Apache 2.0alpha7 Released Page 5

By Marty Pitts (Send Email)
Posted Oct 9, 2000


     subrequests.  A bunch of cruft related to BUFF's support for
     translating response bodies was removed.  [Jeff Trawick]
 
  *) Move the addition of the CORE filter to the post_read_request
     hook in http_core.c.  This removes the need to add the filter in
     multiple places and allows for an SSL module to be added much
     simpler. [Ryan Bloom]                                                  

  *) Fix a security problem that affects certain configurations of
     mod_rewrite. If the result of a RewriteRule is a filename that
     contains expansion specifiers, especially regexp backreferences
     sh.. and %0..%9, then it may be possible for an attacker to
     access any file on the web server. [Tony Finch]
 
  *) Fix a bug where errors that are detected during early request parsing
     don't produce visible HTTP error messages at the browser, because
     the core_filter wasn't present.  [Greg Ames]
 
  *) Provide apr_socklen_t as a portability aid.
     [Victor  J. Orlikowski]
 
  *) Overhaul of dbmmanage to allow a groups arg (as in Apache 1.2)
     as well as a comment arg to the add, adduser and update cmds.
     update allows the user to clear or preserve pw/groups/comment.
     Fixed a bug in dbmmanage that prevented the check option from
     parsing a password followed by :group... text.  Corrected the
     seed calcualation for Win32 systems, and added -lsdbm support.
     [William Rowe]
 
  *) Configured mod_auth_dbm to compile with sdbmlib under Win32.
     [William Rowe]
 
  *) Avoid a segfault when parsing .htaccess files.  An
     uninitialized tree pointer was passed to ap_build_config().
     [Jeff Trawick]
 
  *) Change the way that inet_addr & inet_network are checked for
     in APR's configure process to allow BeOS BONE to correctly
     find them. With this change BeOS BONE now builds from source
     with no problems.  [David Reid]
 
  *) Fix a bug in apr_create_process() for Unix.  The NULL signifying



Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.