In this issue

Apache Site: www.apache.org
Release: 1.3.6 (Released 25^th March 1999) (local download sites)
Beta: None

Apache 1.3.6 is the current stable release. Users of Apache 1.3.4 and earlier on Unix systems should upgrade to this version. Read the Guide to 1.3.6 for information about changes between 1.3.4 and 1.3.6 and between 1.2 and 1.3.6.

Most bugs listed below include a link to the entry in the Apache bug database where the problem is being tracked. These entries are called "PR"s (Problem Reports). Some bugs do not correspond to problem reports if they are found by developers.

These bugs have been found in 1.3.6 and will be fixed in the next release. Because of the major differences between Windows and Unix, these are separated into bugs which affect Windows systems only, and other bugs (which may affect Windows as well). Unix users can ignore the bugs listed in the Windows section.

Windows-specific Bugs

• Various cleanups have been applied to the Win32 code. These include changes to the shutdown and restart code to allow these events to be processed immediately. PR#3815

Other Bugs

• mod_autoindex looks for an exact content-type of text/html. This breaks if HTML documents are labelled with an extension, such as a character set. PR#4524
• Piped error logs could cause a segfault if an error occured during configuration after a restart. PR#4456
• Warnings on some systems that do not support quads (64 bits in length). Internal changes to the ap_snprintf() routine have been made to handle quads on systems that support them.
• The server will core dump if a module attempts a redirect without correctly setting the Location header.

Patches for bugs in Apache 1.3.6 will be made available in the apply_to_1.3.6 subdirectory of the patches directory on the Apache site. Some new features and other unofficial patches are available in the 1.3 patches directory. For details of all previously reported bugs, see the Apache bug database and known bugs pages. Many common configuration questions are answered in the Apache FAQ.

A patch and new module that provides better dynamic support for large numbers of IP based virtual hosts has been submitted. Dynamic support is useful if you have a very large number of virtual hosts and do not want to individually list and configure them with their own VirtualHost section in the Apache configuration file. This module provides a directive VirtualDocumentRoot to allow the document root to be determined dynamically by the hostname (or IP address) of the site being accessed. The module also provides directives for script aliases and some extra variables for logging.

The mod_negotiation module currently has support for processing of mxb parameters in Accept headers. This support will be removed in Apache as the mxb parameters are not part of the HTTP or other standards and the parameters are not used by any known client.

A updated version of the digest module, mod_digest is being worked on. Digest authentication uses an MD5 hash to provide a more secure password system, but only works with supporting browsers. The recent changes include:

• Updating the module to conform to the latest digest authentication draft standard
• Improved validation checking and header parsing
• Better nonce support including a cryptographically secure random nonce and nonce checking.

New releases of Apache will include a compile-time directive to enable XML 1.0 support. XML is the Extensible Markup Language, a data format for structured document interchange. Internally, Apache will use a subset of the Expat XML parser toolkit from James Clark. Expat is widely regarded by the XML community as the most advanced parser available, and it has already been adopted by companies such as Netscape. Expat is released under the MPL 1.1 licence.

A number of add-on modules will find XML support in the standard Apache distribution useful. XML is required for the Apache Web-based Distributed Authoring and Versioning module, mod_dav. mod_dav allows users to edit and manage files on remote web servers. Other modules such as PHP will also be able to benefit from XML support.

O'Reilly and Associates are hosting an Open Source Convention in Monterey, California between August 21st and 24th 1999. As part of the convention there are a set of conference tracks about Apache and Apache-related software. Although this is not an official Apache Group conference, many of the Apache core developers will be presenting sessions and tutorials.

A recent article reporting on a keynote speech quoted Steve Ballmer, Vice President of Microsoft as saying:

"Wenn wir bei unseren Servern nicht genug Features anbieten, die unsere Preise rechtfertigen, sind wir selber schuld. Apache ist einfach besser als wir, wenn es darum geht, mehrere Sites auf einer ServerVersion zu hosten. Windows 2000 wird dieses Problem lösen"

Apache Week translates this as:

"If we don't offer features that justify the price of our servers, we only have ourselves to blame. Apache is simply better than us when it comes to hosting multiple sites on a single machine. Windows 2000 will fix this."