هاستینگ میهن وب سرور
رتبه موضوع:
  • 0 رای - 0 میانگین
  • 1
  • 2
  • 3
  • 4
  • 5
نسخه 2.4.28 وب سرور آپاچی منتشر شد (آپدیت امنیتی)
#1
کد:
Changes with Apache 2.4.28

 *) SECURITY: CVE-2017-9798 (cve.mitre.org)
    Corrupted or freed memory access. <Limit[Except]> must now be used in the
    main configuration file (httpd.conf) to register HTTP methods before the
    .htaccess files.  [Yann Ylavic]

 *) event: Avoid possible blocking in the listener thread when shutting down
    connections. PR 60956.  [Yann Ylavic]

 *) mod_speling: Don't embed referer data in a link in error page.
    PR 38923 [Nick Kew]

 *) htdigest: prevent a buffer overflow when a string exceeds the allowed max
    length in a password file.
    [Luca Toscano, Hanno Böck <hanno hboeck de>]

 *) mod_proxy: loadfactor parameter can now be a decimal number (eg: 1.25).
    [Jim Jagielski]

 *) mod_proxy_wstunnel: Allow upgrade to any protocol dynamically.
    PR 61142.

 *) mod_watchdog/mod_proxy_hcheck: Time intervals can now be spefified
    down to the millisecond. Supports 'mi' (minute), 'ms' (millisecond),
    's' (second) and 'hr' (hour!) time suffixes. [Jim Jagielski]

 *) mod_http2: Fix for stalling when more than 32KB are written to a
    suspended stream.  [Stefan Eissing]

 *) build: allow configuration without APR sources.  [Jacob Champion]

 *) mod_ssl, ab: Fix compatibility with LibreSSL.  PR 61184.
    [Bernard Spil <brnrd freebsd.org>, Michael Schlenker <msc contact.de>,
     Yann Ylavic]

 *) core/log: Support use of optional "tag" in syslog entries.
    PR 60525. [Ben Rubson <ben.rubson gmail.com>, Jim Jagielski]

 *) mod_proxy: Fix ProxyAddHeaders merging.  [Joe Orton]

 *) core: Disallow multiple Listen on the same IP:port when listener buckets
    are configured (ListenCoresBucketsRatio > 0), consistently with the single
    bucket case (default), thus avoiding the leak of the corresponding socket
    descriptors on graceful restart.  [Yann Ylavic]

 *) event: Avoid listener periodic wake ups by using the pollset wake-ability
    when available.  PR 57399.  [Yann Ylavic, Luca Toscano]

 *) mod_proxy_wstunnel: Fix detection of unresponded request which could have
    led to spurious HTTP 502 error messages sent on upgrade connections.
    PR 61283.  [Yann Ylavic]


 [Apache 2.3.0-dev includes those bug fixes and changes with the
  Apache 2.2.xx tree as documented, and except as noted, below.]

Changes with Apache 2.2.x and later:

 *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?view=markup

Changes with Apache 2.0.x and later:

 *) http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?view=markup



لینک:
کد:
http://www.apache.org/dist/httpd/CHANGES_2.4.28
http://mail-archives.us.apache.org/mod_mbox/www-announce/201710.mbox/%3cCACsi253RDMjgzixy_qxJEcse9usBicendZ+pXxsQ=innRJXnmQ@mail.gmail.com%3e
پاسخ


موضوعات مشابه ...
موضوع نویسنده پاسخ بازدید آخرین ارسال
  نسخه 2.4.29 وب سرور آپاچی منتشر شد Admin 0 3,121 2017-10-27, 03:11
آخرین ارسال: Admin

پرش به انجمن:


کاربران در حال بازدید این موضوع: 1 مهمان