In this issue
Apache Site: www.apache.org
Bugs in 1.2.4:
Release: 1.2.4 (Released 22nd August 1997)
Beta: 1.3b2 (Released 16th October 1997)
Attempts to do a PUT to a directory do not work, instead
Apache reports "method not implemented".
Apache does not accept continuation lines in the header
output of CGI scripts. The CGI specification does not
define whether this is valid. For now, CGI scripts should
not use continuation lines.
Apache 1.2.4 is the current stable release. Users of Apache
1.2.3 and earlier should upgrade to this version. The next
release will be 1.3. A beta test release of 1.3 is available
now for both Unix and Windows 95/NT systems. It is currently
only available as source code.
Apache 1.3 is now in beta test. The most recent release is
1.3b2 (there was no 1.3b1). This is available in source form
for both Unix and Windows 95/NT. It was hoped to get a binary
release for Windows, but this is likely to be available for
the next beta because of a number of important bugs found and
fixed in 1.3b2.
Bugs in 1.3b2
These bugs have been reported in 1.3b2 and are either not
fixed, or have not been reproduced by the Apache developers.
Apache fails if a command line argument contains spaces,
for example Apache -d "Program FilesApache". This appears
to be a bug in NT, but a work-around will be implemented
for future releases.
Windows only: reports of servers being unable to serve more
that 16kB files. This has not been reproduced.
OS specific problems: i386 AIX does not compile, some
versions of HPUX have problems with regular expressions,
some versions of NETBSD did not get correct compilation
information, Unixware 2.x does not compile, Ultrix does not
compile, UnixWare 5 not supported, SVR4 systems should all
use shared memory. Fixes for all these are under
development and test.
Bugs fixed in 1.3b3
These bugs have been found and fixed in 1.3b3. Because of the
major differences between Windows and Unix, these are
separated into bugs which affect Windows systems only, and
other bugs (which may affect Windows as well). Unix users can
ignore the bugs listed in the Windows section.
Data sent to a CGI used DOS "text" mode, making it
impossible to send in arbitary POST data. Next release will
use "binary" pipes.
Calling a CGI with a query string which did not include an
= sign caused Apache to crash.
Windows 95 only: DirectoryIndex fails,
returning a "Not Found" error instead of the file.
if a CGI process was not created correctly, Apache would
log a "premature end of headers" rather than a
Compiling Apache requires that the ODBC import libraries
Various "global" directives, such as
StartServers are valid inside
<VirtualHost> sections, which might make
people think they are configurable on a per-vhost basis.
They should instead give an error if used inside a virtual
LogLevel does not give an error if its
argument is invalid
The mod_speling module logs modifications it makes to
request URLs as errors instead of informational messages.
mod_speling gives some warnings during compilation on
None of the section directives (<Directory>,
<VirtualHost>, etc) checked that the block was closed
before the end of file.
<Directory>, <Location> and <Files>
ignored extra arguments, which could hide problems if
people try to restrict multiple directories or files at
When Apache starts servers quickly it logs "[error] server
seems busy, spawning 4 children". This is not necessarily
mod_unique's UNIQUE_ID environment variable is not part of
the environment of scripts launched via suEXEC.
Error messages directive syntax error can have the wrong
line number, because blank lines are not counted properly.
Patches for bugs in Apache 1.2.4 may be made available in the
to 1.2.4 directory on the Apache site. Some new features
and other unofficial patches are available in the 1.2
patches directory. For details of all previously reported
bugs, see the Apache bug database and
bugs pages. Also many common configuration questions are
answered in the Apache FAQ.
Development has slowed down over the last couple of weeks to
prepare for the release of Apache 1.3. Now that the first
beta is out, Apache is in a "feature freeze" where no new
features will be added. The only changes from now on will be
Microsoft's FrontPage 98 server extensions for Apache had
serious security holes, which could lead to anyone on the
local system becoming any other user. This was reported on
Ziff-Davis' UK site, as MS patches
IE hole, FrontPage still gaping (along with an Internet
Explorer 4.0 security problem).
Microsoft have now
released an updated set of server extensions, which it is
claimed fix the security problems. The description of how the
new server extensions work does appear much better than the
Comments or criticisms? Please email us at firstname.lastname@example.org