summaryrefslogtreecommitdiff
path: root/NEWS
blob: 3312481f6193b6d17dd91ca79e3d5e7b9e6e489e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784

====
NEWS
====

- 1.4.19 -

  * added support for If-Range: <date> (#1346)
  * added support for matching $HTTP["scheme"] in configs
  * fixed initgroups() called after chroot (#1384)
  * fixed case-sensitive check for Auth-Method (#1456)
  * execute fcgi app without /bin/sh if used as argument to spawn-fcgi (#1428)
  * fixed a bug that made /-prefixed extensions being handled also when
    matching the end of the uri in fcgi,scgi and proxy modules (#1489)
  * print error if X-LIGHTTPD-send-file cannot be done; reset header
    Content-Length for send-file. Patches by Stefan Buehler
  * prevent crash in certain php-fcgi configurations (#841)
  * add IdleServers and Scoreboard directives in ?auto mode for mod_status (#1507)
  * open log immediately after daemonizing, fixes SIGPIPEs on startup  (#165)
  * HTTPS env var should be "on" when using mod_extforward and the X-Forwarded-Proto header is set. (#1499)
  * generate ETag and Last-Modified headers for mod_ssi based on newest modified include (#1491)
  * support letterhomes in mod_userdir (#1473)
  * support chained proxies in mod_extforward (#1528)
  * fixed bogus "cgi died ?" if we kill the CGI process on shutdown
  * fixed ECONNRESET handling in network-openssl
  * fixed handling of EAGAIN in network-linux-sendfile (#657)
  * reset conditional cache (#1164)
  * create directories in mod_compress (was broken with alias/userdir) (#1027)
  * fixed out of range access in fd array (#1562, #372) (CVE-2008-0983)
  * mod_compress should check if the request is already handled, e.g. by fastcgi (#1565)
  * remove broken workaround for buggy Opera version with ssl/chunked encoding (#285)
  * generate etag/last-modified header for on-the-fly-compressed files (#1171)
  * req-method OPTIONS: do not insert default response if request was denied, do not deny OPTIONS by default (#1324)
  * fixed memory leak on windows (#1347)
  * fixed building outside of the src dir (#1349)
  * fixed including of stdint.h/inttypes.h in etag.c (#1413)
  * do not add Accept-Ranges header if range-request is disabled (#1449)
  * log the ip of failed auth tries in error.log (enhancement #1544)
  * fixed RoundRobin in mod_proxy (#516)
  * check for symlinks after successful pathinfo matching (#1574)
  * fixed mod-proxy.t to run with a builddir outside of the src dir
  * do not suppress content on "307 Temporary Redirect" (#1412)
  * fixed Content-Length header if response body gets removed in connections.c (#1412, part 2)
  * do not generate a "Content-Length: 0" header for HEAD requests, added test too
  * remove compress cache file if compression or write failed (#1150)
  * fixed body handling of status 300 requests 
  * spawn-fcgi: only try to connect to unix socket (not tcp) before spawning (#1575)
  * fix sending source of cgi script instead of 500 error if fork fails (CVE-2008-1111)
  * fix min-procs handling in mod_scgi.c, just set to max-procs (patch from #623)
  * fix sending "408 - Timeout" instead of "410 - Gone" for timedout urls in mod_secdownload (#1440)
  * workaround #1587: require userdir.path to be set to enable mod_userdir (empty string allowed) (CVE-2008-1270)
  * make configure checks for --with-pcre, --with-zlib and --with-bzip2 failing if the headers aren't found
  * fixed handling of waitpid() == EINTR mod_ssi on solaris 

- 1.4.18 - 2007-09-09

  * fixed compile error on IRIX 6.5.x on prctl() (#1333)
  * fixed forwarding a SIGINT and SIGHUP when using max-workers (#902)
  * fixed FastCGI header overrun in mod_fastcgi (reported by mattias@secweb.se)
  * fixed hanging redirects with keep-alive due to missing
    "Content-Length: 0" headers
  * fixed crashing when using undefined environment variables in the config
  * fixed compilation of mod_mysql_vhost on irix (#1341)

