In this issue

Apache Site: www.apache.org
Release: 1.3.3 (Released 9^th October 1998) (local download sites)
Beta: None

Apache 1.3.3 is the current stable release. Users of Apache 1.2.6 and earlier should look at upgrading to this version. Read Guide to 1.3.3 for information about changes between 1.2 and 1.3.3.

Most bugs listed below include a link to the entry in the Apache bug database where the problem is being tracked. These entries are called "PR"s (Problem Reports). Some bugs do not correspond to problem reports if they are found by developers.

These bugs have been found in 1.3.3 and will be fixed in the next release.

Because of the major differences between Windows and Unix, these are separated into bugs which affect Windows systems only, and other bugs (which may affect Windows as well). Unix users can ignore the bugs listed in the Windows section.

Windows-specific Bugs

• If a script cannot be run because the interpreter specified on the initial #! line did not start correctly, log the interpreter filename and the reason it did not work.
• Doing a nmake clean did not clean the files created for mod_rewrite. PR#3100.
• More problems with the way that paths starting with drive letters and UNC designations where handled. PR#2555, PR#2915, PR#3064, PR#3232.

Other Bugs

• Add port to Concurrent PowerMAX OS.
• Certain error conditions (such as when a handler name was defined but no handler was available with that name) would result in the wrong error status.

Patches for bugs in Apache 1.3.3 will be made available in the apply_to_1.3.3 subdirectory of the patches directory on the Apache site. Some new features and other unofficial patches are available in the 1.3 patches directory. For details of all previously reported bugs, see the Apache bug database and known bugs pages. Many common configuration questions are answered in the Apache FAQ.

A module is now available to add authoring support to Apache. This module is mod_dav, and is not part of the Apache project (it is also under a different license, the "LGPL" which places restrictions on the sale of modified versions). This extends Apache to support the IETF Distributed Authoring and Versioning (DAV) protocol currently under development. This is a standardized protocol for remote authoring of web pages. This is similar to the what is currently provided by editors such as FrontPage which use proprietary protocols. DAV providers more than just remote authoring. It also handles full site management, versioning and other web-based data management.

At present, there are no DAV clients available. However Microsoft has a press release announcing support for WebDAV in future products. Also now that the server side is available for a popular server it might encourage the development of additional clients.

The monthly Netcraft server survey shows that Apache is by far the most commonly used web server on the Internet. Now another survey shows figures for server usage amongst just the largest US corporations. The Sitemetrics server survey looks at only web servers owned by US corporations with turnovers in excess of US$10 million per year. This is a total of 53,265 sites (compared to Netcraft's 3,358,969).

Amongst the large US corporations, Apache is used on about 36% of sites, Microsoft on 28%, and Netscape on 19%. The share held by Apache is fairly unchanged since the first survey in March 1998, while Microsoft has increased and Netscape decreased. They also analysed the results by company turnover, which shows that Apache is far more widely used in lower revenue companies. Since this survey does not look at companies below a US$10 million turnover, this explains why it shows Apache with just a 36% market share. However even amongst high turnover companies, Apache is the most widely used server in all turnover bands except for companies with over US$1 billion turnover.

This week saw the apparent "leak" of an internal Microsoft memo about the threat of open source software (OSS) to Microsoft. This memo was published on the web by Eric Raymond, an open source proponent known for his " The Catheral and the Bazaar" essay on source development models. He called it Halloween I and annotated it with his comments. (There is also a second, less controvesial, meo called Halloween II, and an apparent response by Microsoft Netherlands, available from The Halloween Documents).

Various news sources report that Microsoft has confirmed the memo to genuine. For example, Wired.com reported on MS: Open Source is Direct Threat.

The memo, if real, gives an apparent insight into how Microsoft regards the development of an active open source software movement, with widely used and accepted products such as Apache and Linux. It says that Microsoft regards these products as real and credible threats to Microsoft's own business, and notes that Microsoft must compete against not just the products, but the open source process itself which leads to the development of highly reliable and widely used software. The main way to target open source, the memo suggests, is to extend the underlying protocols so that they are proprietary, or to integrate the protocols very closely with proprietary architecture (such as an operating system). This they call "decommodising" the protocols, since the modified protocol is no longer open for use by any protocol-compliant software.

Reaction to the memo has been varied. Some people have suggested that is was convenient for a Microsoft memo which shows the threat to Microsoft to be release at the same time that the software company is being investigated for monopolistic tactics by the US government. Another viewpoint published on the PBS television stations' web site in Where is Eleanor Roosevelt When We Need Her? Why the Linux World is Upset and Shouldn't Be argues that free software should only be concerned about the product, and not about market share. That is an interesting opinion, since Apache was never developed with an aim of becoming a widely used server: it was just going to be a accurate implementation of the HTTP protocol in free souce to allow for extensions by users. However the if open source developers looked only at following the protocols they may find that the ground is moved away from under them if companies (such as Microsoft) were to make protocols proprietary or bypass the open protocols completely.