Bugs reported in 1.1.1:
Bugs fixed in next release:
Report of core dumps in includes module on some error
dbmmanage (in the support directory) did not use a random
salt when creating a password
Directory module could core dump when indexing empty
Apache is being prepared for a public beta release. While
there is currently no date set for the release, the
development work has slowed down to allow the internal
testing of a stable version.
The following items are under development and may be included
in the next release of Apache. See our Apache 1.2
Sneak Preview for other new features in the next release.
There have been some changes to the module API in the
upcoming release. Some of these may need changes in existing
modules, and are necessary to support the new HTTP/1.1
protocol. However most of the changes are enhancements that
should not affect existing modules, provided that they are
One such change is that directives can now take optional
arguments, and can 'decline' to handle commands. This allows
more than one module to handle a particular directive, only
taking action if it wants to, based on a argument. For
example the AuthUserFile directive in the NCSA
server takes a second argument giving a file type (either dbm
or standard). These two formats are handled by different
modules in Apache, so in previous releases each module has
had to use its own directive (the DBM module added a
directive AuthDBMUserFile). In the next release, the
DBM module will use the same command. It will look at the
file type argument, and if it is not "dbm" it will
decline to handle the directive.
An effort is being made to separate the modules from the
'core' Apache code. Starting with the (new) proxy module,
modules will be distributed in a 'modules' subdirectory of
'src'. This will leave the core Apache code (the http_*.c
files, and other support code) in the src directory.
As reported in Apache Week
34, there is a bug in the old phf cgi-bin program
which is currently being exploited. The next release will
come with sample cgi-bin code to log requests for this file,
which could be used to track down the culprits.
The new version of the Hypertext Transfer Protocol, HTTP/1.1, has become a Proposed Standard, and will
shortly be issued as an RFC.
Digest Authentication will form part of the HTTP/1.1
specification (either as a part of the HTTP/1 RFC, or a
separate but linked RFC).
The new standards will be placed on the "standards track"
which means they are intended to become an official Internet
standard in the future. The first stage of the standards
track is "Proposed Standard", which means that the standard
has been through a detailed design period, but is not
necessarily implemented. To move to a status of "Draft
Standard" requires two independant and interoperable
implementations. The final stage is "Internet Standard",
which follows the Draft Standard stage when there has been
significant operational experience, and will provide a
significant benefit to the Internet.