Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
176 commits
Select commit Hold shift + click to select a range
b7595a3
xforms
covener Jul 15, 2024
cd2255e
Make sure pytest shuts down the web server after each package.
rainerjung Jul 15, 2024
363d239
publishing release httpd-2.4.62
covener Jul 17, 2024
806a335
Fix copy and paste typo in comment
rainerjung Jul 17, 2024
d5c35dd
Propose x 1, vote x 1
ylavic Jul 17, 2024
b0a3a17
Fix typo in test name.
rainerjung Jul 17, 2024
b41c53f
Skip h2 tests on prefork.
rainerjung Jul 17, 2024
3da8255
Skip more h2 tests in prefork.
rainerjung Jul 17, 2024
774b5b7
vote/promote/stall
covener Jul 17, 2024
e266403
fr doc XML files updates.
Jul 20, 2024
50f5b4a
fr doc rebuild.
Jul 20, 2024
06b32a3
Merge r1919468 from trunk:
covener Jul 23, 2024
2b278b9
xforms
covener Jul 23, 2024
1927caa
Vote&promote, propose.
notroj Jul 23, 2024
21bf059
Reenable test class, upstream bug fixed in pebble.
rainerjung Jul 24, 2024
f73794c
fr doc XML file update.
Jul 26, 2024
cb266ed
fr doc rebuild.
Jul 26, 2024
d9c5d4b
Vote x 1
ylavic Jul 26, 2024
591934e
Trigger ci
ylavic Jul 27, 2024
a0a68b9
mod_rewrite: Better question mark tracking to avoid UnsafeAllow3F. P…
ylavic Jul 27, 2024
0f69443
Backported in r1919545.
ylavic Jul 27, 2024
8ace8c7
Merge r1918003, r1918022, r1918035, r1918078, r1918098, r1918099, r19…
ylavic Jul 27, 2024
06b9602
Backported in r1919548.
ylavic Jul 27, 2024
c418e92
Rebased mod_rewrite rewritelog() backport.
notroj Jul 29, 2024
1053342
Backported in 2.4.41 (r1860166).
ylavic Aug 1, 2024
34d4568
Add missing CHANGES entry from r1919545
ylavic Aug 1, 2024
996525f
Add missing CHANGES entry from r1919548
ylavic Aug 1, 2024
f4a5fbe
Fix 2.4 versions of latest MMN entries.
ylavic Aug 1, 2024
ddb375b
Propose x 3
ylavic Aug 1, 2024
eab1e70
Update proposal
ylavic Aug 2, 2024
d4bcc10
Merge r1902366 from trunk:
Aug 4, 2024
c5863e8
Merge r1919395 from trunk:
Aug 4, 2024
5536359
Merge r1919397, r1919398, r1919399, r1919411, r1919414, r1919415,
Aug 4, 2024
270e708
Propose.
Aug 4, 2024
f325a98
Add a new <since> tag to ease writing compatibility notes.
Aug 9, 2024
20c4d07
Add some compatibility notes.
Aug 9, 2024
b9dcbce
add/vote/promote
covener Aug 13, 2024
e160f5e
a few addl votes
covener Aug 13, 2024
82b7c5f
* Vote and promote
rpluem Aug 15, 2024
187984f
* Vote, promote, comment [skip ci]
rpluem Aug 15, 2024
2242ac4
found in directoryindex, update link
covener Aug 16, 2024
8a8fcaf
WIP
covener Aug 16, 2024
140a837
Merge r1866894 from trunk:
notroj Aug 20, 2024
2ced353
Merged x1.
notroj Aug 20, 2024
2b6395a
* Propose [skip ci]
rpluem Aug 21, 2024
6b57064
vote
covener Aug 21, 2024
0505437
Merge r1920109 from trunk:
rpluem Aug 21, 2024
9bf076f
Merge r1920050 from trunk:
notroj Aug 21, 2024
5924273
start noting some must-have PRs
covener Aug 22, 2024
0e1c74f
fr doc XML files updates.
Aug 24, 2024
fac4547
fr doc XML file update.
Aug 24, 2024
668512c
fr doc rebuild.
Aug 24, 2024
3ee5a5b
propose
covener Sep 11, 2024
4ce009c
* Vote [skip ci]
rpluem Sep 11, 2024
76034c2
* Add proposal [skip ci]
rpluem Sep 11, 2024
057549f
Sep 11, 2024
a723338
promote, track another must-have
covener Sep 12, 2024
b7988b2
Merged /httpd/httpd/trunk:r1920744
icing Sep 17, 2024
c2fb699
Merge /httpd/httpd/trunk:r1920747,1920751
icing Sep 17, 2024
096bfb0