- 1.4.17 - 2007-08-29

  * added dir-listing.set-footer in mod_dirlisting (#1277)
  * added sending UID and PID for SIGTERM and SIGINT to the logs
  * fixed hardcoded font-sizes in mod_dirlisting (#1267)
  * fixed different ETag length on 32/64 platforms (#1279)
  * fixed compression of files < 128 bytes by disabling compression (#1241)
  * fixed mysql server reconnects (#518)
  * fixed disabled keep-alive for dynamic content with HTTP/1.0 (#1166)
  * fixed crash on mixed EOL sequences in mod_cgi
  * fixed key compare (#1287)
  * fixed invalid char in header values (#1286)
  * fixed invalid "304 Not Modified" on broken timestamps
  * fixed endless loop on shrinked files with sendfile() on BSD (#1289)
  * fixed counter overrun in ?auto in mod_status (#909)
  * fixed too aggresive caching of nested conditionals (#41)
  * fixed possible overflow in unix-socket path checks on BSD (#713)
  * fixed extra Content-Length header on 1xx, 204 and 304 (#1002)
  * fixed handling of duplicate If-Modified-Since to return 304 
  * fixed extracting status code from NPH scripts (#1125)
  * fixed prctl() usage (#1310)
  * removed config-check if passwd files exist (#1188)
  * fixed crash when etags are disabled but the client sends one (#1322)
  * fixed crash when freeing the config in mod_alias
  * fixed server.error-handler-404 breakage from 1.4.16 (#1270)
  * fixed entering 404-handler from dynamic content (#948)
  * added more debug infos for FAM based stat-cache
  * use more LSB like paths in the sample config (#1242)

- 1.4.16 - 2007-07-25

  * added static-file.etags, etag.use-inode, etag.use-mtime, etag.use-size
    to customize the generation of ETags for static files. (#1209) 
    (patch by <Yusufg@gmail.com>)
  * fixed typecast of NULL on execl() (#1235)
    (patch by F. Denis)
  * fixed circumventing url.access-deny by trailing slash (#1230)
  * fixed crash on duplicate headers with trailing WS (#1232)
  * fixed accepting more connections then requested (#1216)
  * fixed mem-leak in mod_auth (reported by Stefan Esser)
  * fixed crash with md5-sess and cnonce not set in mod_auth (reported by Stefan Esser)
  * fixed missing check for base64 encoded string in mod_auth and Basic auth
    (reported by Stefan Esser)
  * fixed possible crash in Auth-Digest header parser on trailing WS in 
    mod_auth (reported by Stefan Esser) 
  * fixed check on stale errno values, which broke handling of broken fastcgi
    applications. (#1245)
  * fixed crash on 32bit archs when debug-msgs are printed in mod_scgi, mod_fastcgi 
    and mod_webdav (#1263)

- 1.4.15 - 2007-04-13

  * fixed broken Set-Cookie headers

- 1.4.14 - 2007-04-13

  * fix crash if gethostbyaddr() failed on redirect [1718]
  * properly handle 206 responses generated by *cgi scripts. (#755) [1716]
  * added HTTPS=on to the environment of cgi scripts (#861) [1684]
  * fix handling of 303 (#1045) [1678]
  * made the configure check for lua more portable [1677]
  * added mod_extforward module [1665]
  * references to the fam stat cache engine should be conditional (#1039) [1664]
  * fix http 500 errors (colin.stephen/at/o2.com) #1041 [1663]
  * prevent wrong pidfile unlinking on graceful restart (Chris Webb) [1656]
  * ignore empty packets from STDERR stream. #998
  * fix a crash for files with an mtime of 0 reported by cubiq on irc [1519]
    CVE-2007-1870
  * allow empty passwords with ldap (Jörg Sonnenberger) [1516]
  * mod_scgi.c segfault fix #964 [1501]
  * Added round-robin support to mod_fastcgi [1500]
  * Handle DragonFlyBSD the same way as Freebsd (Jörg Sonnenberger) [1492,1676]
  * added now and weeks support to mod_expire. #943
  * fix cpu hog in certain requests [1473] CVE-2007-1869
  * fix for handling hostnames with trailing dot [1406]
  * fixed header-injection via server.tag (#1106)
  * disabled caching of files without a content-type to solve the
    aggressive caching of FF
  * remove trailing white-spaces from HTTP-requests before parsing (#1098)
  * fixed accesslog.use-syslog in a conditional and the caching of the
    accesslog for files (fixes #1064)
  * fixed various crashes at startup on broken accesslog.format strings (#1000)
  * fixed handling of %% in accesslog.format
  * fixed conditional dir-listing.exclude (#930)
  * reduced default PATH_MAX to 255 (#826)
  * ECONNABORTED is not known on cygwin (#863)
  * fixed crash on url.redirect and url.rewrite if %0 is used in a global context
    (#800)
  * fixed possible crash in debug-message in mod_extforward
  * fixed compilation of mod_extforward on glibc < 2.3.4
  * fixed include of empty in the configfiles (#1076)
  * send SIGUSR1 to fastcgi children before SIGTERM. libfcgi wants SIGUSR1. (#737)
  * fixed missing AUTH_TYPE entry in the fastcgi environment. (#889)
  * fixed compilation in network_writev.c on MacOS X 10.3.9 (#903)
  * added kill-signal as another setting for fastcgi backends. See the wiki for more.

