httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject svn commit: r564559 [2/2] - /httpd/httpd/trunk/CHANGES
Date Fri, 10 Aug 2007 11:32:49 GMT

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?view=diff&rev=564559&r1=564558&r2=564559
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri Aug 10 04:32:49 2007
@@ -1,6 +1,5 @@
                                                         -*- coding: utf-8 -*-
 Changes with Apache 2.3.0
-  [Remove entries to the current 2.0 and 2.2 section below, when backported]
 
   *) mod_deflate: fix content_encoding detection in inflate_out filter
      when it's not in response headers table.
@@ -759,15055 +758,18 @@
      match for scheme and host, but case sensitive for the rest of
      the path. [Jim Jagielski, Ruediger Pluem]
 
-Changes with Apache 2.1.9
 
-  *) Add mod_authn_dbd (SQL-based  authentication) [Nick Kew]
-
-  *) mod_proxy_ajp: Do not spool the entire response from AJP backend before
-     sending it up the filter chain. PR37100.  [Ruediger Pluem]
-
-  *) mod_cache: Create new filters CACHE_OUT_SUBREQ / CACHE_SAVE_SUBREQ which
-     only differ by the type from CACHE_OUT / CACHE_SAVE to ensure that
-     subrequests to non local resources work again. [Ruediger Pluem]
-
-  *) mod_proxy: Do not lowercase the entire worker name of a BalancerMember
-     since this breaks case sensitive URI's. PR36906.  [Ruediger Pluem]
-
-  *) core: AddOutputFilterByType is ignored for proxied requests. PR31226.
-     [Joe Orton, Ruediger Pluem]
-
-  *) mod_proxy_http: Prevent data corruption of POST request bodies when
-     client accesses proxied resources with SSL. PR37145.
-     [Ruediger Pluem, William Rowe]
-
-  *) mod_proxy_balancer: BalancerManager and proxies correctly handle
-     member workers with paths. PR36816. [Ruediger Pluem, Jim Jagielski]
-
-  *) mod_log_config: %{hextid}P will log the thread id in hex with APR
-     versions 1.2.0 or higher.  [Jeff Trawick]
-
-  *) httpd.exe/apachectl -V: display the DYNAMIC_MODULE_LIMIT setting, as
-     in 1.3.  [Jeff Trawick]
-
-  *) Support dbd connections tied to the conn_rec [Nick Kew]
-
-  *) Move mod_dbd to /modules/database/ [Nick Kew]
-
-  *) Move mod_filter and mod_charset_lite to /modules/filters/ [Nick Kew]
-
-  *) Fix mod_dbd's config [Brian J. France <list firehawksystems.com>]
-
-  *) mod_proxy_ajp: mod_proxy_ajp sends empty SSL attributes for non SSL
-     connections. PR36883.
-     [William Barker <william.barker wilshire.com>, Ruediger Pluem]
-
-  *) Elimiated the NET_TIME filter, restructuring the timeout logic.
-     This provides a working mod_echo on all platforms, and ensures any
-     custom protocol module is at least given an initial timeout value
-     based on the <VirtualHost > context's Timeout directive.
-     [William Rowe]
-
-  *) mod_proxy: Run the request_status hook also if there are no free workers
-     or all workers are in error state.
-     [Ruediger Pluem, Brian Akins <brian.akins turner.com>]
-
-  *) mod_proxy_balancer: mod_proxy_balancer does not handle sticky sessions
-     with tomcat correctly. PR36507. [Ruediger Pluem]
-
-  *) mod_proxy_connect: Fix high CPU loop on systems like UnixWare which
-     trigger POLL_ERR or POLL_HUP on a terminated connection.  PR 36951.
-     [Jeff Trawick, Ruediger Pluem]
-
-  *) SECURITY: CVE-2005-2970 (cve.mitre.org)
-     worker MPM: Fix a memory leak which can occur after an aborted
-     connection in some limited circumstances.  [Greg Ames]
-
-  *) Doxygen fixup [Neale Ranns <neale ranns.org>, Ian Holsman]
-
-  *) mod_cache/mod_dir: Correct a subrequest lookup bug which was preventing
-     mod_dir from serving indexes correctly with mod_cache enabled. 
-     [Colm MacCarthaigh]
-
-Changes with Apache 2.1.8
-
-  *) Fix lingering close implementation to match 1.3.x behaviour.
-     PR 35292.  [Joe Orton]
-
-  *) mod_ssl: Support limited buffering of request bodies to allow 
-     per-location renegotiation to proceed.  PR 12355.  [Joe Orton]
-
-  *) Fix regression since 2.0.x in AllowOverride Options handling. 
-     PR 35330.  [kabe <kabe sra-tohoku.co.jp>]
-
-  *) mod_ssl: Fix memory leak in ssl_util_algotypeof().
-     PR 25659.  [David Blake <dblake hp com>, Martin Kraemer]
-
-  *) prefork, worker and event MPMs: Support a graceful-stop procedure:
-     Server will wait until existing requests are finished or until  
-     "GracefulShutdownTimeout" number of seconds before exiting. 
-     [Colm MacCarthaigh, Ken Coar, Bill Stoddard]
-
-  *) prefork, worker and event MPMs: Prevent children from holding open 
-     listening ports upon graceful restart or stop. PR 28167. 
-     [Colm MacCarthaigh, Brian Pinkerton <bp thinkpink.com>]
-
-  *) SECURITY: CVE-2005-2700 (cve.mitre.org)
-     mod_ssl: Fix a security issue where "SSLVerifyClient" was not
-     enforced in per-location context if "SSLVerifyClient optional"
-     was configured in the vhost configuration.  [Joe Orton]
-
-  *) mod_ssl: Catch parse errors from misconfigured or malformed
-     CRLs.  PR 36438.  [Joe Orton]
-
-  *) mod_proxy/mod_proxy_balancer: lbmethods now implemented as
-     providers. Prevent problems when no Vhost containers were
-     configured with proxy balancers. [Jim Jagielski]
-
-  *) New provider function to list all available provider names in a
-     specific group and version (ap_list_provider_names). [Jim Jagielski]
-
-  *) mod_cache: Enhance CacheEnable/CacheDisable to control caching on a
-     per-protocol, per-host and per-path basis. Intended for proxy
-     configurations. [Colm MacCarthaigh]
-
-  *) mod_disk_cache: Canonicalise the storage key, for improved hit/miss
-     ratio. [Colm MacCarthaigh]
-
-  *) mod_cgid: Append .PID to the script socket filename and remove the
-     script socket on exit. [Colm MacCarthaigh, Jim Jagielski]
-
-  *) mod_cgid: run the get_suexec_identity hook within the request-handler 
-     instead of within cgid. PR 36410. [Colm MacCarthaigh]
-
-  *) Linux 2.0: remove support for threaded MPM's due to linuxthreads use
-     of SIGUSR1 clashing with graceful restart signal. [Colm MacCarthaigh]
-
-Changes with Apache 2.1.7
-
-  *) SECURITY: CVE-2005-2491 (cve.mitre.org): 
-     Fix integer overflows in PCRE in quantifier parsing which could
-     be triggered by a local user through use of a carefully-crafted 
-     regex in an .htaccess file.  [Philip Hazel]
-
-  *) mod_proxy/mod_proxy_balancer: Provide a simple, functional
-     interface to add additional balancer lb selection methods
-     without requiring code changes to mod_proxy/mod_proxy_balancer;
-     these can be implemented via sub-modules now. [Jim Jagielski]
-
-  *) mod_cache: Fix incorrectly served 304 responses when expired cache
-     entity is valid, but cache is unwritable and headers cannot be
-     updated.  [Colm MacCarthaigh <colm stdlib.net>]
-
-  *) mod_cache: Remove entities from the cache when re-validation
-     receives a 404 or other content-no-longer-present error.
-     [Rüdiger Plüm ruediger.pluem vodafone.com]
-
-  *) mod_disk_cache: Properly remove files from cache when needed.
-     [Rüdiger Plüm ruediger.pluem vodafone.com]
-
-  *) mod_disk_cache: Support htcacheclean removing directories.
-     [Andreas Steinmetz]
-
-  *) htcacheclean: Add -t option to remove empty directories.
-     [Colm MacCarthaigh <colm stdlib.net>]
-
-  *) Remove the base href tag from mod_proxy_ftp, as it breaks relative
-     links for clients not using an Authorization header. [Graham Leggett,
-     Jon Snow <jsnow27 gatesec.net>]
-
-  *) mod_cache: Restore the HTTP status of cached responses.
-     [Hansjoerg Pehofer <hansjoerg.pehofer uibk.ac.at>]
-
-  *) mod_cache: Store varied contents all in the same prefix for a varied URI.
-     [Paul Querna]
-
-  *) mod_cache: Run the CACHE_SAVE and CACHE_OUT Filters after other content
-     filters. [Paul Querna]
-
-  *) mod_negotiation: Correctly report 404 instead of 403 for missing files.
-     [Paul Querna]
-
-  *) new hook (request_status) that gets ran in proxy_handler just before 
-     the final return.  This gives modules an opportunity to do something 
-     based on the proxy status. (minor MMN bump)
-     [Brian Akins <bakins turner.com>, Ian Holsman]
-
-  *) Add additional SSLSessionCache option, 'nonenotnull', which is
-     similar to 'none' (disabling any external shared cache) but forces
-     OpenSSL to provide a non-null session ID.  [Jim Jagielski]
-
-  *) Add httxt2dbm to support/ for creating RewriteMap DBM Files.
-     [Paul Querna]
-
-  *) Add SSL_COMPRESS_METHOD variable (included in +StdEnvVars) to note
-     the negotiated compression.  [Georg v. Zezschwitz <gvz 2scale.de>]
-
-  *) Fixed complaints about unpackaged files within the RPM build
-     after changes to the config files. [Graham Leggett]
-
-  *) Fix shutdown for the Worker MPM when an Accept Filter is used. Instead of 
-     just closing the socket, a HTTP request is made, to make sure the child is 
-     always awakened. [Paul Querna]
-
-Changes with Apache 2.1.6
-
-  *) Fix htdbm password validation for records which included comments.
-     [Eric Covener <covener gmail.com>]
-
-  *) mod_cgid: Fix buffer overflow processing ScriptSock directive.
-     [Steve Kemp <steve steve.org.uk>]
-
-Changes with Apache 2.1.5
-
-  *) mod_ssl: Setting the Protocol to 'https' can replace the use of the 
-     'SSLEngine on' command. [Paul Querna]
-
-  *) core: Refactor the mapping of Accept Filters to Sockets. Add the 
-     AcceptFilter and Protocol directives to aid in mapping filter types.
-     Extend the Listen directive to optionally take a protocol name.
-     [Paul Querna]
-
-  *) mod_disk_cache: Support storing multiple variations of one URL. PR 35211.
-     [Paul Querna]
-
-  *) mod_disk_cache: Atomically create the header data file. [Paul Querna]
-
-  *) mod_cache: Fix 'Vary: *' behavior to be RFC compliant. PR 16125. 
-     [Paul Querna]
-
-  *) mod_cache: Rename 'generate_name' to 'ap_cache_generate_name'. 
-     [Paul Querna]
-
-  *) mod_mime_magic: Handle CRLF-format magic files so that it works with
-     the default installation on Windows.  [Jeff Trawick]
-
-  *) core: Allow multiple modules to register interest in a single 
-     configuration command. [Paul Querna]
-
-  *) authn_provider_alias: Adds the configuration block tag
-     <AuthnProviderAlias baseProvider Alias>
-     Authentication directives contained within this block can be
-     referenced as a new authProvider using the AuthBasicProvider or
-     AuthDigestProvider directive.  These directives will be merged in to
-     the per_dir configuration just before the base provider is called.
-     [Brad Nicholes]
-
-  *) ap_getword_conf: Fix backslashes at the end of configuration directives. 