fr doc xml files updated and corrected.
Sep 23, 2024
07d2119
fr doc rebuild.
Sep 23, 2024
0b277bc
fr doc xml file reviewed and corrected.
Sep 24, 2024
8b62ddb
fr doc xml file reviewed and corrected.
Sep 25, 2024
911ff15
vote, summarize must-haves
covener Sep 26, 2024
9b557dd
Vote x3, propose x1, note: CMake changes should be CTR.
notroj Sep 26, 2024
5849cf5
update-changes
covener Sep 27, 2024
cbf81b4
Merge r1919532, r1919533 from trunk:
covener Sep 27, 2024
67982b7
*) mod_ldap: Add a hint to install the apr_ldap module on init fail…
covener Sep 27, 2024
82736c8
*) Windows: Make UNCList EXEC_ON_READ to be early enough for
covener Sep 27, 2024
be9f2ea
Merge r1919860 from trunk:
covener Sep 27, 2024
5f82765
Merge r1427465, r1918823 from trunk:
covener Sep 27, 2024
c91445b
*) mod_rewrite: Improve safe question mark detection
covener Sep 27, 2024
2095d87
backported
covener Sep 27, 2024
3955cf8
* Add proposal
rpluem Sep 27, 2024
2d65485
+1 x 2
ylavic Sep 28, 2024
03d9193
Update & reset mod_ssl vote.
notroj Oct 1, 2024
f9ecbc6
vote/promote/comment
covener Oct 2, 2024
fc2f7c5
pause on rewrite/proxy thing
covener Oct 2, 2024
2840f91
Split mod_proxy_fcgi backports in two, the showstopper (BZ-69203) and…
ylavic Oct 10, 2024
b591088
vote/promote
covener Oct 12, 2024
0531a7d
* Vote and promote [skip ci]
rpluem Oct 14, 2024
88ebfaa
Merge r1838684, r1920570, r1920571, r1920572 from trunk:
rpluem Oct 14, 2024
be19b27
Merge r1921311 from trunk: [RTC exception for CI]
notroj Oct 15, 2024
f5a68b6
Document the %{cuz}t and %{<strftime-format>}t time formats for Error…
ylavic Oct 18, 2024
452b482
Follow up to r1920745: More mod_tls docs removal.
ylavic Oct 18, 2024
f45abec
xforms
ylavic Oct 18, 2024
cef7d0a
fr doc XML file update.
Oct 19, 2024
01a2aec
fr doc rebuild.
Oct 19, 2024
378f518
propose r1921805 for backport
icing Nov 7, 2024
abbc289
Vote.
notroj Nov 25, 2024
2aa446f
Merge r1919620, r1919621, r1919623, r1919628, r1921237 from trunk:
covener Nov 25, 2024
e0cfc83
dunno how this ended up in CHANGES also
covener Nov 25, 2024
dd54417
ported
covener Nov 25, 2024
c18e0e7
mod_ssl: Fix regression in PKCS#11 handling which should work without
covener Nov 25, 2024
c39fba7
backported
covener Nov 25, 2024
9445696
Merge r1922169 from trunk:
covener Nov 27, 2024
bff4c07
xforms
covener Nov 27, 2024
df19949
fr doc XML file update.
Nov 30, 2024
7566c2f
fr doc rebuild.
Nov 30, 2024
6f5a424
Merge r1922246 from trunk:
covener Dec 1, 2024
74723e6
xforms
covener Dec 1, 2024
486f1d4
Merge /httpd/httpd/trunk:r1922279
icing Dec 3, 2024
707fb91
fr doc XML file update.
Dec 7, 2024
83771f5
fr doc rebuild.
Dec 7, 2024
3817732
Merge /httpd/httpd/trunk:r1922429
icing Dec 11, 2024
945e3ca
Merge r1921310, r1922412 from trunk: [CTR for CI changes]
notroj Dec 12, 2024
4587cd6
2 small backports.
notroj Dec 13, 2024
19718a9
One more small patch.
notroj Dec 13, 2024
20ede44
Easy proposals
Dec 14, 2024
ef667e2
Happy New Year 2025
rainerjung Jan 1, 2025
4b8d7c3
Vote
Jan 3, 2025
94b0cef
fix value inconsistency in LimitXMLRequestBody example
covener Jan 6, 2025
5fe106b
xform
covener Jan 6, 2025
6548a77
quick votes
covener Jan 6, 2025
7fa9aff
Merge r1921971 from trunk:
notroj Jan 7, 2025
2c61a0a
Merged.
notroj Jan 7, 2025
b5fa24d
Review x1.
notroj Jan 7, 2025
a8bfc74
Vote
jimjag Jan 7, 2025
9862257
Promote
jimjag Jan 7, 2025
83ab7e7