- 1.4.13 - 2006-10-09

  * added initgroups in spawn-fcgi (#871)
  * added apr1 support htpasswd in mod-auth (#870)
  * added lighty.stat() to mod_magnet
  * fixed segfault in splitted CRLF CRLF sequences
    (introduced in 1.4.12) (#876)
  * fixed compilation of LOCK support in mod-webdav
  * fixed fragments in request-URLs (#869)
  * fixed pkg-config check for lua5.1 on debian
  * fixed Content-Length = 0 on HEAD requests without
    a known Content-Length (#119)
  * fixed mkdir() forcing 0700 (#884)
  * fixed writev() on FreeBSD 4.x and older (#875)
  * removed warning about a 404-error-handler
    returned 404
  * backported and fixed the buildsystem changes for
    webdav locks
  * fixed plugin loading so we can finally load lua
    extensions in mod_magnet scripts
  * fixed large uploads if xattr is enabled

- 1.4.12 - 2006-09-23

  * added experimental LOCK support for webdav
  * added Content-Range support for PUT in webdav
  * added support for += on empty arrays in config-files
  * added ssl.cipher-list and ssl.use-sslv2
  * added $HTTP["querystring"] conditional
  * added mod_magnet as long-term replacement for mod_cml
  * added work-around for a Opera Bug with SSL + Chunked-Encoding
  * changed --print-config to print to stdout instead of stderr
  * changed no longer use 0600 for new files with webdav. umask is
    honored. Make sure you have set a proper umask.
  * fixed upload hangs with SSL
  * fixed connection drops with SSL (aka bad retry)
  * fixed path traversal with \ on cygwin
  * fixed mem-leak in mod_flv_streaming
  * fixed required trailing newline in configfiles (#142)
  * fixed quoting the autoconf files (#466)
  * fixed empty Host: + $HTTP["host"] handling (#458)
  * fixed handling of If-Modified-Since if ETag is not set
  * fixed default-shell if SHELL is not set (#441)
  * fixed appending and assigning of env.* vars
  * fixed empty FCGI_STDERR packets
  * fixed conditional server.allow-http-11
  * fixed handling of follow-symlink + lstat()
  * fixed SIGHUP handling if max-workers is used
  * fixed "Software caused connection abort" messages on FreeBSD

- 1.4.11 - 2006-03-09

  * added ability to specify which ip address spawn-fci listens on
    (agkr/at/pobox.com)
  * added mod_flv_streaming to streaming Flash Movies efficiently
  * fixed handling of error codes returned by mod_dav_svn behing a
    mod_proxy
  * fixed error-messages in mod_auth and mod_fastcgi
  * fixed re-enabling overloaded local fastcgi backends
  * fixed handling of deleted files in linux-sendfile
  * fixed compilation on BSD and MacOSX
  * fixed $SERVER["socket"] on a already bound socket
  * fixed local source retrieval on windows
    (secunia)
  * fixed hanging cgi if remote side is dieing while reading
    from the pipe (sandy/at/meebo.com)

- 1.4.10 - 2006-02-08

  * added docs for mod_dirlisting
  * added fastcgi.map-extensions to mod_fastcgi
  * fixed load balancing for mod_fastcgi
  * fixed extra newline for syslog() in mod_accesslog
  * fixed user-track cookie for IE in mod_usertrack
  * fixed crash in digest handling in mod_auth
  * fixed handling of 301 response-bodies from a mod_proxy backend
  * fixed loading of base modules if server.modules is not set
  * fixed broken cgi if mod_scgi is loaded

