In this issue

Apache Site: www.apache.org
Release: 1.2.5 (Released 5^th January 1998) (local download sites)
Beta: 1.3b3 (Released 20^th November 1997) (local download sites)

Apache 1.2.5 is the current stable release. Users of Apache 1.2.4 and earlier should upgrade to this version since it fixes a number of bugs and potential security problems. The next major release will be 1.3. A beta test release of 1.3 is available now for both Unix and Windows 95/NT systems.

These bugs have been found and fixed in 1.3b4.

Because of the major differences between Windows and Unix, these are separated into bugs which affect Windows systems only, and other bugs (which may affect Windows as well). Unix users can ignore the bugs listed in the Windows section.

Windows-specific Bugs

• The PID file was not being created on Windows systems.

Other Bugs

• If a CGI sends back a Connection: close header, Apache would send Connection: close, close to the browser. This has no bad effect but is a slight waste of bandwidth.
• RewriteLog would log full hostnames, even if HostnameLookups Off was given.
• The proxy was sending HTTP/1.1 responses to ftp requests.
• Apache was not correctly reading POST data if an error occurred during a keepalive session. This can show up as a problem with POSTs to authenticated pages when using MSIE 4.

Patches for bugs in Apache 1.2.5 may be made available in the apply to 1.2.5 directory on the Apache site. Some new features and other unofficial patches are available in the 1.2 patches directory (these may not apply cleanly to 1.2.5). For details of all previously reported bugs, see the Apache bug database and known bugs pages. Many common configuration questions are answered in the Apache FAQ.

Development has slowed down to prepare for the release of Apache 1.3. During the beta release cycle Apache is in a "feature freeze" where no major new features will be added.

The following definitions have been changed for the next 1.3 beta release:

• SAFE_UNSERIALIZED_ACCEPT has been changed to SINGLE_LISTEN_UNSERIALIZED_ACCEPT
  If defined, this means that when using a single socket (i.e. no more than one Listen), this OS can allow multiple processes to accept on that socket at once. Otherwise Apache will enforce mutual exclusion between the processes.
• HAVE_MMAP has been changed to USE_MMAP_SCOREBOARD
  When defined, Apache will use "mmap" memory to store the scoreboard between the Apache child processes
• HAVE_SHMGET has been changed to USE_SHMGET_SCOREBOARD
  When defined, Apache will use shared memory to store the scoreboard between the Apache child processes

These are set appropriately for each operating system in the src/main/conf.h file

The module to allow Apache to use Java servlets has been updated. Available from java.apache.org, the mod_jserv code comprises an Apache module to interface to a servlet server, and a set of Java classes to communicate with servlets using the servlet API. The Java Development Kit (JDK) and Java Servlet Development Kit (JSDK) are also required to run mod_jserv (in a later release, the JSDK will not be required). mod_jserv is currently in an "alpha" stage of development.

There are other modules to interface Apache to Java servlets, and these are listed on java.apache.org.

ZD Net's AnchorDesk site reports that Apache Web Servers Gain More Ground. This article looks at the various server usage figures. It also contains a link to an article which praises Apache for scalability, features and flexibility in The World's Cheapest Web Server. The World's Most Popular Web Server. (Psst! It's the Same One!). This article does not treat the fact that Apache is free as a disadvantage: "But Apache's main draw isn't that it's free. ". There is also an announcement of Apache for NT.