*) Easy patches: synch 2.4.x and trunk
jimjag Jan 7, 2025
3e28318
*) Add the ldap-search option to mod_authnz_ldap, allowing authoriz…
jimjag Jan 7, 2025
a2e4b0b
*) mod_proxy: Honor parameters of ProxyPassMatch workers with subst…
jimjag Jan 7, 2025
20f3423
*) mod_proxy_fcgi: Fix proxy-fcgi-pathinfo=full
jimjag Jan 7, 2025
fcd23ef
*) mod_http2: Fix failed request counting and keepalive timeout
jimjag Jan 7, 2025
9248113
*) mod_log_config: Fix LogFormat directive merging
jimjag Jan 7, 2025
6056e35
*) mod_lua: Make r.ap_auth_type writable
jimjag Jan 7, 2025
e216a14
Update docs
jimjag Jan 7, 2025
c6a2675
oops... cut/paste error
jimjag Jan 7, 2025
c7bda07
VOTE
jimjag Jan 7, 2025
d901b86
As per Email on dev@
jimjag Jan 7, 2025
cfea547
Promote
jimjag Jan 7, 2025
7539602
And committed
jimjag Jan 7, 2025
2072671
make update-changes
covener Jan 7, 2025
10545e0
Record merges
jimjag Jan 7, 2025
db44909
Record merges
jimjag Jan 7, 2025
14d6394
Record merges
jimjag Jan 7, 2025
a9cea52
escape brackets
covener Jan 8, 2025
269126a
xforms to restore site
covener Jan 8, 2025
fa4c1be
Rebuild tag list for prettify.js
Jan 8, 2025
fb3d30e
Rebuild prettify.min.js as well, it's much more useful
Jan 8, 2025
933f4bd
Use <highlight language="config"> instead of <example> in order to ha…
Jan 8, 2025
330bad1
Propose
Jan 9, 2025
17f9aac
fr doc XML files updates.
Jan 11, 2025
18b2154
fr doc rebuild with new year.
Jan 11, 2025
049d8f0
Vote
jimjag Jan 14, 2025
52883de
Propose backport
jimjag Jan 14, 2025
5e08023
2 votes, 1 promotion.
ylavic Jan 14, 2025
4c8fb01
Vote
jfclere Jan 14, 2025
84a9b97
svn merge -c 1910518,1910847,1912477,1918297 ^/httpd/httpd/trunk .
jimjag Jan 15, 2025
650ab34
jimjag Jan 15, 2025
0e76f5b
Update CHANGES via 'make update-changes'
jimjag Jan 15, 2025
c8c5aef
*) Do not add a space before '|' when setting the value for stickys…
jimjag Jan 15, 2025
7ed7c02
And backported
jimjag Jan 15, 2025
125cfe9
Remove duplicate item.
rainerjung Jan 15, 2025
3759641
Merge /httpd/httpd/trunk:r1923148
icing Jan 15, 2025
db1a2d5
update changes
icing Jan 15, 2025
5e628e7
Space police.
rainerjung Jan 16, 2025
908ce90
Sanitize some bugzilla referrences that break one of my script.
Jan 16, 2025
e36b2c3
propose backport of h2 test fix
icing Jan 17, 2025
9b9d1d3
looks safe to me. Tests OK too
jimjag Jan 17, 2025
192345c
Vote, promote
rainerjung Jan 17, 2025
ce298ca
Rebuild the doc
Jan 19, 2025
5162ed4
Propose
Jan 19, 2025
bf53e15
Fix proposal
Jan 19, 2025
0acf216
*) mod_http2: fix test_h2_200_17+18 for newer curl versions. Just add…
rainerjung Jan 19, 2025
018567c
Three votes.
rainerjung Jan 19, 2025
516588e
Vote x3, promote x2.
notroj Jan 20, 2025
000cd22
Merge r1921067 from trunk:
notroj Jan 20, 2025
c8c469b
Merge r1916054 from trunk:
notroj Jan 20, 2025
657f33c
Merged x2.
notroj Jan 20, 2025
d14aa6c
Update mergeinfo for already-merged mod_cgi/cgid changes.
notroj Jan 20, 2025
c732147
Merge r1915651, r1916381, r1920589, r1923133 from trunk: [under CTR f…
notroj Jan 20, 2025
27fdcd2
Prep for rolling
jimjag Jan 20, 2025
0480942
Tag branches/2.4.x@1923279 as 2.4.63
jimjag Jan 20, 2025
5580072
Post 2.4.63 tag updates
jimjag Jan 20, 2025
9370297
release 2.4.63 from voted 2.4.63
jimjag Jan 23, 2025
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