- 1.4.9 - 2006-01-14

  * added server.core-files option (sandy <sandy/at/meebo.com>)
  * added docs for mod_status
  * added mod_evasive to limit the number of connections by IP (<w1zzard/at/techpowerup.com>)
  * added the power-magnet to mod_cml
  * added internal statistics to mod_fastcgi
  * added server.statistics-url to get internal statistics from mod_status
  * added support for conditional range-requests through If-Range
  * added static building via scons
  * fixed 100% cpu loops in mod_cgi ("sandy" <sjen/at/cs.stanford.edu>)
  * fixed handling for secure-download.timeout (jamis/at/37signals.com)
  * fixed IE bug in content-charset in the output of mod_dirlisting (sniper/at/php.net)
  * fixed typos and language in the docs (ryan-2005/at/ryandesign.com)
  * fixed assertion in mod_cgi on HEAD request is Content-Length (<sandy/at/meebo.com>)
  * fixed handling if equal but duplicate If-Modified-Since request headers
  * fixed endless loops in mod_fastcgi if backend is dead
  * fixed Depth: 1 handling in PROPFIND requests on empty dirs
  * fixed encoding of UTF8 encoded dirlistings (Jani Taskinen <sniper/at/iki.fi>)
  * fixed initial bind to a unix-domain socket through server.bind
  * fixed handling of lowercase filesystems
  * fixed duplicate request headers cause by mod_setenv

- 1.4.8 - 2005-11-23

  * added auto-reconnect to ldap-server in mod_auth
    (joerg/at/netbsd.org)
  * changed auth.ldap-cafile to be optional
    (joerg/at/netbsd.org)
  * added strip_request_uri in mod_fastcgi
  * added more X-* headers to mod_proxy
    (Ben Grimm <bengrimm/at/gmail.com>)
  * added 'debug' to simple-vhost to suppress the
    (mod_simple_vhost.c.157) No such file or directory /servers/ww.lighttpd.net/pages/
    messages by default
  * added support to let the server listen on UNIX-socket
  * changed default stat-cache-engine to 'simple'
  * removed debian/ dir from source package on request by packager
  * fixed max-age timestamps in mod_expire
  * fixed encoding the filenames in PROPFIND in mod_webdav
  * fixed range request handling in network_writev
  * fixed retry on connect error in mod_fastcgi
    (Robert G. Jakabosky <bobby/at/alphatrade.com>)
  * fixed possible crash in mod_webdav if sqlite3 support
    is available but not use
  * fixed fdvent-handler init if server.max-worker was used
    (Siddharth Vijayakrishnan <mail/at/bluefireworks.net>)
  * fixed missing cleanup in mysql_vhost
  * fixed assert() in "connections.c:962:
      connection_handle_read_state: Assertion 'c->mem->used' failed."
  * fixed 64bit issue in md5
  * fixed crash in mod_status
  * fixed duplicate headers in mod_proxy
  * fixed Content-Length in HEAD request in mod_proxy
  * fixed unsigned/signed comparisions
  * fixed streaming in mod_cgi
  * fixed possible overflow in password-salt handling
    (reported on slashdot by james-web/at/and.org)
  * fixed server-traffic-limit if connection limit is not set

- 1.4.7 - 2005-11-02

  * added FD_CLOEXEC to fds which are kept open for a longer time
  * added smaller, moving mmaped windows to network_writev
  * added madvise() to instruct the kernel the do proper read-ahead in network_writev
  * added support for %I in mod_accesslog
  * added better compat to Apache for ?auto in mod_status
  * added support for userdirs without a entry in /etc/passwd in mod_userdir
    (rob/at/inversepath.com)
  * added startup-time selectable network-backend
  * added location of upload-files to config as array
  * added webdav.log-xml for logging xml-content in mod_webdav
  * added Cache-Control: max-age to mod_expire
  * workaround missing client-bug by assuming we received a close-notify on
    non-keep-alive requests in SSL request
  * disabled kerberos5 support by default to fix compilation on RHEL
  * fixed order of library checks to fix compilation on Solaris 9
  * fixed open file-descriptors on read-error
  * fixed crash if /var/tmp is not writable

