Apache Site: www.apache.org
Release: 1.3.9 (Released 20th August 1999)
(local
download sites)
Beta: None
Apache 1.3.9 is the current stable release. Users of Apache
1.3.6 and earlier on Unix systems should upgrade to this
version. Users of Apache on Windows can now upgrade to Apache
1.3.9 avoiding the previous problems with Apache 1.3.6. Read
the Guide
to 1.3.9 for information about changes between 1.3.6 and
1.3.9.
Most bugs listed below include a link to the entry in the
Apache bug database where the problem is being tracked. These
entries are called "PR"s (Problem Reports). Some bugs do not
correspond to problem reports if they are found by
developers.
These bugs have been found in 1.3.9 and will be fixed in the
next release. Because of the major differences between
Windows and Unix, these are separated into bugs which affect
Windows systems only, and other bugs (which may affect
Windows as well). Unix users can ignore the bugs listed in
the Windows section.
Windows-specific Bugs
-
The new digest authentication module,
mod_auth_digest, does not work with Windows.
This bug has not yet been completely fixed, but work is
progressing to allow the module to be used.
-
CGI scripts are broken if the script calls other programs
that output to stdout
-
16 bit CGI scripts would not work
Other Bugs
-
The ap_base64decode_binary routine has a
potential buffer overflow problem. This was affecting nonce
checking in the new digest authentication module. PR#4957
Patches for bugs in Apache 1.3.9 will be made available in
the apply_to_1.3.9 subdirectory of the patches
directory on the Apache site. Some new features and other
unofficial patches are available in the 1.3
patches directory. For details of all previously reported
bugs, see the Apache bug
database and known
bugs pages. Many common configuration questions are
answered in the Apache FAQ.
Each month we report on the new figures from the Netcraft survey
of web sites. The September survey shows little change in the
market share for Apache-based servers, taking over 61% of the
market. Additionally this month, the survey extracts some
data from the Netcraft commercial SSL survey. This
survey looks only at sites that run secure servers. This
gives a better idea of the real state of the market as each
domain running a secure server needs its own distinct
certificate from a third party such as Equifax, Thawte, or
Verisign. In their normal survey it is easy for a single ISP
to inadvertently skew the results if they have a single
machine hosting many hundreds of thousands of sites (such as
Freeserve in the UK).
The SSL survey for August 1999 shows that Microsoft are in the
lead with 36% of the market. Apache with SSL is next
with a 25% share. Stronghold from C2Net and Netscape both have 13%
but with Stronghold slightly ahead.
The Apache Software Foundation has been listed as one of the
100 companies that matter by the Industry Standard this
week. The article (not yet available online) presents their
view of the most important companies in the Internet economy
and lists the foundation alongside companies such as Sun, IBM
and SGI.
Internet World (September 15th 1999) profiles Apache
co-founder Brian Behlendorf in
Open for Business. The article looks at the history of
Apache as well as Brian's new open-source venture,
SourceXchange. Unfortunately the article has some factual
mistakes as it labels him as the spokesman for the group and
Apache as "his" software.