44 changes: 26 additions & 18 deletions .github/workflows/linux.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
strategy:
fail-fast: false
matrix:
include:
include:
# -------------------------------------------------------------------------
- name: Empty APLOGNO() test
env: |
Expand Down Expand Up @@ -67,11 +67,11 @@ jobs:
env: |
TEST_ARGS=-order=random
# -------------------------------------------------------------------------
- name: GCC 10 maintainer-mode w/-Werror, install + VPATH
- name: GCC 12 maintainer-mode w/-Werror, install + VPATH
config: --enable-mods-shared=reallyall --enable-maintainer-mode
notest-cflags: -Werror -O2
env: |
CC=gcc-10
CC=gcc-12
TEST_VPATH=1
TEST_INSTALL=1
SKIP_TESTING=1
Expand Down Expand Up @@ -153,6 +153,20 @@ jobs:
TEST_ARGS="-defines LDAP"
TESTS="t/modules/"
# -------------------------------------------------------------------------
- name: APR 1.7.x, APR-util 1.7.x, LDAP
config: --enable-mods-shared=reallyall
pkgs: ldap-utils
env: |
APR_VERSION=1.7.x
APU_VERSION=1.7.x
APU_CONFIG="--with-crypto --with-ldap"
TEST_MALLOC=1
TEST_LDAP=1
TEST_ARGS="-defines LDAP"
TESTS="t/modules/"
CLEAR_CACHE=1
# -------------------------------------------------------------------------
### TODO: if: *condition_not_24x
- name: APR trunk thread debugging
config: --enable-mods-shared=reallyall --with-mpm=event
env: |
Expand Down Expand Up @@ -210,17 +224,6 @@ jobs:
# TEST_MD=1
# -------------------------------------------------------------------------
### TODO: if: *condition_not_24x
- name: MOD_TLS test suite
config: --enable-mods-shared=reallyall --with-mpm=event --enable-mpms-shared=event
pkgs: curl python3-pytest nghttp2-client python3-cryptography python3-requests python3-multipart python3-filelock python3-websockets cargo cbindgen
env: |
APR_VERSION=1.7.4
APU_VERSION=1.6.3
APU_CONFIG="--with-crypto"
RUSTLS_VERSION="v0.13.0"
NO_TEST_FRAMEWORK=1
TEST_INSTALL=1
TEST_MOD_TLS=1
# -------------------------------------------------------------------------
### TODO if: *condition_not_24x
### TODO: Fails because :i386 packages are not being found.
Expand All @@ -244,10 +247,14 @@ jobs:
CONFIG: ${{ matrix.config }}
name: ${{ matrix.name }}
steps:
# JOBID is used in the cache keys, created here as a hash of all
# properties of the environment, including the image OS version,
# compiler flags and any job-specific properties.
- name: Set environment variables
run: |
echo "${{ matrix.env }}" >> $GITHUB_ENV
echo JOBID=`echo "${{ matrix.notest-cflags }} ${{ matrix.env }} ${{ matrix.config }}'"| md5sum - | sed 's/ .*//'` >> $GITHUB_ENV
echo JOBID=`echo "OS=$ImageOS ${{ matrix.notest-cflags }} ${{ matrix.env }} ${{ matrix.config }}" \
| md5sum - | sed 's/ .*//'` >> $GITHUB_ENV
# https://github.com/actions/runner-images/issues/9491#issuecomment-1989718917
- name: Workaround ASAN issue in Ubuntu 22.04
run: sudo sysctl vm.mmap_rnd_bits=28
Expand All @@ -258,7 +265,7 @@ jobs:
cpanminus libtool-bin libapr1-dev libaprutil1-dev
liblua5.3-dev libbrotli-dev libcurl4-openssl-dev
libnghttp2-dev libjansson-dev libpcre2-dev gdb
perl-doc ${{ matrix.pkgs }}
perl-doc libsasl2-dev ${{ matrix.pkgs }}
- uses: actions/checkout@v4
- name: Cache installed libraries
uses: actions/cache@v4
Expand All @@ -285,5 +292,6 @@ jobs:
if: failure()
with:
name: error_log-${{ env.JOBID }}
path: test/perl-framework/t/logs/error_log

