In this issue

Apache 1.3.6 was released on 25^th March 1999 and is now the latest version of the Apache server. The previous release was 1.3.4 (version 1.3.5 was never made publically available). Apache 1.3.6 is available in source form for compiling on Unix or Windows, in pre-compiled form for many common versions of Unix, and in pre-compiled for as an single-file installer on Windows. All the pre-compiled forms also include full source code. All all available for download from any Apache local download site.

This is a bug fix and minor upgrade release, with a few new features. Users on Unix systems should upgrade to fix various bugs. Users on Windows systems should consider whether to upgrade, because htpasswd files that worked with 1.3.4 and earlier will not work with 1.3.6 unless updated.

The main new features in 1.3.6 (compared to 1.3.4) are:

• Logging can be conditional based on whether an environment variable is set or not (see the CustomLog directive).
• mod_rewrite has much faster DBM and TXT maps through the use of an internal cache.
• Passwords in htpasswd files can be encrypted with MD5 instead of DES. On windows this allows encrypted passwords for the first time, using the new bin/htpasswd.exe program.
• Access restrictions can be applied to all methods (known and unknown) apart from specific named ones, with the new <LimitExcept...> section.
• On Windows, additional Start menu items have been added and the bug where the conf files where not being created has been fixed.
• On Windows, it is now possible to tell Apache to use the registry to find how to execute CGI scripts based on the file extension, with the new ScriptInterpreterSource directive.

Apache Site: www.apache.org
Release: 1.3.6 (Released 25^th March 1999) (local download sites)
Beta: None

Apache 1.3.6 is the current stable release. Users of Apache 1.3.4 and earlier on Unix systems should upgrade to this version. Read the Guide to 1.3.6 for information about changes between 1.3.4 and 1.3.6 and between 1.2 and 1.3.6.

Most bugs listed below include a link to the entry in the Apache bug database where the problem is being tracked. These entries are called "PR"s (Problem Reports). Some bugs do not correspond to problem reports if they are found by developers.

These bugs have been found in 1.3.4 and will be fixed in the next release.

Because of the major differences between Windows and Unix, these are separated into bugs which affect Windows systems only, and other bugs (which may affect Windows as well). Unix users can ignore the bugs listed in the Windows section.

Windows-specific Bugs

• Existing htpasswd files, which use unencrypted passwords, will not work with Apache 1.3.6. If you have htpasswd files with plain text passwords you will have to convert them to use encrypted passwords with the bin/htpasswd.exe program provided in 1.3.6. PR#4142.

Patches for bugs in Apache 1.3.6 will be made available in the apply_to_1.3.6 subdirectory of the patches directory on the Apache site. Some new features and other unofficial patches are available in the 1.3 patches directory. For details of all previously reported bugs, see the Apache bug database and known bugs pages. Many common configuration questions are answered in the Apache FAQ.