-     PR 34834. [Timo Viipuri <viipuri dlc.fi>]
-
-  *) mod_dbd: New additions: mod_dbd.c, mod_dbd.h, mod_dbd.xml
-     Provide module hooks for apr_dbd; optimise for httpd
-     threaded and non-threaded arch [Nick Kew]
-
-  *) ab: SSL support rewritten, improved, and enabled if SSL is enabled
-     during the build; -f and -Z arguments added to specify SSL protocol
-     options.  [Masaoki Kobayashi <masaoki techfirm.co.jp>]
-
-  *) mod_info: Show the Quick Handler [Paul Querna]
-
-  *) mod_ldap: Add the directive LDAPVerifyServerCert to specify 
-     whether to force verification of the server certificate when
-     establishing an SSL connection to the LDAP server. 
-     [Brad Nicholes]
-     
-  *) mod_proxy: Run mod_rewrite before mod_proxy in the translate_name
-     hook. [Paul Querna]
-
-  *) Add AP_INIT_TAKE_ARGV for configuration commands. (minor MMN bump) 
-     [Paul Querna]
-
-  *) ap_get_local_host() rewritten for APR. [Jim Jagielski]
-
-  *) Add the ap_vhost_iterate_given_conn function to expose the information
-     used in Name Based Virtual Hosting. (minor MMN bump)
-     [Paul Querna]
-
-  *) Remove the never working ap_method_list_do and ap_method_list_vdo.
-     [Paul Querna]
-
-  *) Added makefile and doc for building mod_ssl on the NetWare 
-     platform. [Guenter Knauf, Brad Nicholes]
-  
-  *) mod_deflate: Merge the Vary header, isntead of Setting it. Fixes
-     applications that send the Vary Header themselves, and also apply 
-     mod_deflate as an output filter. [Paul Querna]
-
-  *) Change the default (when not present in the config file) setting
-     for UseCanonicalName to Off.
-     [Joshua Slive]
-
-  *) mod_userdir: The module no longer does any remapping unless the
-     UserDir directive is present in the config file.
-     [Joshua Slive]
-
-  *) Massively simplify the distributed httpd.conf by removing
-     many features and many directives that are at their default
-     setting.  Add a selection of example config excerpts for adding
-     extra features in the conf/extra/ directory.  Install the
-     distributed config and the extra config examples in the
-     conf/original/ directory during make install.
-     [Joshua Slive, Justin Erenkrantz]
-
-  *) NetWare: Reposition mod_asis, mod_actions, mod_cgi, mod_imagemap,
-     mod_userdir and mod_autoindex as shared modules rather than 
-     built-in modules within the NetWare build.
-     [Brad Nicholes]
-
-  *) Rename mod_imap to mod_imagemap.
-     [Paul Querna]
-
-  *) util_ldap: Eliminate the load ordering of mod_ldap and mod_authnz_ldap
-     by changing the mod_ldap exported functions to optional functions.
-     [Brad Nicholes]
-
-Changes with Apache 2.1.4
-
-  *) Don't let a subrequest inherit headers describing the original request's
-     body.  [Greg Ames]
-
-  *) Fix Windows CompContext buff size miscalculation
-     [Allan Edwards]
-
-  *) Add ReceiveBufferSize directive to control the TCP receive buffer.
-     [Eric Covener <covener gmail.com>]
-
-  *) mod_proxy: Add proxy-sendextracrlf option to send an extra CRLF at the
-     end of the request body to work with really old HTTP servers.
-     [Justin Erenkrantz]
-
-  *) util_ldap: Keep track of the number of attributes retrieved from 
-     LDAP so that all the values can be properly cached even if the 
-     value is NULL. PR 33901 [Brad Nicholes]
-
-  *) mod_cache: Fix error where incoming Cache-Control would be ignored.
-     [Justin Erenkrantz]
-
-  *) mod_cache: Correctly handle originally conditional requests.
-     [Sander Striker]
-
-  *) mod_disk_cache: Correctly update cached headers on revalidated responses.
-     [Sander Striker, Justin Erenkrantz]
-
-  *) worker MPM/mod_status: Support per-worker tracking of pid and
-     generation in the scoreboard so that mod_status can accurately
-     represent workers in processes which are gracefully terminating.
-     (major MMN bump)
-     [Jeff Trawick]
-
-  *) Correctly export all mod_dav public functions.
-     [Branko Čibej <brane xbc.nu>]
-
-Changes with Apache 2.1.3
-
-  *) mod_ssl: Add ssl_ext_lookup optional function for accessing
-     certificate extensions.   [David Reid, Joe Orton]
-
-  *) Add support for use of an external PCRE library; pass the
-     --with-pcre flag to configure.  PR 27550.  [Joe Orton,
-     Andres Salomon <dilinger voxel.net>]
-
-  *) Renamed regex interfaces to be namespace-safe, and moved from
-     pcreposix.h header to ap_regex.h: regex_t->ap_regex_t,
-     regmatch_t->ap_regmatch_t; REG_*->AP_REG_*; functions
-     reg*->ap_reg*.  PR 27550.  [Andres Salomon <dilinger voxel.net>,
-     Joe Orton]
-
-  *) Only recompile buildmark.c when we have to relink httpd.
-     [Justin Erenkrantz]
-
-  *) mod_cache: Fix up handling of revalidated responses.
-     [Justin Erenkrantz]
-
-  *) mod_disk_cache: Properly load cached ETag from on-disk structures.
-     [Justin Erenkrantz]
-
-  *) mod_authnz_ldap: Added an optional second parameter to AuthLDAPURL
-     to allow it to override the connection type set in mod_ldap. This
-     parameter can be set to NONE, SSL or TLS | STARTTLS.
-     [Brad Nicholes]
-
-  *) Fix --with-apr=/usr and/or --with-apr-util=/usr.  PR 29740.
-     [Max Bowsher <maxb ukf.net>]
-
-  *) mod_proxy: Fix ProxyRemoteMatch directive.  PR 33170.
-     [Rici Lake <rici ricilake.net>]
-
-  *) mod_proxy: Fix ap_proxy_canonenc API.
-     PR 32459. [Jim Jagielski]
-
-  *) mod_cache: Add CacheStorePrivate and CacheStoreNoStore directive.
-     [Justin Erenkrantz]
-
-  *) Add --enable-pie flag to configure, to build httpd as a Position
-     Independent Executable where supported (GCC/binutils).
-     [Joe Orton]
-
-  *) proxy_balancer: Add in load-balancing via weighted traffic
-     byte count. [Jim Jagielski]
-
-  *) mod_disk_cache: Cache r->err_headers_out headers.  This allows CGI
-     scripts to be properly cached.  [Justin Erenkrantz, Sander Striker]
-
-  *) mod_ldap: Updated to use the new apr-util v1.1 apr_ldap_*_option()
-     API for the setting of server and client SSL certificates. Replaced
-     LDAPTrustedCA directive with LDAPTrustedGlobalCert and
-     LDAPTrustedClientCert directives to correctly support global certs
-     (CA certs / Netware client certs) and per connection client certs
-     as supported by Netware, OpenLDAP and Netscape/Mozilla.
-     [Graham Leggett]
-
-  *) mod_cache: Remove unimplemented CacheForceCompletion directive.
-     [Justin Erenkrantz]
-
-  *) support/check_forensic: Fix temp file usage
-     [Javier Fernandez-Sanguino Pen~a <jfs computer.org>]
-
-  *) mod_ssl: Add SSLCADNRequestFile and SSLCADNRequestPath directives
-     which can be used to configure a specific list of CA names to send
-     in a client certificate request.  PR 32848. 
-     [Tim Taylor <tim.taylor dfas.mil>]
-
-  *) --with-module can now take more than one module to be statically
-     linked: --with-module=<modtype>:<modfile>,<modtype>:<modfile>,...
-     If the <modtype>-subdirectory doesn't exist it will be created and
-     populated with a standard Makefile.in.  [Erik Abele]
-
-  *) Remove some compiler warnings within the LDAP modules [Graham Leggett]
-
-  *) Add a build script to create a solaris package. [Graham Leggett]
-
-  *) ap_http_scheme() replaced with ap_http_method() - this function
-     returns the scheme (http v.s. https).
-     [William Rowe]
-
-  *) mod_proxy: Fix a request corruption problem and a buffering problem
-     which sometimes prevented proxy-sendchunks from working.
-     [Jeff Trawick]
-
-  *) Fix the RPM spec file so that an RPM build now works. An RPM
-     build now requires system installations of APR and APR-util.
-     [Graham Leggett]
-
-  *) Significantly simplify the load balancer scheduling algorithm
-     for the proxy BalancerMember weighting. loadfactors (lbfactors)
-     are now normalized with respect to each other. [Jim Jagielski]
-
-  *) mod_dumpio: Added to the available module suite; it is an
-     I/O logging/dumping module. Placed in the (new) debug module
-     subdirectory. mod_bucketeer moved to that directory as well.
-     [Jim Jagielski]
-
-  *) core: Add support for APR_TCP_DEFER_ACCEPT to defer accepting
-     of a connection until data is available.
-     [Paul Querna]
-
-Changes with Apache 2.1.2
-
-  *) mod_proxy: Respect errors reported by pre_connection hooks.
-     [Jeff Trawick]
-
-  *) core: Error out on sections that are missing an argument instead of
-     silently consuming the section. PR 25460.
-     [Geoffrey Young, Paul Querna]
-
-  *) mod_cache/mod_mem_cache/mod_disk_cache: Move out of experimental.
-
-  *) Upgraded PCRE to version 5.0. [Brian Pane]
-
-  *) mod_cgid: Catch configuration problem where two web server instances
-     share same ServerRoot but admin forgot to use ScriptSock.
-     [Jeff Trawick]
-
-  *) mod_cgi: Ensure that all stderr is logged for a script which returns
-     a Location header to generate a non-local redirect.  PR 20111.
-     [Joe Orton]
-
-  *) Added the Event MPM to more efficiently handle clients during a 
-     Keep Alive request.
-     [Paul Querna, Greg Ames]
-
-Changes with Apache 2.1.1
-
-  *) mod_proxy_http: Stream content better - always flush buffered data to
-     the client before blocking waiting for new data.  PR 19954.
-     [Joe Orton]
-
-  *) mod_ssl: Add support for command-line option "-t -DDUMP_CERTS" which
-     will dump the filenames of all configured SSL certificates to stdout.
-     [Joe Orton]
-
-  *) mod_disk_cache: Remove a bunch of non-implemented garbage collection
-     and cache size directives that are now available through htcacheclean.
-     [Justin Erenkrantz]
-
-  *) Add htcacheclean to support/ for assistance with mod_disk_cache.
-     [Andreas Steinmetz]
-
-  *) mod_authnz_ldap: Added the directive "Requires ldap-filter" that
-     allows the module to authorize a user based on a complex LDAP
-     search filter.  [Brad Nicholes]
-
-  *) mod_usertrack: Run the fixups hook before other modules.
-     PR 29755.  [Paul Querna]
-
-  *) Allow mod_authnz_ldap authorization functionality to be used 
-     without requiring the user to also be authenticated through 
-     mod_authnz_ldap. This allows other authentication modules to 
-     take advantage of LDAP authorization only [PR 28253]
-     [Jari Ahonen jah progress.com, Brad Nicholes]
-     
-  *) Log the client IP address when an error occurs disabling nagle on a
-     connection, but log at a severity of debug since this error 
-     generally means that the connection was dropped before data was
-     sent.  Log the client IP address when reporting errors in the core
-     output filter.  [Jeff Trawick]
-
-  *) core: Add a warning message if the request line read fails.
-     [Paul Querna]
-
-  *) mod_rewrite: Removed the MaxRedirects option in favor of the
-     core LimitInternalRecursion directive.  [André Malo]
-
-  *) mod_info: Added listing of the Request Hooks and added more build 
-     information like 'httpd -V' contains. Changed output to XHTML. 
-     [Paul Querna]
-
-  *) mod_info: Rewrote config tree walk using a recursive function.
-     Added ?config option. Added printout of config filename and line numbers.
-     [Rici Lake <rici ricilake.net>, Paul Querna]
-
-  *) mod_proxy: Fix type error that prevents proxy-sendchunks from working.
-     [Justin Erenkrantz]
-
-  *) mod_proxy: Fix data corruption by properly setting aside buckets.
-     [Justin Erenkrantz]
-
-  *) mod_proxy: If a request has a blank body and has a 0 Content-Length
-     headers, pass that to the proxy.  [Justin Erenkrantz]
-
-  *) Recognize QSA flag in mod_rewrite again.