path: |
**/config.log
test/perl-framework/t/logs/error_log
63 changes: 63 additions & 0 deletions .github/workflows/windows.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
name: Windows

on:
push:
branches: [ "*" ]
paths-ignore:
- 'docs/**'
- STATUS
- CHANGES
- changes-entries/*
pull_request:
branches: [ "trunk", "2.4.x" ]
paths-ignore:
- 'docs/**'
- STATUS
- CHANGES
- changes-entries/*

jobs:
build:
strategy:
fail-fast: false
matrix:
include:
- name: Default
triplet: x64-windows
arch: x64
build-type: Debug
generator: "Ninja"

runs-on: windows-latest
timeout-minutes: 30
name: ${{ matrix.name }}
env:
VCPKG_BINARY_SOURCES: "clear;x-gha,readwrite"
steps:
- name: Export GitHub Actions cache environment variables
uses: actions/github-script@v7
with:
script: |
core.exportVariable('ACTIONS_CACHE_URL', process.env.ACTIONS_CACHE_URL || '');
core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env.ACTIONS_RUNTIME_TOKEN || '');

- name: Install dependencies
run: vcpkg install --triplet ${{ matrix.triplet }} apr[private-headers] apr-util pcre2 openssl

- uses: actions/checkout@v3

- name: Configure CMake
shell: cmd
run: |
call "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsDevCmd.bat" -arch=${{ matrix.arch }}
cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{ matrix.build-type }} ^
-G "${{ matrix.generator }}" ^
-DCMAKE_TOOLCHAIN_FILE=C:/vcpkg/scripts/buildsystems/vcpkg.cmake ^
-DAPR_INCLUDE_DIR=C:/vcpkg/installed/${{ matrix.triplet }}/include ^
"-DAPR_LIBRARIES=C:/vcpkg/installed/${{ matrix.triplet }}/lib/libapr-1.lib;C:/vcpkg/installed/${{ matrix.triplet }}/lib/libaprutil-1.lib"

- name: Build
shell: cmd
run: |
call "C:\Program Files\Microsoft Visual Studio\2022\Enterprise\Common7\Tools\VsDevCmd.bat" -arch=${{ matrix.arch }}
cmake --build ${{github.workspace}}/build --config ${{ matrix.build-type }}
2 changes: 1 addition & 1 deletion ABOUT_APACHE
Original file line number Diff line number Diff line change
Expand Up @@ -128,7 +128,7 @@ group of volunteers who vote on changes to the distributed server), then
you need to start by subscribing to the dev@httpd.apache.org mailing list.
One warning though: traffic is high, 1000 to 1500 messages/month.
To subscribe to the list, send an email to dev-subscribe@httpd.apache.org.
We recommend reading the list for a while before trying to jump in to
We recommend reading the list for a while before trying to jump in to
development.

NOTE: The developer mailing list (dev@httpd.apache.org) is not
Expand Down
121 changes: 119 additions & 2 deletions CHANGES
Original file line number Diff line number Diff line change
@@ -1,6 +1,123 @@
-*- coding: utf-8 -*-
Changes with Apache 2.4.63

*) mod_dav: Update redirect-carefully example BrowserMatch config
to match more recent client versions. PR 66148, 67039.
[Michal Maloszewski <michal.maloszewski canonical.com>,
Romain Tartière <romain blogreen.org>]

*) mod_cache_socache: Fix possible crash on error path. PR 69358.
[Ruediger Pluem]

*) mod_ssl: Fail cleanly at startup if OpenSSL initialization fails.
[StephenWall]

*) mod_md: update to version 2.4.31
- Improved error reporting when waiting for ACME server to verify domains
or finalizing the order fails, e.g. times out.
- Increasing the timeouts to wait for ACME server to verify domain names
and issue the certificate from 30 seconds to 5 minutes.
- Change a log level from error to debug when Stapling is enabled but a
certificate carries no OCSP responder URL.

