includes fixes, additional statistics, csv and gnuplot output, and
  +     * A significant overhaul to the Apache Bench program, ab has taken
  +       place, as first reported in April. The new Apache Bench includes
  +       fixes, additional statistics, csv and gnuplot output, and some
          SSL support
  -     * New  directives  have  been added to the mod_usertrack module, The
  -       first,   CookieDomain,   can  be  used  to  customise  the  Domain
  -       attribute.  The  patch to add the CookieDomain directive was first
  -       submitted  over two years ago. Historically mod_usertrack has used
  +     * New directives have been added to the mod_usertrack module, The
  +       first, CookieDomain, can be used to customise the Domain
  +       attribute.  The patch to add the CookieDomain directive was first
  +       submitted over two years ago. Historically mod_usertrack has used
          the obsolete Netscape cookie syntax. The new CookieStyle directive
  -       allows  use  of  the  RFC2109  or RFC2965 syntax instead. PR#5023,
  +       allows use of the RFC2109 or RFC2965 syntax instead. PR#5023,
          PR#5920, PR#6140.
        * The server will now display a warning if line-end comments (#) are
  -       found  in  the  configuration file. Not all directives are able to
  +       found in the configuration file. Not all directives are able to
          handle comments on the same line
        * A new directive, AcceptMutex, allows run-time configuration of the
          mutex type used for accept serialization, currently a compile-time
  @@ -117,83 +117,83 @@
          The current list of possible methods is: uslock, pthread, sysvsem,
          fcntl, flock, os2sem, tpfcore, none. Not all platforms support all
          methods
  -     * mod_auth  has  been  enhanced  to allow access to a document to be
  -       controlled  based  on  the owner of the file being served. Require
  -       file-owner   will   only  allow  files  to  be  served  where  the
  -       authenticated  username  matches  the user that owns the document.
  -       Require  file-group works in a similar way checking that the group
  +     * mod_auth has been enhanced to allow access to a document to be
  +       controlled based on the owner of the file being served. Require
  +       file-owner will only allow files to be served where the
  +       authenticated username matches the user that owns the document.
  +       Require file-group works in a similar way checking that the group
          matches
   
      New features that relate to specific platforms:
  -     * A  new  directive,  AcceptFilter,  has  been  added to control BSD
  -       accept  filters  at  run-time.  This should make it easier to move
  -       server  binaries  across  different BSD machines without requiring
  -       recompilation.  Support  for  accept  filters  was  first added to
  +     * A new directive, AcceptFilter, has been added to control BSD
  +       accept filters at run-time.  This should make it easier to move
  +       server binaries across different BSD machines without requiring
  +       recompilation.  Support for accept filters was first added to
          version 1.3.14, the functionality can postpone the requirement for
  -       a  child  process to handle a new connection until an HTTP request
  +       a child process to handle a new connection until an HTTP request
          has arrived, therefore increasing the number of connections that a
          given number of child processes can handle
  -     * On  Win32  mod_unique_id,  mod_mime_magic, and the mod_vhost_alias
  +     * On Win32 mod_unique_id, mod_mime_magic, and the mod_vhost_alias
          modules are now enabled
  -     * On  Win32 the code to allow the server to run under Cygwin has had
  -       a  number  of fixes and updates. Cygwin support was first added to
  -       version 1.3.20
  -     * On  Windows  NT  or  2000,  the  service  display names can now be
  -       modified by the user (use the service control panel applet)
  -     * On Win32 add a new option -W that can set up a service dependancy
  -     * The  server  will now take advantage of recent improvements to the
  -       TPF  operating  system  which  include an enhanced system fork and
  -       exec,  updates  to  allow  non-blocking  file  descriptors, and an
  +     * The Cygwin port includes a number of fixes and updates.  Cygwin 
  +       support was first introduced in version 1.3.20
  +     * On Windows 2000, the service display names can now be modified 
  +       by the user (use the service control panel applet)
  +     * On Win32 a new option -W can be used to set up a dependency on
  +       another service, see win_service.html
  +     * The server will now take advantage of recent improvements to the
  +       TPF operating system which include an enhanced system fork and
  +       exec, updates to allow non-blocking file descriptors, and an
          update to shutdown processing
   