-     [Jan Kratochvil <rcpt-dev.AT.httpd.apache.org jankratochvil.net>]
-
-  *) Restructured mod_auth_ldap to fit the new authentication model.
-     The module is now called authnz_ldap and has been moved out of
-     the modules/experimental area and into modules/aaa with the other
-     auth modules.  Both the authn_ldap provider and the authz_ldap
-     handler are contained within the authnz_ldap module.  The 
-     authz_ldap handler introduces 3 new "requires" values for handling
-     authorization.  These handlers are ldap-user, ldap-group and 
-     ldap-dn. [Brad Nicholes]
-
-  *) Fix some compiler warnings in proxy
-     [Geoffrey Young <geoff@modperlcookbook.org>]
-
-  *) mod_ssl: Add SSL_CLIENT_V_REMAIN variable, representing the
-     number of days until the client cert expires.  [Joe Orton]
-
-  *) Add test_config hook, run only if httpd is invoked using -t.
-     [Joe Orton]
-
-  *) Improve error handling for corrupted pid files.  [Jeff Trawick]
-
-  *) mod_proxy.c and proxy_util.c: Enable compiling on 2.0-HEAD 
-     (for backwards compatibility):
-     Avoids mod_ssl.h (not included in 2.0-HEAD) and
-     use apr_socket_create_ex for 0.9.x 
-     [Mladen Turk]
-
-  *) Added proxy_ajp.c module for proxy support to ajp:// backends.
-     [Jean Frederic Clere]
-
-  *) Fixes the build of proxy on Windows. Since the proxy_module is declared
-     as extern using AP_MODULE_DECLARE_DATA that expands to dllexport, there
-     is a LNK2001 error when building proxy_http. [Mladen Turk]
-
-  *) Remove LDAP toolkit specific code from util_ldap and mod_auth_ldap.
-     [Graham Leggett]
-
-  *) Remove deprecated/removed APR_STATUS_IS_SUCCESS().  [Justin Erenkrantz]
-
-  *) perchild MPM: Fix thread safety problem in the use of longjmp().
-     [Tsuyoshi SASAMOTO <nazonazo super.win.ne.jp>]
-
-  *) Add load balancer support to the scoreboard in preparation for
-     load balancing support in mod_proxy. [Mladen Turk]
-
-  *) mod_nw_ssl: Added the directive NWSSLUpgradeable to mod_nw_ssl to 
-     allow a non-secure connection to be upgraded to secure connections
-     [Brad Nicholes]
-     
-  *) core: Add Options= syntax to AllowOverride to specify which options
-     may be overridden in .htaccess files. PR 29310.
-     [Tom Alsberg <alsbergt cs.huji.ac.il>, Paul Querna]
-
-  *) ab: Handle long URLs with an error instead of an buffer overflow.
-     PR 28204. [Erik Weide <erik.weidel mplus-technologies.de>, Paul Querna]
-
-  *) mod_so, core: Add new command line options to print all loaded
-     modules. '-t -D DUMP_MODULES' and '-M' will show all static 
-     and shared modules as loaded from the configuration file.
-     [Paul Querna]
-
-  *) mod_autoindex: Add ShowForbidden to IndexOptions to list files
-     that are not shown because the subrequest returned 401 or 403. 
-     PR 10575.  [Paul Querna]
-
-  *) mod_headers: implement "Early" processing option in post_read_request
-     to enable Header and RequestHeader directives to be used to set up
-     testcases for pre-fixups request phases [Nick Kew]
-
-  *) mod_proxy: multiple bugfixes, principally support cookies in
-     ProxyPassReverse, and don't canonicalise URL passed to backend.
-     Documentation correspondingly updated. [Nick Kew <nick webthing.com>]
-
-  *) mod_deflate: support gzip flags in inflate_out_filter
-     [Nick Kew <nick webthing.com>]
-
-  *) Drop the ErrorHeader directive which turned out to be a misnomer.
-     Instead there's a new optional flag for the Header directive
-     ('always'), which keeps the former ErrorHeader functionality.
-     [André Malo]
-
-  *) mod_deflate: Don't deflate responses with zero length 
-     e.g. proxied 304's [Allan Edwards]
-
-  *) <IfModule> now recognizes the module identifier in addition to the
-     file name. PR 29003.  [Edward Rudd <eddie omegaware.com>, André Malo]
-
-  *) mod_ssl: Add "SSLHonorCipherOrder" directive to enable the
-     OpenSSL 0.9.7 flag which uses the server's cipher order rather
-     than the client's.  PR 28665.
-     [Jim Schneider <jschneid netilla.com>]
-
-  *) mod_ssl: Drop support for the CompatEnvVars argument to
-     SSLOptions, which was never actually implemented in 2.0.
-     [Joe Orton]
-
-  *) Fix bug in mod_deflate that unconditionally sent deflate'd output
-     even when Accept-Encoding is not present.  [Justin Erenkrantz]
-
-  *) Pass environment variables through to piped loggers and start
-     them via the shell, resolving regressions since 1.3.  PR 28815
-     [Ken Coar, Jeff Trawick]
-
-  *) External rewrite map responses are no longer limited to 2048
-     bytes.  [André Malo]
-
-  *) Proxy server was deleting cookies that Apache had already
-     assigned if the origin server had set any cookies. PR 27023.
-     [Jim Jagielski]
-
-  *) Removed old and unmaintained ap_add_named_module API and changed
-     the following APIs to return an error instead of hard exiting:
-     ap_add_module, ap_add_loaded_module, ap_setup_prelinked_modules,
-     and ap_process_resource_config.  [André Malo]
-
-  *) mod_headers: Allow %% in header values to represent a literal %.
-     [André Malo]
-
-  *) mod_headers: Allow env clauses also for 'echo' and 'unset' actions.
-     [André Malo]
-
-  *) mod_headers: Allow 'echo' also for ErrorHeaders.  [André Malo]
-
-  *) mod_deflate: New option for DEFLATE output file (force-gzip),
-     new output filter 'INFLATE' for uncompressing responses.
-     [Nick Kew <Nick at WebThing dot com>, Ian Holsman]
-
-  *) Added new module mod_version, which provides version dependent
-     configuration containers.  [André Malo]
-
-  *) mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
-     format is used.  PR 27787.  [André Malo]
-
-  *) Allow Digest providers to return AUTH_DENIED to propagate a 401
-     status and terminate the provider chain prior to checking the password.
-     [Geoffrey Young]
-
-  *) mod_cgid: Don't allow Scriptsock to be specified inside VirtualHost;
-     Don't place script socket inside default server root instead of
-     actual server root.  PR 27886.  [Jeff Trawick]
-
-  *) mod_proxy: Fix handling of non-200 success status codes when
-     "ProxyErrorOverride On" is configured.  PR 20183.
-     [Marcus Janson <marcus.janson tre.se>, Joe Orton]
-
-  *) Threaded MPMs for Unix and Win32: Add support for ThreadStackSize 
-     directive (previously NetWare-only) to override default thread 
-     stack size for threads which handle client connections.  Required 
-     for some third-party modules on platforms with small default 
-     thread stack size.  [Jeff Trawick]
-
-  *) minor mod_auth_basic and mod_auth_digest sync.  mod_auth_basic
-     now populates r->user with the (possibly unauthenticated) user,
-     and mod_auth_digest returns 500 when a provider returns
-     AUTH_GENERAL_ERROR.
-     [Geoffrey Young]
-
-  *) The whole codebase was relicensed and is now available under
-     the Apache License, Version 2.0 (http://www.apache.org/licenses).
-     [Apache Software Foundation]
-
-  *) Delete some make-generated files in the server directory during 
-     "make clean" processing.  PR 26552.  [Jeff Trawick]
-
-  *) Add core version query function (ap_get_server_revision) and
-     accompanying ap_version_t structure (minor MMN bump).
-     [André Malo]
-
-  *) mod_rewrite: EOLs sent by external rewritemaps are now consumed
-     as whole. That way, on systems with more than one EOL character
-     rewritemap programs no longer need to switch stdout to binary
-     mode. PR 25635.  [André Malo]
-
-  *) mod_rewrite: Introduce the ability to force a content handler via
-     the [handler=...] flag.  [André Malo]
-
-  *) mod_rewrite: Introduce the RewriteCond -x check, which returns
-     true if the pattern is a file with execution permissions.
-     [André Malo]
-
-  *) mod_rewrite: Allow proxying and RewriteRules in directory context
-     for subrequests.  PR 14648, 15114.  [André Malo]
-
-  *) mod_rewrite: Allow setting of any valid HTTP response code.
-     PR 25917.  [André Malo]
-
-  *) mod_rewrite: Cookie creation now works locale independent.
-     [André Malo]
-
-  *) mod_ssl: Add support for distributed session cache using 'distcache'.
-     [Geoff Thorpe <geoff geoffthorpe.net>]
-
-  *) mod_dav: Disallow requests with an unescaped hash character in
-     the Request-URI.  PR 21779.  [Amit Athavale <amit_athavale lycos.com>]
-
-  *) mod_proxy with ProxyErrorOverride On in a reverse-proxy configuration
-     attaches a body to the 302 response and a wrong Content-Length header.
-     PR: 22951 [Ermanno Scaglione scaglione ..at.. starnetone.de]
-
-  *) Bring ErrorHeader concept forward from 1.3, so that response
-     header fields can be set for return even on errors or external
-     redirects.  [Ken Coar]
-
-  *) Fix <Limit> and <LimitExcept> parsing to require a closing '>' 
-     in the initial container.  PR 25414. 
-     [Geoffrey Young <geoff apache.org>]
-
-  *) Clean up httpd -V output: Instead of displaying the MPM source
-     directory, display the MPM name and some MPM properties.
-     [Geoffrey Young <geoff apache.org>]
-
-  *) mod_ssl/mod_status: Re-enable support for output of SSL session
-     cache information in server-status page.  [Joe Orton]
-
-  *) mod_ssl: Remove the shmht session cache, shmcb should be used
-     instead.  [Joe Orton]
-
-  *) mod_logio: Account for some bytes handed to the network layer prior to
-     dropped connections.  [Jeff Trawick]
-
-  *) mod_autoindex: new directive IndexStyleSheet 
-    [Tyler Riddle <triddle_1999 yahoo.com>, Paul Querna <chip force-elite.com>]
-
-  *) Fix uninitialized gprof directory name in prefork MPM.  PR 24450.
-     [Chris Knight <Christopher.D.Knight nasa.gov>]
-
-  *) Log an error when requests for URIs which fail to map to a valid 
-     filesystem name are rejected with 403.  [Jeff Trawick]
-
-  *) Switch to APR 1.0 API.
-
-  *) Major overhaul of mod_include's filter parser. The new parser code
-     is expected to be more robust and should catch all of the edge cases
-     that were not handled by the previous one. This includes a binary
-     incompatible change of mod_include's external API.  [André Malo]
-
-  *) mod_rewrite: Allow forced mimetypes [T=...] to get expanded.
-     PR 14223.  [André Malo]
-
-  *) mod_rewrite: Fix LA-U and LA-F lookups in directory context. Previously
-     the current rewrite state was just used as lookup path, which lead to
-     strange and often useless results. Related to PR 8493.  [André Malo]
-
-  *) Change Listen directive to bind to all addresses when a hostname is
-     not specified.  [Justin Erenkrantz]
-
-  *) Correct failure with Listen directives on machines with IPv6 enabled.
-     [Colm MacCárthaigh <colm stdlib.net>, Justin Erenkrantz]
-
-  *) Fix a link failure in mod_ssl when the OpenSSL libraries contain
-     the ENGINE functions but the engine header files are missing.
-     [Cliff Woolley]
-
-  *) mod_rewrite: RewriteRules in server context using the force
-     type feature [T=...] no longer disable MultiViews.  [André Malo]
-
-  *) mod_rewrite: Allow piped rewrite logs to be relative to ServerRoot.
-     [André Malo]
-
-  *) mod_authz_groupfile: Strip trailing spaces of group names. This
-     hopefully saves some hours of searching for typos. PR 12863.
