Announcing the release of Apache 2.4.38
This release is a bug fix & stability release with no new functions or modules.
This release includes:
APR Version: 1.6.5
APU Version: 1.6.1
Brotli Version: 1.0.7
Jansson Version: 2.11
Libcurl Version: 7.63.0
LibXML2 Version: 2.9.9
LUA Version: 5.1.5 (vc11), 5.2.4 (vc14)
NGHTTP2 Version: 1.36.0
OpenSSL Version: 1.0.2q, 1.1.0j, 1.1.1a or LibreSSL 2.8.3
PCRE Version: 8.42
SQLite3 Version: 3.26.0
ZLib Version: 1.2.10
VC14 builds;
I have finally moved on to LUA 5.2 so if you are upgrading from an older release you may remove the lua51.dll.
VC11 builds;
Since PHP put out one more 5.6 release we are doing one last VC11 release, This really is the last and all VC11 downloads well be removed from the download page around the beginning of February.
You can get your copy of the new Apache HTTP Server from our download page.
Change Log for Apache 2.4.38
- August 26, 2019, 12:25:32 AM
- Welcome, Guest
News:
Welcome to Apache Haus Distribution Forum
|
11
on: January 21, 2019, 08:12:17 PM
|
||
| Started by Gregg - Last post by Gregg | ||
|
12
on: December 11, 2018, 04:51:20 AM
|
||
| Started by Gregg - Last post by Gregg | ||
|
It's been a long time since 2.9.2 came out and I was beginning to wonder about this module.
Changes in version 2.9.3; * Allow 0 length JSON requests. * Include unanmed JSON values in unnamed ARGS * Fix buffer size for utf8toUnicode transformation * Fix sanitizing JSON request bodies in native audit log format * Add sanity check for a couple malloc() and make code more resilient * Fix mpm-itk / mod_ruid2 compatibility * Code cosmetics: checks if actionset is not null before use it * Only generate SecHashKey when SecHashEngine is On * Docs: Reformat README to Markdown and update dependencies * good practices: Initialize variables before use it * Let body parsers observe SecRequestBodyNoFilesLimit * potential off by one in parse_arguments * Fix utf-8 character encoding conversion * Fix ip tree lookup on netmask content * modsecurity.conf-recommended: Fix spelling * Fix arabic charset in unicode_mapping file * Optionally preallocates memory when SecStreamInBodyInspection is on * Fixes SecConnWriteStateLimit * Added "empy chunk" check * Add capture action to @detectXSS operator * Uses LOG_NO_STOPWATCH instead of DLOG_NO_STOPWATCH * Adds missing headers You can get your copy of the new module from our download page. |
||
|
13
on: November 26, 2018, 09:27:18 AM
|
||
| Started by Gregg - Last post by mario | ||
|
Thanks!
|
||
|
14
on: November 26, 2018, 06:53:03 AM
|
||
| Started by Gregg - Last post by Gregg | ||
|
OpenSSL updated to 1.0.2q, 1.1.0j or 1.1.1a
This OpenSSL update covers 3 low severity vulnerabilities. Brotli updated to 1.0.7 NGHTTP2 updated to 1.35.0 SQLite updated to 3.25.3 You can get your copy of the new Apache HTTP Server from our download page. |
||
|
15
on: October 23, 2018, 09:00:24 AM
|
||
| Started by Gregg - Last post by mario | ||
|
I did, cause I tried on my test server and is refused to start with the dashed names. Even though httpd -S showed not error.
|
||
|
16
on: October 23, 2018, 03:34:47 AM
|
||
| Started by Gregg - Last post by Gregg | ||
|
Nope, a copy & paste overlook error. Got 3, missed one. Oh well, fixed now.
|
||
|
17
on: October 23, 2018, 02:50:46 AM
|
||
| Started by Gregg - Last post by Gregg | ||
|
Who knows? However because they're not compatible w/ tls < 1.3 it seems a good guess at least. Funny I never noticed it.
|
||
|
18
on: October 22, 2018, 10:18:51 PM
|
||
| Started by Gregg - Last post by mario | ||
|
Indded, it is different.. I wonder why. O_o
|
||
|
19
on: October 22, 2018, 09:54:21 PM
|
||
| Started by Gregg - Last post by mario | ||
|
I wonder why the TLS 1.3 cipher names are with underscore while the other are not?
Shouldn't it be like SSLCipherSuite TLSv1.3 ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384 ?? |
||
|
20
on: October 22, 2018, 09:44:34 PM
|
||
| Started by Gregg - Last post by mario | ||
|
.35 again
 I guess it is a typo of copy and paste. |
||