diff options
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 33 |
1 files changed, 27 insertions, 6 deletions
@@ -3,9 +3,30 @@ NEWS ==== +- 1.4.16 - + + * added static-file.etags, etag.use-inode, etag.use-mtime, etag.use-size + to customize the generation of ETags for static files. (#1209) + (patch by <Yusufg@gmail.com>) + * fixed typecast of NULL on execl() (#1235) + (patch by F. Denis) + * fixed circumventing url.access-deny by trailing slash (#1230) + * fixed crash on duplicate headers with trailing WS (#1232) + * fixed accepting more connections then requested (#1216) + * fixed mem-leak in mod_auth (reported by Stefan Esser) + * fixed crash with md5-sess and cnonce not set in mod_auth (reported by Stefan Esser) + * fixed missing check for base64 encoded string in mod_auth and Basic auth + (reported by Stefan Esser) + * fixed possible crash in Auth-Digest header parser on trailing WS in + mod_auth (reported by Stefan Esser) + * fixed check on stale errno values, which broke handling of broken fastcgi + applications. (#1245) + * fixed crash on 32bit archs when debug-msgs are printed in mod_scgi, mod_fastcgi + and mod_webdav (#1263) + - 1.4.15 - 2007-04-13 - * fixed broken Set-Cookie headers + * fixed broken Set-Cookie headers - 1.4.14 - 2007-04-13 @@ -29,7 +50,7 @@ NEWS * fix cpu hog in certain requests [1473] CVE-2007-1869 * fix for handling hostnames with trailing dot [1406] * fixed header-injection via server.tag (#1106) - * disabled caching of files without a content-type to solve the + * disabled caching of files without a content-type to solve the aggressive caching of FF * remove trailing white-spaces from HTTP-requests before parsing (#1098) * fixed accesslog.use-syslog in a conditional and the caching of the @@ -42,7 +63,7 @@ NEWS * fixed crash on url.redirect and url.rewrite if %0 is used in a global context (#800) * fixed possible crash in debug-message in mod_extforward - * fixed compilation of mod_extforward on glibc < 2.3.4 + * fixed compilation of mod_extforward on glibc < 2.3.4 * fixed include of empty in the configfiles (#1076) * send SIGUSR1 to fastcgi children before SIGTERM. libfcgi wants SIGUSR1. (#737) * fixed missing AUTH_TYPE entry in the fastcgi environment. (#889) @@ -54,16 +75,16 @@ NEWS * added initgroups in spawn-fcgi (#871) * added apr1 support htpasswd in mod-auth (#870) * added lighty.stat() to mod_magnet - * fixed segfault in splitted CRLF CRLF sequences + * fixed segfault in splitted CRLF CRLF sequences (introduced in 1.4.12) (#876) * fixed compilation of LOCK support in mod-webdav * fixed fragments in request-URLs (#869) * fixed pkg-config check for lua5.1 on debian - * fixed Content-Length = 0 on HEAD requests without + * fixed Content-Length = 0 on HEAD requests without a known Content-Length (#119) * fixed mkdir() forcing 0700 (#884) * fixed writev() on FreeBSD 4.x and older (#875) - * removed warning about a 404-error-handler + * removed warning about a 404-error-handler returned 404 * backported and fixed the buildsystem changes for webdav locks |