Apache 2.0.42 was released on 24th September 2002 and is
now the latest version of the Apache server. This is the fifth stable
release of Apache 2.0, following up on 2.0.40 which was released on
9th August 2002. Read our special
feature for more information about the history of Apache
Apache 2.0.42 is available in source form for compiling on Unix or
Windows, for download from the main Apache site or from
any mirror download
This is mainly a bug-fix release with a few new features. Users
should upgrade if they will be affected by the particular bugs
mentioned below or would like to use any of the new features.
The security fixes in this release are:
- Fix a segfault in mod_dav if a particular OPTIONS
request is received for a DAV-enabled location, where a DAV repository
is configured which does not support versioning (such as that provided
Users of thread-based MPMs on Unix platforms such as
worker should be aware that a segfault in a single worker
thread will terminate all other worker threads within that process;
segfaults which can be triggered remotely allow a Denial of Service
attack in such configurations.
The new features in this release are:
- A new directive, AddOutputFilterByType, was
added to make it possible to add multiple filters per directive.
Include directives may now have wildcards
in the final part of the path.
- Fixes for mod_cache to ensure that cache file
names are chosen which are unique for all virtual hosts and query
- A new directive, ModMimeUsePathInfo, can be
used to make mod_mime consider the path info
component of URIs.
mod_cache now has support for caching streamed
responses such as proxy or CGI responses. A new directive,
CacheMaxStreamingBuffer, was added to tune this
- The experimental leader/followers MPM was restored to working
condition and its thread synchronization method was changed.
- Add BufferedLogs directive to enable or disable
buffered server logs at run-time. Add support for third party modules
to handle writes to log files.
- The ServerTokens has a new maj
option to only show the major version.
- The performance of keepalive requests was improved.
The bugs fixed in this release include:
- Segmentation faults were fixed in mod_cache
- Memory leaks were plugged in the server core and in the chunking
- Parsing of the protocol version (e.g. HTTP/1.1) in the request line is
now case insensitive.
mod_disk_cache's generation of 304s was fixed.
The module as a whole is much improved, although it must still be
mod_cache now does not cache responses to GET
requests with URLs containing a query segment unless the origin server explicitly provides
an Expires header on the response.
- The operation of FileETags none was fixed. BZ#12207
mod_rewrite was changed to use apr-util's database
support for database rewrite maps. The database type (e.g. ndbm, gdbm) can now
be specified in the RewriteMap directive. BZ#10644
mod_rewrite's prg: support was fixed
so that request/response pairs no longer get out of sync with each
- Various tweaks were made to mod_rewrite's cookie
support: they may now be set on errors, the correct expiry date is
used, logging was improved, and the path can now be set.
BZ#12132, BZ#12181, BZ#12172
mod_ext_filter's handling of quoted and escaped
command args was fixed. BZ#11793
mod_proxy now handles proxied responses with no
- The message printed when a module is rejected due to
incompatibility now prints the actual version number of the failed
module and the server. BZ#11213
mod_proxy_ftp was made thread-safe.
- Fix logic to prevent non-HTML files from being compressed by
- The content-length filter no longer tries to buffer up the entire
output of a long-running request before sending anything to the
- The unused CacheOn directive was removed.
The following platform-specific changes have been made:
- The default stack size was decreased on Win32 to allow around 8000
threads to be started per child process.
- The ThreadLimit directive was added to the
- A bug was fixed whereby environment or command line arguments
containing non-ASCII-7 characters would cause the child process
creation to fail on Win32. BZ#11854
Following the 2.0.42 release this week, a
1.3.27 release is due soon. No major changes have been made since the
last 1.3 release; some protocol checks have been relaxed, several
platform-specific fixes are included notably adding support for
Caldera OpenUNIX 8, and a few minor bugs have been fixed.
There was some discussion on the development list concerning the
potential advantages of a 2.0 filter module which strips unnecessary
whitespace and comments from HTML content being served. Several
developers felt this was of limited benefit; the
mod_gzip module being a better way of saving
bandwidth. Jeff Trawick
noted that the mod_ext_filter module could
already be used to do this by filtering
content through an external program such as HTML Tidy, however this would
add a lot of overhead to the server.
In this section we highlight some of the articles on the web that are of
interest to Apache users.
Sys Admin magazine presents
"Using Oracle with Apache and PHP on Linux"
which shows you how to access an Oracle database via PHP running on
an Apache web server. The versions of softwares used in the examples
are Red Hat 7.3, Apache 1.3.23, PHP 4.1.2, and Oracle 9i (22.214.171.124.0.).
The Developer Shed continues with the fourth
installment of the series on Web applications entitled "The Art Of
fills the gap between the completion of coding and the delivery
of the software to the customer. The list of tasks to be completed includes
developing suitable test cases for unit, system, and acceptance
testing, preparing a detailed test plan, testing and debugging the
software, and preparing the documentation such as the user manual,
developer's guide, and API specifications.
"Moodss - Modular Administration"
talks about the Modular Object Oriented Dynamic SpreadSheet (Moodss)
which is a freely downloadable graphical monitoring application.
Currently there are 34 modules available which can be loaded to
monitor any sort of data, from monitoring network activity to
monitoring an Apache web server with a MySQL database as the
data provider for the dynamic pages.
We received just under 400 entries to our recent competition,
although 6 of those were spam and two people thought that the M in
XML stood for Microsoft. The right answer was of course "Markup", so
congratulations to the two lucky winners chosen at random;
Tom Caldwell and Francis Lee - your books will be in the post.
Read the Apache Week
review of Professional PHP4 XML and look out for
more book competitions and reviews coming soon.