-     [André Malo]
-
-  *) mod_actions: Propagate the handler name to the action script via
-     the REDIRECT_HANDLER environment variable.  [André Malo]
-
-  *) mod_actions: Introduce the "virtual" modifier to the Action directive,
-     which allows the use of handlers for virtual locations. PR 8431.
-     [André Malo]
-
-  *) mod_speling: Recognize AcceptPathInfo setting for the particular
-     location. Default is to reject path information. PR 21059.
-     [André Malo]
-
-  *) mod_ext_filter: Add the ability to filter request bodies.
-     [Philipp Reisner <philipp.reisner linbit.com>]
-
-  *) Fix some broken log messages in WinNT MPM.  
-     [Juan Rivera <Juan.Rivera citrix.com>]
-
-  *) prefork MPM: Use the right permissions for the directory created 
-     for gprof support.  [Jim Carlson <jcarlson jnous.com>]
-
-  *) Fix a compile failure with recent OpenSSL and picky compilers
-     (e.g., OpenSSL 0.9.7a and xlc_r on AIX).  [Jeff Trawick]
-
-  *) OpenSSL headers should be included as "openssl/ssl.h", and not rely on
-     the INCLUDE path to be defined properly.
-     PR 11310. [Geoff Thorpe <geoff geoffthorpe.net>]
-
-  *) Modify APACHE_CHECK_SSL_TOOLKIT to detect SSL-C. [Madhusudan Mathihalli]
-
-  *) Replace the APACHE_CHECK_SSL_TOOLKIT method with a cleaner one, using
-     autoconf tools (AC_CHECK_HEADER, AC_CHECK_LIB etc). 
-     [Geoff Thorpe <geoff geoffthorpe.net>]
-
-  *) change directive name from 'compressionlevel' to 'deflatecompressionlevel'
-     [Ian Holsman, André Malo]
-
-  *) mod_negotiation: quality values are now parsed independent from
-     the current locale. level values are now really parsed as integers.
-     PR 17564.  [André Malo]
-
-  *) Extend mod_negotiation to evaluate the environment variables
-     no-gzip and gzip-only-text/html the same way as mod_deflate does.
-     [André Malo]
-
-  *) mod_rewrite: Fix some problems reporting errors with mapping
-     programs (RewriteMap prg:/something).  [Jeff Trawick]
-
-  *) Return 413 if chunk-ext-header is too long rather than reading from
-     the truncated line.  PR 15857.  [Justin Erenkrantz]
-
-  *) Allow restart of httpd to occur even with syntax errors in the config
-     file.  PR 16813.  [Justin Erenkrantz]
-
-  *) Use APR_LAYOUT instead of APACHE_LAYOUT in configure.  PR 15679.
-     [Justin Erenkrantz]
-
-  *) Remove files on 'make distclean' that should be.  PR 15592.
-     [Justin Erenkrantz]
-
-  *) Allow apachectl to perform status with links and elinks as well.
-     [Justin Erenkrantz]
-
-  *) mod_log_config change optional hook to return previous handler
-     [Ian Holsman]
-
-  *) Forward port of mod_actions' ability to handle arbitrary methods
-     with the Script directive.  [André Malo]
-
-  *) Let suexec send a message to stderr, if it failed or its policy
-     was violated. This message appears in the error log and allows
-     for easier debugging. PR 5381, 7638, 8255, 10773.  [André Malo]
-
-  *) Modify buildconf to copy all required files into httpd's tree.
-     [Thom May <thom planetarytramp.net>]
-
-  *) Allow mod_dav to do weak entity comparison functions.
-     [Justin Erenkrantz]
-
-  *) Move RFC 1413 ident requests from core to new module mod_ident.
-     [André Malo]
-
-  *) Add mod_authz_owner - a forward port of "Require file-owner"
-     and "Require file-group", which was already present in version
-     1.3.21.  [André Malo]
-
-  *) Add mod_dav_lock - a generic subset of the DAV locking implementation.
-     [Justin Erenkrantz]
-
-  *) Replace some of the mutex locking in the worker MPM with
-     atomic operations for higher concurrency.  [Brian Pane]
-
-  *) Allow 'make depend' to work with non-GCC compilers.
-     [Justin Erenkrantz]
-
-  *) If an httpd.conf has commented out AddModule directives, 
-     apxs -i -a will add an un-commented AddModule directive for 
-     the new module, which breaks the config.
-     PR: 11212 [Joe Orton]
-
-  *) Fix mod_proxy handling of filtered input bodies.  [Justin Erenkrantz]
-
-  *) Move the check of the Expect request header field after the hook
-     for ap_post_read_request, since that is the only opportunity for
-     modules to handle Expect extensions.  [Justin Erenkrantz]
-
-  *) Rewrite of aaa modules to an authn/authz model.
-     [Dirk-Willem van Gulik, Justin Erenkrantz]
-
-
-  [Apache 2.1.0-dev includes those bug fixes and changes with the
-   Apache 2.0.xx tree as documented, and except as noted, below.]
-
-Changes with Apache 2.0.56
-
-  *) SECURITY: CVE-2005-3357 (cve.mitre.org)
-     mod_ssl: Fix a possible crash during access control checks if a
-     non-SSL request is processed for an SSL vhost (such as the
-     "HTTP request received on SSL port" error message when an 400
-     ErrorDocument is configured, or if using "SSLEngine optional").
-     PR 37791.  [Rüdiger Plüm, Joe Orton]
-
-  *) SECURITY: CVE-2005-3352 (cve.mitre.org)
-     mod_imap: Escape untrusted referer header before outputting in HTML
-     to avoid potential cross-site scripting.  Change also made to
-     ap_escape_html so we escape quotes.  Reported by JPCERT.
-     [Mark Cox]
-
-  *) mod_speling: Stop crashing with certain non-file requests.
-     [Jeff Trawick]
-
-  *) keep the Content-Length header for a HEAD with no response body.
-     PR 18757 [Greg Ames]
-
-  *) Modify apr[util] .h detection to avoid breakage on VPATH builds
-     using Solaris make (amoung others) and avoid breakage in ./buildconf
-     when srclib/apr[-util] are symlinks rather than directories proper.
-     [William Rowe]
-
-  *) Avoid server-driven negotiation when a CGI script has emitted an
-     explicit "Status:" header. PR 38070.  [Nick Kew]
-
-  *) mod_log_config now logs all Set-Cookie headers if the %{Set-Cookie}o
-     format is used. PR 27787.  [André Malo]
-
-  *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs.  PR 34264.
-     [Justin Erenkrantz]
-
-  *) mod_cache: Correctly handle responses with a 301 status. PR 37347.
-     [Paul Querna]
-
-  *) mod_proxy_http: Prevent data corruption of POST request bodies when
-     client accesses proxied resources with SSL. PR 37145.
-     [Ruediger Pluem, William Rowe]
-
-  *) Elimiated the NET_TIME filter, restructuring the timeout logic.
-     This provides a working mod_echo on all platforms, and ensures any
-     custom protocol module is at least given an initial timeout value
-     based on the <VirtualHost > context's Timeout directive.
-     [William Rowe]
-
-  *) mod_ssl: Correct issue where mod_ssl does not pick up the
-     ssl-unclean-shutdown setting when configured. PR 34452. [Joe Orton]
-
-  *) Document the ReceiveBufferSize change done in r157583 [Murray
-     Nesbitt <murray@cpan.org>]
-
-  *) mod_deflate: Merge the Vary header, instead of Setting it. Fixes
-     applications that send the Vary Header themselves. PR 37559.
-     [Paul Querna]
-
-  *) mod_dav: Fix a null pointer dereference in an error code path during the
-     handling of MKCOL. [Ghassan Misherghi <ghassanm ucdavis.edu>]
-
-  *) mod_mime_magic: Handle CRLF-format magic files so that it works with
-     the default installation on Windows.  [Jeff Trawick]
-
-  *) Write message to error log if AuthGroupFile cannot be opened.
-     PR 37566.  [Rüdiger Plüm]
-
-  *) Add ReceiveBufferSize directive to control the TCP receive buffer.
-     [Eric Covener <covener gmail.com>]
-
-  *) mod_cache: Fix 'Vary: *' behavior to be RFC compliant. PR 16125.
-     [Paul Querna]
-
-  *) Remove the base href tag from proxy_ftp, as it breaks relative
-     links for clients not using an Authorization header. [Graham Leggett,
-     Jon Snow <jsnow27 gatesec.net>]
-
-  *) http_request.c: Add missing va_end call. [André Malo]
-
-  *) Add httxt2dbm to support/ for creating RewriteMap DBM Files.
-     [Paul Querna]
-
-  *) support/check_forensic: Fix temp file usage
-     [Javier Fernandez-Sanguino Pen~a <jfs computer.org>]
-
-  *) Chunk filter: Fix chunk filter to create correct chunks in the case that
-     a flush bucket is surrounded by data buckets. [Ruediger Pluem]
-
-  *) mod_cgi(d): Remove block on OPTIONS method so that scripts can
-     respond to OPTIONS directly rather than via server default.
-     [Roy Fielding] PR 15242
-
-  *) Added new module mod_version, which provides version dependent
-     configuration containers.  [André Malo]
-
-  *) Add core version query function (ap_get_server_revision) and
-     accompanying ap_version_t structure (minor MMN bump).
-     [André Malo]
-
-Changes with Apache 2.0.55
-
-  *) SECURITY: CVE-2005-2088 (cve.mitre.org)
-     proxy: Correctly handle the Transfer-Encoding and Content-Length
-     headers.  Discard the request Content-Length whenever T-E: chunked
-     is used, always passing one of either C-L or T-E: chunked whenever 
-     the request includes a request body.  Resolves an entire class of
-     proxy HTTP Request Splitting/Spoofing attacks.  [William Rowe]
-
-  *) Added TraceEnable [on|off|extended] per-server directive to alter
-     the behavior of the TRACE method.  This addresses a flaw in proxy
-     conformance to RFC 2616 - previously the proxy server would accept
-     a TRACE request body although the RFC prohibited it.  The default
-     remains 'TraceEnable on'.  [William Rowe]
-
-  *) Add ap_log_cerror() for logging messages associated with particular
-     client connections.  [Jeff Trawick]
-
-  *) Correct mod_cgid's argv[0] so that the full path can be delved by the
-     invoked cgi application, to conform to the behavior of mod_cgi.
-     [Pradeep Kumar S <pradeep.smani gmail.com>]
-
-  *) mod_include: Fix possible environment variable corruption when 
-     using nested includes.  PR 12655.  [Joe Orton]
-
-  *) Support the suppress-error-charset setting, as with Apache 1.3.x.
-     PR 31274.  [Jeff Trawick]
-
-  *) EBCDIC: Handle chunked input from client or, with proxy, origin
-     server.  [Jeff Trawick]
-
-  *) Fix bad globbing comparison which could result in getting
-     a directory listing when a file was requested. PR 34512.
-     [sean <infamous41md hotmail.com>]
-
-  *) Fix core dump if mod_auth_ldap's mod_auth_ldap_auth_checker()
-     was called even if mod_auth_ldap_check_user_id() was not
-     (or if it didn't succeed) for non-authoritative cases.
-     [Jim Jagielski]
-
-  *) SECURITY: CVE-2005-2728 (cve.mitre.org)
-     Fix cases where the byterange filter would buffer responses
-     into memory.  PR 29962.  [Joe Orton]
-
-  *) mod_proxy: Fix over-eager handling of '%' for reverse proxies.
-     PR 15207.  [Jim Jagielski]
-
-  *) mod_ldap: Fix various shared memory cache handling bugs.
-     PR 34209.  [Joe Orton]
-
-  *) Fix a file descriptor leak when starting piped loggers.  PR 33748. 
-     [Joe Orton]
-
-  *) mod_ldap: Avoid segfaults when opening connections if using a version
-     of OpenLDAP older than 2.2.21.  PR 34618.  [Brad Nicholes]
-
-  *) mod_ssl: Fix build with OpenSSL 0.9.8.  PR 35757.  [William Rowe]
-
-  *) SECURITY: CVE-2005-2088 (cve.mitre.org)
-     core: If a request contains both Transfer-Encoding and Content-Length
-     headers, remove the Content-Length, mitigating some HTTP Request 
-     Splitting/Spoofing attacks.  [Paul Querna, Joe Orton]
-
-  *) proxy HTTP: If a response contains both Transfer-Encoding and a 
-     Content-Length, remove the Content-Length and don't reuse the
-     connection, mitigating some HTTP Response Splitting attacks.
