(3)
Your rating: Now say why...
- Download Now
6.9 MB -
Visit Developer's Site
Apache Software Foundation
Apache is the most popular internet webserver application in the world. It's created by a collaborative effect of software developers.
The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation. These volunteers are known as the Apache Group. In addition, hundreds of users have contributed ideas, code, and documentation to the project.
The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation. These volunteers are known as the Apache Group. In addition, hundreds of users have contributed ideas, code, and documentation to the project.
What's New
Version 2.2.22:
- SECURITY: CVE-2011-3368 (cve.mitre.org) Reject requests where the request-URI does not match the HTTP specification, preventing unexpected expansion of target URLs in some reverse proxy configurations. [Joe Orton]
- SECURITY: CVE-2011-3607 (cve.mitre.org) Fix integer overflow in ap_pregsub() which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file. [Stefan Fritsch, Greg Ames]
- SECURITY: CVE-2011-4317 (cve.mitre.org) Resolve additional cases of URL rewriting with ProxyPassMatch or RewriteRule, where particular request-URIs could result in undesired backend network exposure in some configurations. [Joe Orton]
- SECURITY: CVE-2012-0021 (cve.mitre.org)
mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format
string is in use and a client sends a nameless, valueless cookie, causing
a denial of service. The issue existed since version 2.2.17. PR 52256.
[Rainer Canavan
] - SECURITY: CVE-2012-0031 (cve.mitre.org) Fix scoreboard issue which could allow an unprivileged child process could cause the parent to crash at shutdown rather than terminate cleanly. [Joe Orton]
- SECURITY: CVE-2012-0053 (cve.mitre.org) Fix an issue in error responses that could expose "httpOnly" cookies when no custom ErrorDocument is specified for status code 400. [Eric Covener]
- mod_proxy_ajp: Try to prevent a single long request from marking a worker in error. [Jean-Frederic Clere]
- config: Update the default mod_ssl configuration: Disable SSLv2, only allow >= 128bit ciphers, add commented example for speed optimized cipher list, limit MSIE workaround to MSIE <= 5. [Kaspar Brand]
- core: Fix segfault in ap_send_interim_response(). PR 52315. [Stefan Fritsch]
- mod_log_config: Prevent segfault. PR 50861. [Torsten F�rtsch
] - mod_win32: Invert logic for env var UTF-8 fixing. Now we exclude a list of vars which we know for sure they dont hold UTF-8 chars; all other vars will be fixed. This has the benefit that now also all vars from 3rd-party modules will be fixed. PR 13029 / 34985. [Guenter Knauf]
- core: Fix hook sorting for Perl modules, a regression introduced in 2.2.21. PR: 45076. [Torsten Foertsch
] - Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20: A range of '0-' will now return 206 instead of 200. PR 51878. [Jim Jagielski]
- Example configuration: Fix entry for MaxRanges (use "unlimited" instead of "0"). [Rainer Jung]
- mod_substitute: Fix buffer overrun. [Ruediger Pluem, Rainer Jung]
Version 2.2.22:
- SECURITY: CVE-2011-3368 (cve.mitre.org) Reject requests where the request-URI does not match the HTTP specification, preventing unexpected expansion of target URLs in some reverse proxy configurations. [Joe Orton]
- SECURITY: CVE-2011-3607 (cve.mitre.org) Fix integer overflow in ap_pregsub() which, when the mod_setenvif module is enabled, could more...
Requirements
PPC / Intel, Mac OS X 10.1 or later
PPC / Intel, Mac OS X 10.1 or later
Apache User Discussion (Write a Review)
Overall:
(3)
(3)
-
-
-
Apache is the most popular internet webserver application in the world. It's created by a collaborative effect of software developers.
The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation. These volunteers are known as the Apache Group. In addition, hundreds of users have contributed ideas, code, and documentation to the project.
The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation. These volunteers are known as the Apache Group. In addition, hundreds of users have contributed ideas, code, and documentation to the project.
Copyright © 2012 MacUpdate LLC
- -
+3
+17
Trashie reviewed on 23 May 2011
-1
+66
cenocre reviewed on 22 Jan 2008
I have been migrating my servers to Litespeed and Abyss. Both are faster, MUCH easier to configure, utterly stable, have easily accessible features, and are much more tolerant to configuration errors (a very minor error will not take the entire server offline. They have free versions and the little bit that they cost for most other versions is well worth the lack of headaches.
-1
+2
-1
As a thumb of rule, relying on a packaging system has many advantages. The drawback is that the software you want might not be packaged, in that case, it is not recommanded to try to install itself but rather add the package yourself, or ask the community to do it.
+11
Dystopia rated on 12 May 2011