Apache 2.0.44 was released on 21st January 2003 and is
now the latest version of the Apache 2.0 server. The previous
release was 2.0.43, released on the 3rd October 2002.
See
what was new in Apache 2.0.43.
Apache 2.0.44 is
available for download.
This is a security, bug fix and minor upgrade release.
Due to security issues, any sites using versions prior to
Apache 2.0.44 on Windows should upgrade to Apache 2.0.44.
Read more
about the other security issues that affect Apache 2.0.
The following bugs were found in Apache 2.0.43 and have been
fixed in Apache 2.0.44:
- Allow escaping % sign in CustomLog
format strings
-
mod_setenvif: fix
BrowserMatchNoCase for non-regex patterns.
- Return appropriate MIME response headers for negotiated
responses from a body embedded in a type-map
- Prevent 416 "Range not satisfiable" response in place of a
redirect
- Prevent files being left open for the duration of a
keepalive connection, which could cause a "Too many open files"
error
-
mod_ssl: several fixes for memory
handling and leaks
-
mod_proxy: fix invalid
Content-Length from pages fetched during server-side
include processing.
- LDAP modules: ensure correct load order in httpd.conf
(BZ#14256); fix compatibility with Netscape LDAP libraries;
fix Win32 build
-
mod_deflate: fix a memory leak when
compressing dynamic content; always emit
Vary headers
-
mod_isapi: fix several compatibility
problems (BZ#14399, BZ#10408), and fix bug which
caused invalid responses or log entries (BZ#10216)
- CGI modules: fix streaming output from "nph-" scripts, for
example CGI::IRC (BZ#8482); fix construction of command line
from query strings (BZ#13914), handle environment variables
which contain newlines in mod_cgid (BZ#14550); terminate CGI scripts when connection is dropped (BZ#8388)
- Caching modules: many bug fixes (including BZ#14556), and an HTTP compliance fix (BZ#14556)