-     [Jeff Trawick]
-
-  *) Prevent hangs of child processes when writing to piped loggers at
-     the time of graceful restart.  PR 26467.  [Jeff Trawick]
-
-  *) SECURITY: CVE-2005-1268 (cve.mitre.org)
-     mod_ssl: Fix off-by-one overflow whilst printing CRL information
-     at "LogLevel debug" which could be triggered if configured 
-     to use a "malicious" CRL.  PR 35081.  [Marc Stern <mstern csc.com>]
-
-  *) mod_userdir: Fix possible memory corruption issue.  PR 34588.
-     [David Leonard <dleonard vintela.com>]
-
-  *) worker mpm: don't take down the whole server for a transient
-     thread creation failure. PR 34514 [Greg Ames]
-  
-  *) mod_rewrite: use buffered I/O to improve performance with large
-     RewriteMap txt: files.  [Greg Ames]
-
-  *) proxy HTTP: Rework the handling of request bodies to handle
-     chunked input and input filters which modify content length, and
-     avoid spooling arbitrary-sized request bodies in memory.
-     PR 15859.  [Jeff Trawick]
-
-Changes with Apache 2.0.54
-
-  *) mod_cache: Add CacheIgnoreHeaders directive.  PR 30399.
-     [Rüdiger Plüm <r.pluem t-online.de>]
-
-  *) mod_ldap: Added the directive LDAPConnectionTimeout to configure
-     the ldap socket connection timeout value.  
-     [Brad Nicholes]
-
-  *) Correctly export all mod_dav public functions.
-     [Branko Čibej <brane xbc.nu>]
-
-  *) Add a build script to create a solaris package. [Graham Leggett]
-
-  *) worker MPM: Fix a problem which could cause httpd processes to
-     remain active after shutdown.  [Jeff Trawick]
-
-  *) Unix MPMs: Shut down the server more quickly when child processes are
-     slow to exit.  [Joe Orton, Jeff Trawick]
-
-  *) Remove formatting characters from ap_log_error() calls.  These
-     were escaped as fallout from CVE-2003-0020.
-     [Eric Covener <ecovener gmail.com>]
-
-  *) mod_ssl: If SSLUsername is used, set r->user earlier.  PR 31418.
-     [David Reid]
-
-  *) htdigest: Fix permissions of created files.  PR 33765.  [Joe Orton]
-
-  *) core_input_filter: Move buckets to a persistent brigade instead of
-     creating a new brigade. This stop a memory leak when proxying a 
-     Streaming Media Server. PR 33382. [Paul Querna]
-
-  *) mod_win32: Ignore both PATH_INFO as well as PATH_TRANSLATED to avoid 
-     hiccups from additional path information passed in non-utf-8 format.
-     [Richard Donkin <rd9 donkin.org]
-
-Changes with Apache 2.0.53
-
-  *) Fix --with-apr=/usr and/or --with-apr-util=/usr.  PR 29740.
-     [Max Bowsher <maxb ukf.net>]
-
-  *) mod_proxy: Fix ProxyRemoteMatch directive.  PR 33170.
-     [Rici Lake <rici ricilake.net>]
-
-  *) mod_proxy: Respect errors reported by pre_connection hooks.
-     [Jeff Trawick]
-
-  *) --with-module can now take more than one module to be statically
-     linked: --with-module=<modtype>:<modfile>,<modtype>:<modfile>,...
-     If the <modtype>-subdirectory doesn't exist it will be created and
-     populated with a standard Makefile.in.  [Erik Abele]
-
-  *) Fix the RPM spec file so that an RPM build now works. An RPM
-     build now requires system installations of APR and APR-util.
-     Remove some arbitrary moving around of binaries - the RPM now
-     maps to the ASF build of httpd.
-     [Graham Leggett]
-
-  *) mod_dumpio, an I/O logging/dumping module, added to the
-     modules/expermimental subdirectory.  [Jim Jagielski]
-
-  *) mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
-     library handles special characters.  PR 24437.  [Jess Holle]
-
-  *) Win32 MPM: Correct typo in debugging output.  [William Rowe]
-
-  *) conf: Remove AddDefaultCharset from the default configuration because
-     setting a site-wide default does more harm than good. PR 23421.
-     [Roy Fielding]
-
-  *) Add charset to example CGI scripts.  [Roy Fielding]
-
-  *) mod_ssl: fail quickly if SSL connection is aborted rather than
-     making many doomed ap_pass_brigade calls.  PR 32699.  [Joe Orton]
-
-  *) Remove compiled-in upper limit on LimitRequestFieldSize.
-     [Bill Stoddard]
-
-  *) Start keeping track of time-taken-to-process-request again for
-     mod_status if ExtendedStatus is enabled. [Jim Jagielski]
-
-  *) mod_proxy: Handle client-aborted connections correctly.  PR 32443.
-     [Janne Hietamäki, Joe Orton]
-
-  *) Fix handling of files >2Gb on all platforms (or builds) where
-     apr_off_t is larger than apr_size_t.  PR 28898.  [Joe Orton]
-
-  *) mod_include: Fix bug which could truncate variable expansions
-     of N*64 characters by one byte.  PR 32985.  [Joe Orton]
-
-  *) Correct handling of certain bucket types in ap_save_brigade, fixing
-     possible segfaults in mod_cgi with #include virtual.  PR 31247.
-     [Joe Orton]
-
-  *) Allow for the use of --with-module=foo:bar where the ./modules/foo
-     directory is local only. Assumes, of course, that the required
-     files are in ./modules/foo, but makes it easier to statically
-     build/log "external" modules.  [Jim Jagielski]
-
-  *) Util_ldap: Implemented the util_ldap_cache_getuserdn() API so that 
-     ldap authorization only modules have access to the util_ldap 
-     user cache without having to require ldap authentication as well.  
-     PR 31898.  [Jari Ahonen jah progress.com, Brad Nicholes]
-
-  *) mod_auth_ldap: Added the directive "Requires ldap-attribute" that
-     allows the module to only authorize a user if the attribute value
-     specified matches the value of the user object. PR 31913
-     [Ryan Morgan <rmorgan pobox.com>]
-
-  *) SECURITY: CVE-2004-0942 (cve.mitre.org)
-     Fix for memory consumption DoS in handling of MIME folded request
-     headers.  [Joe Orton]
-
-  *) SECURITY: CVE-2004-0885 (cve.mitre.org)
-     mod_ssl: Fix a bug which allowed an SSLCipherSuite setting to be
-     bypassed during an SSL renegotiation.  PR 31505.  
-     [Hartmut Keil <Hartmut.Keil adnovum.ch>, Joe Orton]
-
-  *) mod_ssl: Fail at startup rather than segfault at runtime if a
-     client cert is configured with an encrypted private key.
-     PR 24030.  [Joe Orton]
-
-  *) apxs: fix handling of -Wc/-Wl and "-o mod_foo.so". PR 31448
-     [Joe Orton]
-
-  *) mod_ldap: Fix format strings to use %APR_PID_T_FMT instead of %d.
-     [Jeff Trawick]
- 
-  *) mod_cache: CacheDisable will only disable the URLs it was meant to
-     disable, not all caching. PR 31128.
-     [Edward Rudd <eddie omegaware.com>, Paul Querna]
-
-  *) mod_cache: Try to correctly follow RFC 2616 13.3 on validating stale
-     cache responses.  [Justin Erenkrantz]
-
-  *) mod_rewrite: Handle per-location rules when r->filename is unset.
-     Previously this would segfault or simply not match as expected,
-     depending on the platform.  [Jeff Trawick]
-
-  *) mod_rewrite: Fix 0 bytes write into random memory position.
-     PR 31036. [André Malo]
-
-  *) mod_disk_cache: Do not store aborted content.  PR 21492.
-     [Rüdiger Plüm <r.pluem t-online.de>]
-
-  *) mod_disk_cache: Correctly store cached content type.  PR 30278.
-     [Rüdiger Plüm <r.pluem t-online.de>]
-
-  *) mod_ldap: prevent the possiblity of an infinite loop in the LDAP
-     statistics display. PR 29216. [Graham Leggett]
-
-  *) mod_ldap: fix a bogus error message to tell the user which file
-     is causing a potential problem with the LDAP shared memory cache.
-     PR 31431 [Graham Leggett]
-
-  *) SECURITY: CVE-2004-1834 (cve.mitre.org)
-     mod_disk_cache: Do not store hop-by-hop headers.  [Justin Erenkrantz]
-
-  *) Fix the re-linking issue when purging elements from the LDAP cache
-     PR 24801.  [Jess Holle <jessh ptc.com>]
-      
-  *) mod_disk_cache: Fix races in saving responses.  [Justin Erenkrantz]
-
-  *) Fix Expires handling in mod_cache.  [Justin Erenkrantz]
-
-  *) Alter mod_expires to run at a different filter priority to allow
-     proper Expires storage by mod_cache.  [Justin Erenkrantz]
-
-Changes with Apache 2.0.52
-
-  *) Use HTML 2.0 <hr> for error pages. PR 30732 [André Malo]
-
-  *) Fix the global mutex crash when the global mutex is never allocated
-     due to disabled/empty caches. [Jess Holle <jessh ptc.com>]
-
-  *) Fix a segfault in the LDAP cache when it is configured switched
-     off. [Jess Holle <jessh ptc.com>]
-
-  *) SECURITY: CVE-2004-0811 (cve.mitre.org)
-     Fix merging of the Satisfy directive, which was applied to
-     the surrounding context and could allow access despite configured
-     authentication.  PR 31315.  [Rici Lake <rici ricilake.net>]
-
-  *) Fix the handling of URIs containing %2F when AllowEncodedSlashes
-     is enabled.  Previously, such urls would still be rejected.
-     [Jeff Trawick, Bill Stoddard]
-
-  *) mod_mem_cache: Fixed race condition causing segfault because of memory being
-     freed twice, or reused after being freed.
-     [J. Clar, W. Stoddard, G. Ames]
-    
-  *) Add -l option to rotatelogs to let it use local time rather than
-     UTC.  PR 24417.  [Ken Coar, Uli Zappe <uli ritual.org>]
-
-  *) mod_log_config: Fix a bug which prevented request completion time
-     from being logged for I_INSIST_ON_EXTRA_CYCLES_FOR_CLF_COMPLIANCE
-     processing.  PR 29696.  [Alois Treindl <alois astro.ch>]
-
-Changes with Apache 2.0.51
-
-  *) SECURITY: CVE-2004-0786 (cve.mitre.org)
-     Fix an input validation issue in apr-util which could be
-     triggered by malformed IPv6 literal addresses.  [Joe Orton]
-
-  *) SECURITY: CVE-2004-0747 (cve.mitre.org)
-     Fix buffer overflow in expansion of environment variables in
-     configuration file parsing.  [André Malo]
-
-  *) SECURITY: CVE-2004-0809 (cve.mitre.org)
-     mod_dav_fs: Fix a segfault in the handling of an indirect lock
-     refresh.  PR 31183.  [Joe Orton]
-
-  *) mod_include no longer checks for recursion, because that's done
-     in the core. This allows for careful usage of recursive SSI.
-     [André Malo]
-
-  *) Fix memory leak in the cache handling of mod_rewrite. PR 27862.
-     [chunyan sheng <shengperson yahoo.com>, André Malo]
-
-  *) Include directives no longer refuse to process symlinks on
-     directories. Instead there's now a maximum nesting level
-     of included directories (128 as distributed). This is configurable
-     at compile time using the -DAP_MAX_INCLUDE_DIR_DEPTH switch.
-     PR 28492.  [André Malo]
-
-  *) Win32: apache -k start|restart|install|config can leave stranded
-     piped logger processes (eg, rotatelogs.exe) due to improper
-     server shutdown on these code paths.
-     [Bill Stoddard]
-
-  *) SECURITY: CVE-2004-0751 (cve.mitre.org)
-     mod_ssl: Fix a segfault in the SSL input filter which could be
-     triggered if using "speculative" mode, for instance by a 
-     proxy request to an SSL server.  PR 30134.  [Joe Orton]
-
-  *) mod_rewrite: Add %{SSL:...} and %{HTTPS} variable lookups.