*) mod_proxy_balancer: Fix the handling of the stickysession configuration
parameter by the balancer manager. PR 69510
[Yutaka Tokunou <tokunou.yutaka@fujitsu.com>]

*) Add the ldap-search option to mod_authnz_ldap, allowing authorization
to be based on arbitrary expressions that do not include the username.
Make sure that when ldap searches are too long, we explicitly log the
error. [Graham Leggett]

*) mod_proxy: Honor parameters of ProxyPassMatch workers with substitution
in the host name or port. PR 69233. [Yann Ylavic]

*) mod_log_config: Fix merging for the "LogFormat" directive.
PR 65222. [Michael Kaufmann <mail michael-kaufmann.ch>]

*) mod_lua: Make r.ap_auth_type writable. PR 62497.
[Michael Osipov <michaelo apache.org>]

*) mod_md: update to version 2.4.29
- Fixed HTTP-01 challenges to not carry a final newline, as some ACME
server fail to ignore it. [Michael Kaufmann (@mkauf)]
- Fixed missing label+newline in server-status plain text output when
MDStapling is enabled.

*) mod_ssl: Restore support for loading PKCS#11 keys via ENGINE
without "SSLCryptoDevice" configured. [Joe Orton]

*) mod_authnz_ldap: Fix possible memory corruption if the
AuthLDAPSubGroupAttribute directive is configured. [Joe Orton]

*) mod_proxy_fcgi: Don't re-encode SCRIPT_FILENAME when set via SetHandler.
PR 69203. [Yann Ylavic]

*) mod_rewrite, mod_proxy: mod_proxy to canonicalize rewritten [P] URLs,
including "unix:" ones. PR 69235, PR 69260. [Yann Ylavic, Ruediger Pluem]

*) mod_rewrite: Error out in case a RewriteRule in directory context uses the
proxy, but mod_proxy is not loaded. PR 56264.
[Christophe Jaillet, Michael Streeter <mstreeter1@gmail.com>]

*) http: Remove support for Request-Range header sent by Navigator 2-3 and
MSIE 3. [Stefan Fritsch]

*) mod_rewrite: Don't require [UNC] flag to preserve a leading //
added by applying the perdir prefix to the substitution.
[Ruediger Pluem, Eric Covener]

*) Windows: Restore the ability to "Include" configuration files on UNC
paths. PR 69313 [Eric Covener]

*) mod_proxy: Avoid AH01059 parsing error for SetHandler "unix:" URLs
in <Location> (incomplete fix in 2.4.62). PR 69160. [Yann Ylavic]

*) mod_md: update to version 2.4.28
- When the server starts, it looks for new, staged certificates to
activate. If the staged set of files in 'md/staging/<domain>' is messed
up, this could prevent further renewals to happen. Now, when the staging
set is present, but could not be activated due to an error, purge the
whole directory. [icing]
- Fix certificate retrieval on ACME renewal to not require a 'Location:'
header returned by the ACME CA. This was the way it was done in ACME
before it became an IETF standard. Let's Encrypt still supports this,
but other CAs do not. [icing]
- Restore compatibility with OpenSSL < 1.1. [ylavic]

*) mod_tls: removed the experimental module. It now is availble standalone
from https://github.com/icing/mod_tls. The rustls provided API is not
stable and does not align with the httpd release cycle.
[Stefan Eissing]

*) mod_rewrite: Better question mark tracking to avoid UnsafeAllow3F.
PR 69197. [Yann Ylavic, Eric Covener]

*) mod_http2: Return connection monitoring to the event MPM when blocking
on client updates. [Stefan Eissing, Yann Ylavic]

Changes with Apache 2.4.62

*) SECURITY: CVE-2024-40898: Apache HTTP Server: SSRF with
mod_rewrite in server/vhost context on Windows (cve.mitre.org)
SSRF in Apache HTTP Server on Windows with mod_rewrite in
server/vhost context, allows to potentially leak NTML hashes to
a malicious server via SSRF and malicious requests.
Users are recommended to upgrade to version 2.4.62 which fixes
this issue.
Credits: Smi1e (DBAPPSecurity Ltd.)