     Bugs fixed
   
  -   The  following bugs were found in Apache 1.3.20 and have been fixed in
  +   The following bugs were found in Apache 1.3.20 and have been fixed in
      Apache 1.3.21:
  -     * Under  certain  circumstances  a  child  may crash due to a bug in
  -       mod_include.  If  a  server uses an ErrorDocument for 404 (request
  -       not  found) errors which points to a server-parsed HTML file which
  -       uses  a  <!--#include  virtual="file"  --> section, then a request
  +     * Under certain circumstances a child may crash due to a bug in
  +       mod_include.  If a server uses an ErrorDocument for 404 (request
  +       not found) errors which points to a server-parsed HTML file which
  +       uses a <!--#include  virtual="file" --> section, then a request
          containing %2f will result in a segfault. The segfault is harmless
  -       and  does  not cause a security problem, but is being triggered by
  +       and does not cause a security problem, but is being triggered by
          the recent IIS worm
  -     * The   Multiviews   functionality   has   been   fixed  to  prevent
  -       mod_negotiation  from  serving any multiview variant that contains
  +     * The Multiviews functionality has been fixed to prevent
  +       mod_negotiation from serving any multiview variant that contains
          unknown filename extensions. PR#8130
        * Apache will prefer installed version of the Expat library over the
  -       bundled  version. This fixes conflicts when multiple copies of the
  -       Expat   library  get  loaded  (notably  when  using  mod_perl  and
  +       bundled version. This fixes conflicts when multiple copies of the
  +       Expat library get loaded (notably when using mod_perl and
          XML::Parsers::Expat)
  -     * UnsetEnv  now  works  from  the main body of a configuration file.
  +     * UnsetEnv now works from the main body of a configuration file.
          PR#8254
  -     * When  used  as  a  reverse  proxy any headers set by other modules
  -       (such  as  mod_usertrack  or mod_securid) now get passed on to the
  +     * When used as a reverse proxy any headers set by other modules
  +       (such as mod_usertrack or mod_securid) now get passed on to the
          back-end server. PR#6055
        * Server response headers can now be logged via the proxy. PR#7461
  -     * mod_proxy  will now pay attention to HTTP headers that specify the
  +     * mod_proxy will now pay attention to HTTP headers that specify the
          request is not to be cached. PR#5668
  -     * When  a  client  making a request via mod_proxy died unexpectedly,
  +     * When a client making a request via mod_proxy died unexpectedly,
          mod_proxy did not close its connection. PR#8090
  -     * The  CacheForceCompletion  directive  has  been  fixed  PR#7383  ,
  -       PR#8067 , PR#6585
  +     * The CacheForceCompletion directive has been fixed PR#7383,
  +       PR#8067, PR#6585
        * A memory leak has been fixed in the mod_mime_magic module
  -     * A  Satisfy  All  option  has  been  added to the default container
  -       designed   to   stop  access  to  .htaccess  files.  Without  this
  -       directive,  these files could still be fetched if they were within
  +     * A Satisfy All option has been added to the default container
  +       designed to stop access to .htaccess files.  Without this
  +       directive, these files could still be fetched if they were within
          the scope of a Satisfy Any directive.
   
      The following bugs relate to specific platforms:
  -     * A  number  of  fixes  for  NetWare have been added. These include:
  -       enabling  long  file  names  in  htpasswd and htdigest, protection
  -       against   ill   behaved   modules,  better  handling  of  abnormal
  +     * A number of fixes for NetWare have been added. These include:
  +       enabling long file names in htpasswd and htdigest, protection
  +       against ill behaved modules, better handling of abnormal
          shutdowns, dealing with the limited stack space during server side
  -       includes,  and recognising special filenames such as proxy:http://
  +       includes, and recognising special filenames such as proxy:http://
          correctly
  -     * A  shutdown  hang  could occur on Solaris when using lots of piped
  +     * A shutdown hang could occur on Solaris when using lots of piped
          TransferLogs and at least one piped ErrorLog
        * On EBCDIC platforms a bug in the proxy module stopped SSL proxying
          working
  -     * On  Win32,  mod_unique_id  did  not  guarantee  a unique ID due to
  +     * On Win32, mod_unique_id did not guarantee a unique ID due to
          threading
  -     * The  Win32  Makefiles  are  now 100% compatible with the Microsoft
  +     * The Win32 Makefiles are now 100% compatible with the Microsoft
          Visual C++ compiler versions 5,6,7
  
  
  

Mime
View raw message