-     PR 30464.  [Joe Orton, Madhusudan Mathihalli]
-
-  *) mod_ssl: Add new 'ssl_is_https' optional function.  [Joe Orton]
-
-  *) Prevent CGI script output which includes a Content-Range header
-     from being passed through the byterange filter.  [Joe Orton]
-
-  *) Satisfy directives now can be influenced by a surrounding <Limit>
-     container.  PR 14726.  [André Malo]
-
-  *) mod_rewrite now officially supports RewriteRules in <Proxy> sections.
-     PR 27985.  [André Malo]
-
-  *) mod_disk_cache: Implement binary format for on-disk header files.
-     [Brian Akins <bakins web.turner.com>, Justin Erenkrantz]
-
-  *) mod_disk_cache: Optimize network performance of disk cache subsystem by
-     allowing zero-copy (sendfile) writes and other miscellaneous fixes.
-     [Justin Erenkrantz]
-
-  *) mod_cache, mod_disk_cache, mod_mem_cache: Refactor cache modules, and
-     switch to the provider API instead of hooks.  [Justin Erenkrantz]
-
-  *) mod_autoindex: Don't truncate the directory listing if a stat()
-     call fails (for instance on a >2Gb file).  PR 17357.
-     [Joe Orton]
-
-  *) Makefile fix: httpd is linked against LIBS given to the
-     'make' invocation.  PR 7882.  [Joe Orton]
-
-  *) WinNT MPM: Fix a broken log message at termination.  PR 28063.
-     [Eider Oliveira <eider bol.com.br>]
-
-  *) Prevent Win32 pool corruption at startup [Allan Edwards]
-
-  *) mod_ssl: Add "SSLUserName" directive to set r->user based on a
-     chosen SSL environment variable.  PR 20957. 
-     [Martin v. Loewis <martin v.loewis.de>]
-
-  *) suexec: Pass the SERVER_SIGNATURE envvar through to CGIs.
-     [Zvi Har'El <rl math.technion.ac.il>]
-
-  *) apachectl: Fix a problem finding envvars if sbindir != bindir.
-     PR 30723.  [Friedrich Haubensak <hsk imb-jena.de>]
-
-  *) mod_ssl: Build on RHEL 3.  PR 18989.  [Justin Erenkrantz]
-
-  *) SECURITY: CVE-2004-0748 (cve.mitre.org)
-     mod_ssl: Fix a potential infinite loop.  PR 29964.  [Joe Orton]
-
-  *) mod_ssl: Avoid startup failure after unclean shutdown if using shmcb.
-     PR 18989.  [Joe Orton]
-
-  *) mod_userdir: Ensure that the userdir identity is used for
-     suexec userdir access in a virtual host which has suexec configured.  
-     PR 18156.  [Joshua Slive]
-
-  *) mod_rewrite no longer confuses the RewriteMap caches if
-     different maps defined in different virtual hosts use the
-     same map name. PR 26462.  [André Malo]
-
-  *) mod_setenvif: Remove "support" for Remote_User variable which
-     never worked at all. PR 25725.  [André Malo]
-
-  *) Backport from 2.1 / Regression from 1.3: mod_headers now knows
-     again the functionality of the ErrorHeader directive. But instead
-     using this misnomer additional flags to the Header directive were
-     introduced ("always" and "onsuccess", defaulting to the latter).
-     PR 28657.  [André Malo]
-
-  *) Use the higher performing 'httpready' Accept Filter on all platforms 
-     except FreeBSD < 4.1.1. [Paul Querna]
-
-  *) mod_usertrack: Escape the cookie name before pasting into the
-     regexp.  [André Malo]
-
-  *) Extend the SetEnvIf directive to capture subexpressions of the
-     matched value.  [André Malo]
-
-  *) Recursive Include directives no longer crash. The server stops
-     including configuration files after a certain nesting level (128
-     as distributed). This is configurable at compile time using the
-     -DAP_MAX_INCLUDE_DEPTH switch. PR 28370.  [André Malo]
-
-  *) mod_dir: the trailing-slash behaviour is now configurable using the
-     DirectorySlash directive.  [André Malo]
-
-  *) Allow proxying of resources that are invoked via DirectoryIndex.
-     PR 14648, 15112, 29961.  [André Malo]
-
-  *) util_ldap: Switched the lock types on the shared memory cache 
-     from thread reader/writer locks to global mutexes in order to 
-     provide cross process cache protection. [Brad Nicholes]
-     
-  *) util_ldap: Reworked the cache locking scheme to eliminate duplicate 
-     cache entries in the credentials cache due to race conditions.
-     [Brad Nicholes]
-     
-  *) util_ldap: Enhanced the util_ldap cache-info display to show more 
-     detail about the contents and current state of the cache. 
-     [Brad Nicholes]
-     
-  *) Enable the option to support anonymous shared memory in mod_ldap.
-     This makes the cache work on Linux again. [Graham Leggett]
-
-  *) Enable special ErrorDocument value 'default' which restores the
-     canned server response for the scope of the directive.
-     [Geoffrey Young, André Malo]
-
-  *) work around MSIE Digest auth bug - if AuthDigestEnableQueryStringHack
-     is set in r->subprocess_env allow mismatched query strings to pass.
-     PR 27758.  [Paul Querna, Geoffrey Young]
-
-  *) Accept URLs for the ServerAdmin directive. If the supplied
-     argument is not recognized as an URL, assume it's a mail address.
-     PR 28174.  [André Malo, Paul Querna]
-
-  *) initialize server arrays prior to calling ap_setup_prelinked_modules
-     so that static modules can push Defines values when registering
-     hooks just like DSO modules can ["Philippe M. Chiasson" <gozer cpan.org>]
-
-  *) Small fix to allow reverse proxying to an ftp server. Previously
-     an attempt to do this would try and connect to 0.0.0.0, regardless
-     of the server specified. PR 24922
-     [Pascal Terjan <pterjan@linuxfr.org>]
-
-  *) Add the NOTICE file to the rpm spec file in compliance with the
-     Apache v2.0 license. [Graham Leggett]
- 
-  *) RPM spec file changes: changed default dependancy to link to db4
-     instead of db3. Fixed complaints about unpackaged files.
-     [Graham Leggett]
- 
-Changes with Apache 2.0.50
-
-  *) SECURITY: CVE-2004-0493 (cve.mitre.org)
-     Close a denial of service vulnerability identified by Georgi
-     Guninski which could lead to memory exhaustion with certain
-     input data.  [Jeff Trawick]
-
-  *) mod_cgi: Handle output on stderr during script execution on Unix
-     platforms; preventing deadlock when stderr output fills pipe buffer.
-     Also fixes case where stderr from nph- scripts could be lost.
-     PR 22030, 18348.  [Joe Orton, Jeff Trawick]
-
-  *) mod_alias now emits a warning if it detects overlapping *Alias*
-     directives.  [André Malo]
-
-  *) mod_rewrite no longer turns forward proxy requests into reverse proxy
-     requests. PR 28125  [ast domdv.de, André Malo]
-
-  *) ap_set_sub_req_protocol and ap_finalize_sub_req_protocol are now
-     exported on Win32 and Netware as well (minor MMN bump).  PR 28523.
-     [Edward Rudd <eddie omegaware.com>, André Malo]
-
-  *) Restore the ability to disable the use of AcceptEx on Win9x systems
-     automatically (broken in 2.0.49). PR 28529.  [André Malo]
-
-  *) <VirtualHost myhost> now applies to all IP addresses for myhost
-     instead of just the first one reported by the resolver.  This
-     corrects a regression since 1.3.  [Jeff Trawick]
-
-  *) util_ldap: allow relative paths for LDAPTrustedCA to be resolved
-     against ServerRoot PR#26602 [Brad Nicholes]
-       
-  *) SECURITY: CVE-2004-0488 (cve.mitre.org)
-     mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
-     (trusted) client certificate subject DN which exceeds 6K in length.
-     [Joe Orton]
-
-  *) mod_dav_fs: Fix MKCOL response for missing parent collections, which 
-     caused issues for the Eclipse WebDAV extension.
-     PR 29034.  [Joe Orton]
-
-  *) mod_deflate: Fix memory consumption (which was proportional to the
-     response size).  PR 29318.  [Joe Orton]
-
-  *) mod_ssl: Log the errors returned on failure to load or initialize
-     a crypto accelerator engine.  [Joe Orton]
-
-  *) Allow RequestHeader directives to be conditional. PR 27951.
-     [Vincent Deffontaines <vincent gryzor.com>, André Malo]
-
-  *) Allow LimitRequestBody to be reset to unlimited. PR 29106
-     [André Malo]
-
-  *) Fix a bunch of cases where the return code of the regex compiler
-     was not checked properly. This affects: mod_setenvif, mod_usertrack,
-     mod_proxy, mod_proxy_ftp and core. PR 28218.  [André Malo]
-
-  *) mod_ssl: Fix a potential segfault in the 'shmcb' session cache for
-     small cache sizes.  PR 27751.  [Geoff Thorpe <geoff geoffthorpe.net>]
-
-  *) Remove 2Gb log file size restriction on some 32-bit platforms.
-     PR 13511.  [Joe Orton]
-
-  *) mod_logio no longer removes the EOS bucket. PR 27928.
-     [Bojan Smojver <bojan rexursive.com>]
-
-  *) htpasswd no longer refuses to process files that contain empty
-     lines.  [André Malo]
-
-  *) Regression from 1.3: At startup, suexec now will be checked for
-     availability, the setuid bit and user root. The works only if
-     httpd is compiled with the shipped APR version (0.9.5).
-     PR 28287.  [André Malo]
-
-  *) Unix MPMs: Stop dropping connections when the file descriptor
-     is at least FD_SETSIZE.  [Jeff Trawick]
-
-  *) Fix handling of IPv6 numeric strings in mod_proxy.  [Jeff Trawick]
-
-  *) mod_isapi: send_response_header() failed to copy status string's 
-     last character.  PR 20619.  [Jesse Pelton <jsp pkc.com>]
-
-  *) Fix a segfault when requests for shared memory fails and returns
-     NULL. Fix a segfault caused by a lack of bounds checking on the
-     cache.  PR 24801.  [Graham Leggett]
-
-  *) Throw an error message if an attempt is made to use the LDAPTrustedCA
-     or LDAPTrustedCAType directives in a VirtualHost. PR 26390
-     [Brad Nicholes]
-
-  *) Fix a potential segfault if the bind password in the LDAP cache
-     is NULL.  PR 28250.  [Jari Ahonen <jah progress.com>]
-
-  *) Quotes cannot be used around require group and require dn
-     directives, update the documentation to reflect this. Also add
-     quotes around the dn and group within debug messages, to make it
-     more obvious why authentication is failing if quotes are used in
-     error.  PR 19304.  [Graham Leggett]
-
-  *) The Microsoft LDAP SDK escapes filters for us, stop util_ldap
-     from escaping filters twice when the backslash character is used.
-     PR 24437.  [Jess Holle <jessh ptc.com>]
-
-  *) Overhaul handling of LDAP error conditions, so that the util_ldap_*
-     functions leave the connections in a sane state after errors have
-     occurred. PR 27748, 17274, 17599, 18661, 21787, 24595, 24683, 27134,
-     27271 [Graham Leggett]
-                                                                                
-  *) mod_ldap calls ldap_simple_bind_s() to validate the user
-     credentials.  If the bind fails, the connection is left
-     in an unbound state.  Make sure that the ldap connection
-     record is updated to show that the connection is no longer
-     bound. [Brad Nicholes]
-
-  *) Ensure that lines in the request which are too long are 
-     properly terminated before logging.
-     [Tsurutani Naoki <turutani scphys.kyoto-u.ac.jp>]
-
-  *) Update the bind credentials for the cached LDAP connection to 
-     reflect the last bind.  This prevents util_ldap from creating 
-     unnecessary connections rather than reusing cached connections.
-     [Brad Nicholes]
-     
-  *) mod_isapi: GetServerVariable returned improperly terminated header 
-     fields given "ALL_HTTP" or "ALL_RAW".  PR 20656.