*) SECURITY: CVE-2024-40725: Apache HTTP Server: source code
disclosure with handlers configured via AddType (cve.mitre.org)
A partial fix for CVE-2024-39884 in the core of Apache HTTP
Server 2.4.61 ignores some use of the legacy content-type based
configuration of handlers. "AddType" and similar configuration,
under some circumstances where files are requested indirectly,
result in source code disclosure of local content. For example,
PHP scripts may be served instead of interpreted.
Users are recommended to upgrade to version 2.4.62, which fixes
this issue.

*) mod_proxy: Fix canonicalisation and FCGI env (PATH_INFO, SCRIPT_NAME) for
"balancer:" URLs set via SetHandler, also allowing for "unix:" sockets
with BalancerMember(s). PR 69168. [Yann Ylavic]
Expand Down Expand Up @@ -119,7 +236,7 @@ Changes with Apache 2.4.60
Credits: Marc Stern (<marc.stern AT approach-cyber.com>)

*) mod_proxy: Fix DNS requests and connections closed before the
configured addressTTL. BZ 69126. [Yann Ylavic]
configured addressTTL. PR 69126. [Yann Ylavic]

*) core: On Linux, log the real thread ID in error logs. [Joe Orton]

Expand Down Expand Up @@ -1325,7 +1442,7 @@ Changes with Apache 2.4.48
[Yann Ylavic]

*) mod_proxy: Fix flushing of THRESHOLD_MIN_WRITE data while tunneling.
BZ 65294. [Yann Ylavic]
PR 65294. [Yann Ylavic]

*) core: Fix a regression that stripped the ETag header from 304 responses.
PR 61820 [Ruediger Pluem, Roy T. Fielding]
Expand Down
9 changes: 6 additions & 3 deletions CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ FIND_PACKAGE(Lua51)
FIND_PACKAGE(OpenSSL)
FIND_PACKAGE(ZLIB)
FIND_PACKAGE(CURL)
FIND_PACKAGE(PCRE2 COMPONENTS 8BIT)

# Options for support libraries not supported by cmake-bundled FindFOO

Expand All @@ -47,7 +48,10 @@ ENDIF()
# PCRE names its libraries differently for debug vs. release builds.
# We can't query our own CMAKE_BUILD_TYPE at configure time.
# If the debug version exists in PREFIX/lib, default to that one.
IF(EXISTS "${CMAKE_INSTALL_PREFIX}/lib/pcre2-8d.lib")
IF(PCRE2_FOUND)
SET(default_pcre_libraries "PCRE2::8BIT")
SET(default_pcre_cflags "-DHAVE_PCRE2")
ELSEIF(EXISTS "${CMAKE_INSTALL_PREFIX}/lib/pcre2-8d.lib")
SET(default_pcre_libraries ${CMAKE_INSTALL_PREFIX}/lib/pcre2-8d.lib)
SET(default_pcre_cflags "-DHAVE_PCRE2")
ELSEIF(EXISTS "${CMAKE_INSTALL_PREFIX}/lib/pcre2-8.lib")
Expand Down Expand Up @@ -628,11 +632,10 @@ ENDIF()
CONFIGURE_FILE(os/win32/BaseAddr.ref ${PROJECT_BINARY_DIR}/ COPYONLY)

ADD_EXECUTABLE(gen_test_char server/gen_test_char.c)
GET_TARGET_PROPERTY(GEN_TEST_CHAR_EXE gen_test_char LOCATION)
ADD_CUSTOM_COMMAND(
COMMENT "Generating character tables, test_char.h, for current locale"
DEPENDS gen_test_char
COMMAND ${GEN_TEST_CHAR_EXE} > ${PROJECT_BINARY_DIR}/test_char.h
COMMAND $<TARGET_FILE:gen_test_char> > ${PROJECT_BINARY_DIR}/test_char.h
OUTPUT ${PROJECT_BINARY_DIR}/test_char.h
)
ADD_CUSTOM_TARGET(
Expand Down
2 changes: 1 addition & 1 deletion NOTICE
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
Apache HTTP Server
Copyright 2024 The Apache Software Foundation.
Copyright 2025 The Apache Software Foundation.

This product includes software developed at
The Apache Software Foundation (https://www.apache.org/).
Expand Down
Loading