ServerWatch content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.
subrequests. A bunch of cruft related to BUFF's support for
translating response bodies was removed. [Jeff Trawick]
*) Move the addition of the CORE filter to the post_read_request
hook in http_core.c. This removes the need to add the filter in
multiple places and allows for an SSL module to be added much
simpler. [Ryan Bloom]
*) Fix a security problem that affects certain configurations of
mod_rewrite. If the result of a RewriteRule is a filename that
contains expansion specifiers, especially regexp backreferences
sh.. and %0..%9, then it may be possible for an attacker to
access any file on the web server. [Tony Finch]
*) Fix a bug where errors that are detected during early request parsing
don't produce visible HTTP error messages at the browser, because
the core_filter wasn't present. [Greg Ames]
*) Provide apr_socklen_t as a portability aid.
[Victor J. Orlikowski]
*) Overhaul of dbmmanage to allow a groups arg (as in Apache 1.2)
as well as a comment arg to the add, adduser and update cmds.
update allows the user to clear or preserve pw/groups/comment.
Fixed a bug in dbmmanage that prevented the check option from
parsing a password followed by :group... text. Corrected the
seed calcualation for Win32 systems, and added -lsdbm support.
[William Rowe]
*) Configured mod_auth_dbm to compile with sdbmlib under Win32.
[William Rowe]
*) Avoid a segfault when parsing .htaccess files. An
uninitialized tree pointer was passed to ap_build_config().
[Jeff Trawick]
*) Change the way that inet_addr & inet_network are checked for
in APR's configure process to allow BeOS BONE to correctly
find them. With this change BeOS BONE now builds from source
with no problems. [David Reid]
*) Fix a bug in apr_create_process() for Unix. The NULL signifying