-     [Jesse Pelton <jsp pkc.com>]
-
-  *) mod_isapi: GetServerVariable("ALL_RAW") returned the wrong buffer
-     size.  PR 20617.  [Jesse Pelton <jsp pkc.com>]
-
-  *) mod_dav: Fix a problem that could cause crashes when manipulating 
-     locks on some platforms.  [Jeff Trawick]
-
-  *) mod_headers no longer crashes if an empty header value should
-     be added.  [André Malo]
-
-  *) Fix segfault in mod_expires, which occured under certain
-     circumstances. PR 28047.  [André Malo]
-
-  *) htpasswd: use apr_temp_dir_get() and general cleanup
-     [Guenter Knauf <eflash gmx.net>, Thom May]
-
-  *) mod_ssl: Fix memory leak in session cache handling.  PR 26562
-     [Madhusudan Mathihalli]
-
-  *) mod_ssl: Fix potential segfaults when performing SSL shutdown from
-     a pool cleanup.  PR 27945.  [Joe Orton]
-
-  *) Add forensic logging module (mod_log_forensic).
-     [Ben Laurie]
-
-  *) logresolve: Allow size of log line buffer to be overridden at
-     build time (MAXLINE).  PR 27793.  [Jeff Trawick]
-
-  *) Fix the comment delimiter in htdbm so that it correctly parses the 
-     username comment.  Also add a terminate function to allow NetWare 
-     to pause the output before the screen is destroyed.
-     [Guenter Knauf <eflash gmx.net>, Brad Nicholes] 
-  
-  *) Fix crash when Apache was started with no Listen directives.
-     [Michael Corcoran <mcorcoran warpsolutions.com>]
-
-  *) core_output_filter: Fix bug that could result in sending
-     garbage over the network when module handlers construct
-     bucket brigades containing multiple file buckets all referencing
-     the same open file descriptor. [Bojan Smojver]
-
-  *) Fix memory corruption problem with ap_custom_response() function.
-     The core per-dir config would later point to request pool data
-     that would be reused for different purposes on different requests.
-     [Jeff Trawick, based on an old 1.3 patch submitted by Will Lowe]
-
-  *) Win32: Tweak worker thread accounting routines to eliminate
-     server hang when number of Listen directives in httpd.conf
-     is greater than or equal to the setting of ThreadsPerChild.
-     [Bill Stoddard]
-
-Changes with Apache 2.0.49
-
-  *) SECURITY: CVE-2004-0174 (cve.mitre.org)
-     Fix starvation issue on listening sockets where a short-lived
-     connection on a rarely-accessed listening socket will cause a
-     child to hold the accept mutex and block out new connections until
-     another connection arrives on that rarely-accessed listening socket.
-     With Apache 2.x there is no performance concern about enabling the 
-     logic for platforms which don't need it, so it is enabled everywhere
-     except for Win32.  [Jeff Trawick]
-
-  *) mod_cgid: Fix storage corruption caused by use of incorrect pool.
-     [Jeff Trawick]
-
-  *) Win32: find_read_listeners was not correctly handling multiple
-     listeners on the Win32DisableAcceptEx path.  [Bill Stoddard]
-
-  *) Fix bug in mod_usertrack when no CookieName is set.  PR 24483.
-     [Manni Wood <manniwood planet-save.com>]
-
-  *) Fix some piped log problems: bogus "piped log program '(null)'
-     failed" messages during restart and problem with the logger
-     respawning again after Apache is stopped.  PR 21648, PR 24805.
-     [Jeff Trawick]
-
-  *) Fixed file extensions for real media files and removed rpm extension
-     from mime.types. PR 26079.  [Allan Sandfeld <kde carewolf.com>]
-
-  *) Remove compile-time length limit on request strings. Length is
-     now enforced solely with the LimitRequestLine config directive.
-     [Paul J. Reder]
-
-  *) mod_ssl: Send the Close Alert message to the peer before closing
-     the SSL session.  PR 27428.  [Madhusudan Mathihalli, Joe Orton]
-
-  *) SECURITY: CVE-2004-0113 (cve.mitre.org)
-     mod_ssl: Fix a memory leak in plain-HTTP-on-SSL-port handling.
-     PR 27106.  [Joe Orton]
-
-  *) mod_ssl: Fix bug in passphrase handling which could cause spurious
-     failures in SSL functions later.  PR 21160.  [Joe Orton]
-
-  *) mod_log_config: Fix corruption of buffered logs with threaded
-     MPMs.  PR 25520.  [Jeff Trawick]
-
-  *) Fix mod_include's expression parser to recognize strings correctly
-     even if they start with an escaped token.  [André Malo]
-
-  *) Add fatal exception hook for use by diagnostic modules.  The hook
-     is only available if the --enable-exception-hook configure parm 
-     is used and the EnableExceptionHook directive has been set to 
-     "on".  [Jeff Trawick]
-
-  *) Allow mod_auth_digest to work with sub-requests with different
-     methods than the original request.  PR 25040.
-     [Josh Dady <jpd indecisive.com>]
-
-  *) fix "Expected </Foo>> but saw </Foo>" errors in nested,
-     argumentless containers.
-     ["Philippe M. Chiasson" <gozer cpan.org>]
-
-  *) mod_auth_ldap: Fix some segfaults in the cache logic.  PR 18756.
-     [Matthieu Estrade <apache moresecurity.org>, Brad Nicholes]
-
-  *) mod_cgid: Restart the cgid daemon if it crashes.  PR 19849
-     [Glenn Nielsen <glenn apache.org>]
-
-  *) The whole codebase was relicensed and is now available under
-     the Apache License, Version 2.0 (http://www.apache.org/licenses).
-     [Apache Software Foundation]
-
-  *) Fixed cache-removal order in mod_mem_cache.
-     [Jean-Jacques Clar, Cliff Woolley]
-
-  *) mod_setenvif: Fix the regex optimizer, which under circumstances
-     treated the supplied regex as literal string. PR 24219.
-     [André Malo]
-
-  *) ap_mpm.h: Fix include guard of ap_mpm.h to reference mpm
-     instead of mmn. [André Malo]
-
-  *) mod_rewrite: Catch an edge case, where strange subsequent RewriteRules
-     could lead to a 400 (Bad Request) response.  [André Malo]
-
-  *) Keep focus of ITERATE and ITERATE2 on the current module when
-     the module chooses to return DECLINE_CMD for the directive.
-     PR 22299.  [Geoffrey Young <geoff apache.org>]
-
-  *) Add support for IMT minor-type wildcards (e.g., text/*) to
-     ExpiresByType.  PR#7991  [Ken Coar]
-
-  *) Fix segfault in mod_mem_cache cache_insert() due to cache size
-     becoming negative.  PR: 21285, 21287
-     [Bill Stoddard, Massimo Torquati, Jean-Jacques Clar]
-
-  *) core.c: If large file support is enabled, allow any file that is
-     greater than AP_MAX_SENDFILE to be split into multiple buckets.
-     This allows Apache to send files that are greater than 2gig.
-     Otherwise we run into 32/64 bit type mismatches in the file size.
-     [Brad Nicholes]
-
-  *) proxy_http fix: mod_proxy hangs when both KeepAlive and
-     ProxyErrorOverride are enabled, and a non-200 response without a
-     body is generated by the backend server. (e.g.: a client makes a
-     request containing the "If-Modified-Since" and "If-None-Match"
-     headers, to which the backend server respond with status 304.)
-     [Graham Wiseman <gwiseman fscinternet.com>, Richard Reiner]
-
-  *) mod_dav: Reject requests which include an unescaped fragment in the
-     Request-URI.  PR 21779.  [Amit Athavale <amit_athavale lycos.com>]
-
-  *) Build array of allowed methods with proper dimensions, fixing
-     possible memory corruption.  [Jeff Trawick]
-
-  *) mod_ssl: Fix potential segfault on lookup of SSL_SESSION_ID.
-     PR 15057.  [Otmar Lendl <lendl nic.at>]
-
-  *) mod_ssl: Fix streaming output from an nph- CGI script. PR 21944
-     [Joe Orton]
-
-  *) mod_usertrack no longer inspects the Cookie2 header for
-     the cookie name. PR 11475.  [Chris Darrochi <chrisd pearsoncmg.com>]
-
-  *) mod_usertrack no longer overwrites other cookies.
-     PR 26002.  [Scott Moore <apache nopdesign.com>]
-
-  *) worker MPM: fix stack overlay bug that could cause the parent
-     process to crash.  [Jeff Trawick]
-
-  *) Win32: Add Win32DisableAcceptEx directive. This Windows
-     NT/2000/CP directive is useful to work around bugs in some 
-     third party layered service providers like virus scanners, 
-     VPN and firewall products, that do not properly handle 
-     WinSock 2 APIs.  Use this directive if your server is issuing
-     AcceptEx failed messages.
-     [Allan Edwards, Bill Rowe, Bill Stoddard, Jeff Trawick]
-
-  *) Make REMOTE_PORT variable available in mod_rewrite.
-     PR 25772.  [André Malo]
-
-  *) Fix a long delay with CGI requests and keepalive connections on
-     AIX.  [Jeff Trawick]
-
-  *) mod_autoindex: Add 'XHTML' option in order to allow switching between
-     HTML 3.2 and XHTML 1.0 output. PR 23747.  [André Malo]
-
-  *) Add XHTML Document Type Definitions to httpd.h (minor MMN bump).
-     [André Malo]
-
-  *) mod_ssl: Advertise SSL library version as determined at run-time rather
-     than at compile-time.  PR 23956.  [Eric Seidel <seidel apple.com>]
-
-  *) mod_ssl: Fix segfault on a non-SSL request if the 'c' log
-     format code is used.  PR 22741.  [Gary E. Miller <gem rellim.com>]
-
-  *) Fix build with parallel make.  PR 24643.  [Joe Orton]
-
-  *) mod_rewrite: In external rewrite maps lookup keys containing
-     a newline now cause a lookup failure. PR 14453.
-     [Cedric Gavage <cedric.gavage unixtech.be>, André Malo]
-
-  *) Backport major overhaul of mod_include's filter parser from 2.1.
-     The new parser code is expected to be more robust and should
-     catch all of the edge cases that were not handled by the previous one.
-     The 2.1 external API changes were hidden by a wrapper which is
-     expected to keep the API backwards compatible.  [André Malo]
-
-  *) Add a hook (insert_error_filter) to allow filters to re-insert
-     themselves during processing of error responses. Enable mod_expires
-     to use the new hook to include Expires headers in valid error
-     responses. This addresses an RFC violation. It fixes PRs 19794,
-     24884, and 25123. [Paul J. Reder]
-
-  *) Add Polish translation of error messages.  PR 25101.
-     [Tomasz Kepczynski <tomek jot23.org>]
-
-  *) Add AP_MPMQ_MPM_STATE function code for ap_mpm_query. (Not yet
-     supported for BeOS or OS/2 MPMs.)  [Jeff Trawick, Brad Nicholes,
-     Bill Stoddard]
-
-  *) Add mod_status hook to allow modules to add to the mod_status
-     report.  [Joe Orton]
-
-  *) Fix htdbm to generate comment fields in DBM files correctly.
-     [Justin Erenkrantz]
-
-  *) mod_dav: Use bucket brigades when reading PUT data. This avoids
-     problems if the data stream is modified by an input filter. PR 22104.
-     [Tim Robbins <tim robbins.dropbear.id.au>, André Malo]
-
-  *) Fix RewriteBase directive to not add double slashes.  [André Malo]
-
-  *) Improve 'configure --help' output for some modules.  [Astrid Keßler]
-
-  *) Correct UseCanonicalName Off to properly check incoming port number.
-     [Jim Jagielski]
-
-  *) Fix slow graceful restarts with prefork MPM.  [Joe Orton]
-
-  *) Fix a problem with namespace mappings being dropped in mod_dav_fs;
-     if any property values were set which defined namespaces these
-     came out mangled in the PROPFIND response.  PR 11637.