- 1.4.6 - 2005-10-09

  * fixed compilation on MacOS X and cygwin
  * fixed compressed output if caching was disabled (seen in IE and Opera)
  * fixed range-request option
  * fixed mysql-vhost module (was broken in 1.4.5)
  * fixed false positive in the detection of case-insensitive FS

- 1.4.5 - 2005-10-02

  * added all DeltaV methods as known methods
  * added buffer-to-disk of request content
  * added warning for unused variables in conditionals
  * added global index-generators to mod_indexfile
  * fixed caching for remote-ip conditionals with keep-alive
  * fixed redirects with content
  * fixed infinite loop in exec-cmd in mod_ssi
  * fixed segfault in config handling for mod_mysql_vhost
  * fixed segfault on FIFOs/Sockets
  * fixed possible crash on uninit memory if If-Modified-Since was too long
  * fixed accounting of mem-chunks
  * fixed starving of connections on high load
  * fixed crc errors in mod_compress on 64bit platforms
  * fixed handling of overlapping fastcgi packets (bug added in 1.4.4)
  * fixed logic of conditionals if a header was not set
  * fixed a segfault in mod_rewrite if %1 references were used
  * fixed handling of empty request URIs in HTTP requests

- 1.4.4 - 2005-09-16
  * added support for %V in mod_accesslog
  * added a option for a FastCGI responser to send static files
  * added md5 and blowfish hashes to htpasswd
  * fixed METHOD in mod_accesslog of WebDAV methods
  * fixed check for permission before files in sent
  * fixed mod-proxy and content for non-POST requests
  * fixed compilation of mod_cml on MacOS X
  * fixed SSL errmsg after accept()
  * fixed memleak in stat-cache
  * fixed aborted connections if file was moved while in transfer
  * fixed mem-usage for large FastCGI transfers

- 1.4.3 - 2005-09-01

  * added gracefull shutdown
  * added server.max-connections
  * fixed compilation on all BSD platforms
  * fixed init of kqueue and /dev/poll after daemonize
  * fixed segfault if select() is event-handler and more than FD_SETSIZE
    fds are opened
  * fixed compilation of mod_cml
  * fixed bin-copy-env in mod_fastcgi

- 1.4.2 - 2005-08-29

  * fixed mimetype detection on uppercase extensions
  * fixed memleak in stat-cache
  * fixed infinite loop in mod_cgi
  * fixed alignment crashes on sparc64 and alpha64
  * fixed test system for gentoo ebuild
  * fixed infinite loop in SSL
  * fixed range request for files > 2Gb

- 1.4.1 - 2005-08-22

  * added a complete Class 1 complient mod_webdav
  * fixed ssl support (especially on OpenBSD)
  * fixed response header in body problem in mod_cgi
  * fixed numbers before body problem
  * fixed compilation on Solaris and FreeBSD
  * fixed conditional options in mod_dirlisting
  * fixed segfault in mod_dirlisting for NFS directories
  * fixed check for docroot in change-root environments

- 1.4.0 - 2005-08-17

  * added nested conditionals
  * added remote-ip to $HTTP
  * added support for stat-cache via FAM
  * added a read-only WebDAV module
  * fixed cleanup in mod_proxy and mod_fastcgi
  * fixed handling of filenames on case-insensitive filesystems

- 1.3.16 - 2005-07-31

  * added Date: headers to dynamic HTTP/1.0 requests
  * added support for OPTION * HTTP/1.1
  * added support for accesslog to syslog
  * added support for PATH_INFO guessing if check-local is disabled in
      mod_fastcgi
  * added switch to disable range-requests
  * added valid-user option for mod_auth (tigger at gentoo.org)
  * added JavaScript based sorting to mod_status (erik)
  * added selective TCP_CORK (Christian von Roques)
  * break up endless loops with Status: 500
  * fixed endless loops in mod_rewrite
  * mapped url.rewrite and url.rewrite-final to uri.rewrite-once
  * fixed compilation for mod_trigger_b4_dl
  * fixed 'can't reach host' in mod_proxy
  * error-handler-404 defaults to Status: 200 and static files work now

- 1.3.15 - 2005-07-15

  * added mod_cml
  * added mod_trigger_b4_dl
  * added encoding to mod_dirlisting
  * added ?auto to mod_status
  * relaxed handling of characters in URIs even more
  * fixed detection of sendfile() on Linux 2.4.x
  * fixed comparision of buffers for short strings
  * server.errorfile-prefix is now conditional
  * fixed mod_rrdtool to close STDERR

