Apache 2.2.10

Prevents XSS attacks when using wildcards in the path of the FTP URL;
allows for smax to be 0 for balancer members so all idle connections are able to be dropped should they exceed ttl;
don't trigger a retry by the client if a failure to read the response line is the result of a timeout;
supports chroot on Unix-family platforms;
implements dynamic mutex callbacks for the benefit of OpenSSL;
added 'bybusyness' load balance method;
detect during startup when AuthDigestProvider is configured to use an incompatible provider via AuthnProviderAlias;
added 'scolonpathdelim' parameter to allow for ';' to also be used as a session path separator/delim PR 45158;
avoid dropping error responses by handling meta buckets correctly;
introduced environment variable proxy-initial-not-pooled to avoid reusing pooled connections if the client connection is an initial connection;
allow Cookie option to set secure and HttpOnly flags;
rewrite shmcb to avoid memory alignment issues. PR 42101;
added connectiontimeout parameter for proxy workers in order to be able to set the timeout for connecting to the backend separately;
retrieved minimal system information about directory entries when walking a DAV fs, resolving a performance degradation on Windows;
pass along empty command line arguments from an ISINDEX query that has consecutive '+' characters in the QUERY_STRING, matching the behavior of mod_cgi;
prevents Header edit from processing only the first header of possibly multiple headers with the same name and deleting the remaining ones;
various other fixes

Release Date: Nov 03, 2008