-     [Amit Athavale <amit_athavale persistent.co.in>]
-
-  *) mod_dav: Return a WWW-auth header for MOVE/COPY requests where
-     the destination resource gives a 401.  PR 15571.  [Joe Orton]
-
-  *) SECURITY: CVE-2003-0020 (cve.mitre.org)
-     Escape arbitrary data before writing into the errorlog. Unescaped
-     errorlogs are still possible using the compile time switch
-     "-DAP_UNSAFE_ERROR_LOG_UNESCAPED".  [Geoffrey Young, André Malo]
-
-  *) mod_autoindex / core: Don't fail to show filenames containing
-     special characters like '%'. PR 13598.  [André Malo]
- 
-  *) mod_status: Report total CPU time accurately when using a threaded
-     MPM.  PR 23795.  [Jeff Trawick]
-
-  *) Fix memory leak in handling of request bodies during reverse
-     proxy operations.  PR 24991. [Larry Toppi <larry.toppi citrix.com>]
-
-  *) Win32 MPM: Implement MaxMemFree to enable setting an upper
-     limit on the amount of storage used by the bucket brigades
-     in each server thread. [Bill Stoddard]
-
-  *) Modified the cache code to be header-location agnostic. Also
-     fixed a number of other cache code bugs related to PR 15852.
-     Includes a patch submitted by Sushma Rai <rsushma novell.com>.
-     This fixes mod_mem_cache but not mod_disk_cache yet so I'm not
-     closing the PR since that is what they are using. [Paul J. Reder]
-
-  *) complain via error_log when mod_include's INCLUDES filter is
-     enabled, but the relevant Options flag allowing the filter to run
-     for the specific resource wasn't set, so that the filter won't
-     silently get skipped. next remove itself, so the warning will be
-     logged only once [Stas Bekman, Jeff Trawick, Bill Rowe]
-
-  *) mod_info: HTML escape configuration information so it displays 
-     correctly. PR 24232. [Thom May]
-     
-  *) Restore the ability to add a description for directories that
-     don't contain an index file.  (Broken in 2.0.48) [André Malo]
-
-  *) Fix a problem with the display of empty variables ("SetEnv foo") in
-     mod_include.  PR 24734  [Markus Julen <mj zermatt.net>]
-
-  *) mod_log_config: Log the minutes component of the timezone correctly.
-     PR 23642.  [Hong-Gunn Chew <hgbug gunnet.org>]
-
-  *) mod_proxy: Fix cases where an invalid status-line could be sent 
-     to the client.  PR 23998.  [Joe Orton]
-
-  *) mod_ssl: Fix segfaults at startup if other modules which use OpenSSL
-     are also loaded.  [Joe Orton]
-
-  *) mod_ssl: Use human-readable OpenSSL error strings in logs; use
-     thread-safe interface for retrieving error strings.  [Joe Orton]
-
-  *) mod_expires: Initialize ExpiresDefault to NULL instead of "" to
-     avoid reporting an Internal Server error if it is used without
-     having been set in the httpd.conf file. PR: 23748, 24459
-     [André Malo, Liam Quinn  <liam htmlhelp.com>]
-
-  *) mod_autoindex: Don't omit the <tr> start tag if the SuppressIcon
-     option is set. PR 21668.  [Jesse Tie-Ten-Quee <highos highos.com>]
-
-  *) mod_include no longer allows an ETag header on 304 responses.
-     PR 19355. [Geoffrey Young <geoff apache.org>, André Malo]
-
-  *) EBCDIC: Convert header fields to ASCII before sending (broken
-     since 2.0.44). [Martin Kraemer]
-
-  *) Fix the inability to log errors like exec failure in
-     mod_ext_filter/mod_cgi script children.  This was broken after 
-     such children stopped inheriting the error log handle.  
-     [Jeff Trawick]
-
-  *) Fix mod_info to use the real config file name, not the default
-     config file name.  [Aryeh Katz <aryeh secured-services.com>]
-
-  *) Set the scoreboard state to indicate logging prior to running 
-     logging hooks so that server-status will show 'L' for hung loggers
-     instead of 'W'.  [Jeff Trawick]
-
-Changes with Apache 2.0.48
-
-  *) SECURITY: CVE-2003-0789 (cve.mitre.org)
-     mod_cgid: Resolve some mishandling of the AF_UNIX socket used to
-     communicate with the cgid daemon and the CGI script.
-     [Jeff Trawick]
-
-  *) SECURITY: CVE-2003-0542 (cve.mitre.org)
-     Fix buffer overflows in mod_alias and mod_rewrite which occurred
-     if one configured a regular expression with more than 9 captures.
-     [André Malo]
-
-  *) mod_include: fix segfault which occured if the filename was not
-     set, for example, when processing some error conditions.
-     PR 23836.  [Brian Akins <bakins web.turner.com>, André Malo]
-
-  *) fix the config parser to support <Foo>..</Foo> containers (no
-     arguments in the opening tag) supported by httpd 1.3. Without
-     this change mod_perl 2.0's <Perl> sections are broken.
-     ["Philippe M. Chiasson" <gozer cpan.org>]
-
-  *) mod_cgid: fix a hash table corruption problem which could
-     result in the wrong script being cleaned up at the end of a
-     request.  [Jeff Trawick]
-
-  *) Update httpd-*.conf to be clearer in describing the connection
-     between AddType and AddEncoding for defining the meaning of
-     compressed file extensions. [Roy Fielding]
-
-  *) mod_rewrite: Don't die silently when failing to open RewriteLogs.
-     PR 23416.  [André Malo]
-
-  *) mod_rewrite: Fix mod_rewrite's support of the [P] option to send
-     rewritten request using "proxy:". The code was adding multiple "proxy:"
-     fields in the rewritten URI. PR: 13946.
-     [Eider Oliveira <eider bol.com.br>]
-
-  *) cache_util: Fix ap_check_cache_freshness to check max_age, smax_age, and
-     expires as directed in RFC 2616. [Thomas Castelle <tcastelle generali.fr>]
-
-  *) Ensure that ssl-std.conf is generated at configure time, and switch
-     to using the expanded config variables to work the same as
-     httpd-std.conf PR: 19611
-     [Thom May]
-
-  *) mod_ssl: Fix segfaults after renegotiation failure. PR 21370
-     [Hartmut Keil <Hartmut.Keil adnovum.ch>]
-
-  *) mod_autoindex: If a directory contains a file listed in the
-     DirectoryIndex directive, the folder icon is no longer replaced
-     by the icon of that file. PR 9587.
-     [David Shane Holden <dpejesh yahoo.com>]
-
-  *) Fixed mod_usertrack to not get false positive matches on the
-     user-tracking cookie's name.  PR 16661.
-     [Manni Wood <manniwood planet-save.com>]
-
-  *) mod_cache: Fix the cache code so that responses can be cached
-     if they have an Expires header but no Etag or Last-Modified
-     headers. PR 23130.
-     [<bjorn exoweb.net>]
-
-  *) mod_log_config: Fix %b log format to write really "-" when 0 bytes
-     were sent (e.g. with 304 or 204 response codes).  [Astrid Keßler]
-
-  *) Modify ap_get_client_block() to note if it has seen EOS.
-     [Justin Erenkrantz]
-
-  *) Fix a bug, where mod_deflate sometimes unconditionally compressed the
-     content if the Accept-Encoding header contained only other tokens than
-     "gzip" (such as "deflate"). PR 21523.  [Joe Orton, André Malo]
-
-  *) Avoid an infinite recursion, which occured if the name of an included
-     config file or directory contained a wildcard character. PR 22194.
-     [André Malo]
-
-  *) mod_ssl: Fix a problem setting variables that represent the
-     client certificate chain.  PR 21371  [Jeff Trawick]
-
-  *) Unix: Handle permissions settings for flock-based mutexes in 
-     unixd_set_global|proc_mutex_perms().  Allow the functions to be
-     called for any type of mutex.  PR 20312  [Jeff Trawick]
-
-  *) ab: Work over non-loopback on Unix again. PR 21495. [Jeff Trawick]
-
-  *) Fix a misleading message from the some of the threaded MPMs when 
-     MaxClients has to be lowered due to the setting of ServerLimit.  
-     [Jeff Trawick]
-
-  *) Lower the severity of the "listener thread didn't exit" message
-     to debug, as it is of interest only to developers.  PR 9011
-     [Jeff Trawick]
-
-  *) MPMs: The bucket brigades subsystem now honors the MaxMemFree setting.
-     [Cliff Woolley, Jean-Jacques Clar]
-
-  *) Install config.nice into the build/ directory to make
-     minor version upgrades easier. [Joshua Slive]
-
-  *) Fix mod_deflate so that it does not call deflate() without checking
-     first whether it has something to deflate. (Currently this causes
-     deflate to generate a fatal error according to the zlib spec.)
-     PR 22259. [Stas Bekman]
-
-  *) mod_ssl: Fix FakeBasicAuth for subrequest.  Log an error when an
-     identity spoof is encountered.
-     [Sander Striker]
-
-  *) mod_rewrite: Ignore RewriteRules in .htaccess files if the directory
-     containing the .htaccess file is requested without a trailing slash.
-     PR 20195.  [André Malo]
-
-  *) ab: Overlong credentials given via command line no longer clobber
-     the buffer.  [André Malo]
-
-  *) mod_deflate: Don't attempt to hold all of the response until we're
-     done.  [Justin Erenkrantz]
-
-  *) Assure that we block properly when reading input bodies with SSL.
-     PR 19242.  [David Deaves <David.Deaves dd.id.au>, William Rowe]
-
-  *) Update mime.types to include latest IANA and W3C types.  [Roy Fielding]
-
-  *) mod_ext_filter: Set additional environment variables for use by
-     the external filter.  PR 20944.  [Andrew Ho, Jeff Trawick]
-
-  *) Fix buildconf errors when libtool version changes.  [Jeff Trawick]
-
-  *) Remember an authenticated user during internal redirects if the
-     redirection target is not access protected and pass it
-     to scripts using the REDIRECT_REMOTE_USER environment variable.
-     PR 10678, 11602.  [André Malo]
-
-  *) mod_include: Fix a trio of bugs that would cause various unusual
-     sequences of parsed bytes to omit portions of the output stream.
-     PR 21095. [Ron Park <ronald.park cnet.com>, André Malo, Cliff Woolley]
-
-  *) Update the header token parsing code to allow LWS between the
-     token word and the ':' seperator.  [PR 16520]
-     [Kris Verbeeck <kris.verbeeck advalvas.be>, Nicel KM <mnicel yahoo.com>]
-
-  *) Eliminate creation of a temporary table in ap_get_mime_headers_core()
-     [Joe Schaefer <joe+gmane sunstarsys.com>]
-
-  *) Added FreeBSD directory layout. PR 21100.
-     [Sander Holthaus <info orangexl.com>, André Malo]
-
-  *) Fix NULL-pointer issue in ab when parsing an incomplete or non-HTTP
-     response. PR 21085. [Glenn Nielsen <glenn apache.org>, André Malo]
-
-  *) mod_rewrite: Perform child initialization on the rewrite log lock.
-     This fixes a log corruption issue when flock-based serialization
-     is used (e.g., FreeBSD).  [Jeff Trawick]
-
-  *) Don't respect the Server header field as set by modules and CGIs.
-     As with 1.3, for proxy requests any such field is from the origin
-     server; otherwise it will have our server info as controlled by
-     the ServerTokens directive.  [Jeff Trawick]
-
-Changes with Apache 2.0.47
-
-  *) SECURITY: CVE-2003-0192 (cve.mitre.org)
-     Fixed a bug whereby certain sequences of per-directory
-     renegotiations and the SSLCipherSuite directive being used to
-     upgrade from a weak ciphersuite to a strong one could result in
-     the weak ciphersuite being used in place of the strong one.  
-     [Ben Laurie]
-
-  *) SECURITY: CVE-2003-0253 (cve.mitre.org)
-     Fixed a bug in prefork MPM causing temporary denial of service
-     when accept() on a rarely accessed port returns certain errors.
-     Reported by Saheed Akhtar <S.Akhtar talis.com>.  [Jeff Trawick]
-
-  *) SECURITY: CVE-2003-0254 (cve.mitre.org)
-     Fixed a bug in ftp proxy causing denial of service when target
-     host is IPv6 but proxy server can't create IPv6 socket.  Fixed by

[... 12962 lines stripped ...]


Mime
View raw message