In this issue

Apache Site: www.apache.org
Release: 1.3.1 (Released 22^nd July 1998) (local download sites)
Beta: None

Apache 1.3.1 is the current stable release. Users of Apache 1.2.6 and earlier should look at upgrading to this version, which provides additional features and has been subject to extensive testing.

The bugs listed below now include a link to the entry in the Apache bug database where the problem is being tracked. These entries are called "PR"s (Problem Reports). Some bugs do not correspond to problem reports if they are found by developers.

These bugs have been found in 1.3.1 and will be fixed in the next version.

Because of the major differences between Windows and Unix, these are separated into bugs which affect Windows systems only, and other bugs (which may affect Windows as well). Unix users can ignore the bugs listed in the Windows section.

Windows-specific Bugs

• The sample UserDir directive in srm.conf contains an invalid leading slash. It should be removed before this directive is uncommented. PR#2893.

Other Bugs

• A bug in the AIX compiler can cause errors like "Expected </Directory> but saw </Directory>". There is a work-around in PR#2853, but it should not be necessary.

Patches for bugs in Apache 1.3.1 will be made available in the apply_to_1.3.1 subdirectory of the patches directory on the Apache site. Some new features and other unofficial patches are available in the 1.3 patches directory. For details of all previously reported bugs, see the Apache bug database and known bugs pages. Many common configuration questions are answered in the Apache FAQ.

The width of the filename column in a directory list output will now be automatically set to the correct size.

The Apache test program (ab.c) can now send POST data in requests.

A new module called mod_ssl is available to add SSL encryption to Apache. This is a development of the currently available set of patches, called Apache-SSL.

mod_ssl links Apache to SSLeay, which is a freely available library of providing SSL (and TLS) encryption functions. mod_ssl comes with full documentation, and is closely integrated with Apache (for example, it is configured through the configure program). Because mod_ssl is developed and distributed outside the US, it can use strong 128 bit encryption.

Apache-SSL and mod_ssl can be used outside the US without fee, but are restricted within the US because of patents held by RSA on some encryptions algorithms required by SSL. (Some other algorithms, such as IDEA, are patented in other countries, but these algorithms are not required for SSL).

The Apache Group is organising the first ever conference dedicated to Apache, which will be held in San Francisco this October. ApacheCon 98 is aimed at both Apache developers and Apache users. The tracks planned for the conference cover dymanic content, performance tuning, security and case studies. The conference will also feature a trade show.

For more information, see www.apachecon.com. As well as attending, there are opportunities to exhibit at the trade show, become a sponsor, or submit a paper to be presented.