- 1.3.14 - 2005-06-15

  * added SCGI support via mod_scgi
  * added hash-based and round-robin load balancing to mod_proxy
  * fixed range requests larger than 2Gb
  * fixed compilation on Solaris
  * fixed endless loops in mod_fastcgi, mod_cgi and mod_proxy
  * fixed handling of URIs for '+' and characters > 127

- 1.3.13 - 2005-03-06

  * added customizable directory listings
  * fixed compile error on all BSD unixes
  * fixed PATHINFO handling for FastCGI
  * fixed handling of remote-close on FreeBSD and OpenSSL

- 1.3.12 - 2005-03-02

  * added ssl.ca-file
  * added support for \n\n as terminator
  * rewrote test-framework and added more tests
  * fixed cgi.assign with empty handler
  * fixed segfault in debug-code
  * fixed mod_expire if modification-timestamps are used
  * fixed segfault on duplication Host-headers
  * fixed endless loop in mod_fastcgi
  * fixed handling of dead fastcgi-processes

- 1.3.11 - 2005-02-20

  * added REMOTE_PORT and SERVER_ADDR to CGI-env
  * relaxed handling of newlines before keep-alive requests
  * relaxed uri-parser again
  * fixed PHP_SELF for php
  * fixed compilation on MacOS X
  * fixed handling of EPIPE and ECONNRESET
  * fixed crash in mod_auth if config-options are missing
  * fixed handling of missing trailing / in mod_userdir
  * fixed conditional secdownload.secret
  * fixed REPORT ME error due to failed reconnects in mod_fastcgi
  * fixed cmdline handling in mod_fastcgi

- 1.3.10 - 2005-02-06

  * added support for full commandline in spawn-fcgi
  * fixed missing check for IP-address in mod_fastcgi
  * fixed compile error with openssl in mod_fastcgi
  * removed a debug-message from network-functions

- 1.3.9 - 2005-02-06

  * added a stricter URI parser
  * added a check to the CGI spawner if the cgi-handler exists
  * added documentation for SSL and mod_status
  * added handling of startup environment to FastCGI
  * improved performance in FastCGI in buildind the FastCGI header
  * fixed min-procs and max-procs in FastCGI on PowerPC
  * fixed crash in setenv.add-response-header
  * fixed handling of nph-scripts in CGI
  * fixed accidently sending out physical file in CGI on error
  * fixed cygwin support
  * fixed handling of missing files
  * fixed HEAD requests for dynamic requests

- 1.3.8 - 2005-01-30

  * added traffic shaping by remote host and virtual server
  * added auto-spawning of FastCGI process on demand
  * added virtual host based on MySQL
  * added mod_setenv to add envirnoment and http headers on the fly
  * added support for syslog in mod_accesslog
  * improved output of mod_status
  * improved debug output in request handling
  * fixed build problems on netbsd 1.4.x and 1.5.x
  * fixed status.url configuration
  * fixed handling of != and !~ in configutation
  * fixed special cases in keep-alive handling
  * fixed timeout handling in handling POST requests
  * fixed mode AUTHORIZER in FastCGI
  * fixed handling if internal redirects if no Host: is supplied
  * fixed mod_alias + pathinfo
  * fixed directory indexes and permissions
  * enabled sending errorlog to syslog again

- 1.3.7 - 2004-12-11

  * added retries for a fastcgi connect if a php-childs
    dies at startup
  * update the debian directory
  * added setgroups() to drop all group-privs
  * added native port to windows via mingw32
  * added server.tag = '...'
  * added support for ${...} in mod_ssi
  * ported all plugins to conditional support
  * fixed multipart handling in cgi
  * fixed kqueue event-handler
  * fixed wrap-around in mod_status
  * fixed crash with SSL + FastCGI
  * fixed detection of SSL headers
  * fixed handling of dangling SSL_shutdown
  * fixed detection of keep-alive of Firefox

- 1.3.6 - 2004-11-03

  * added spawn-fcgi to the distribution
  * added support in fastcgi module to spawn fastcgi
    processes itself
  * fixed logfile cycling if external logging is used
  * fixed connection handling in fastcgi if no chunk
    encoding is used
  * fixed internal redirects on directories if a query
    string is supplied
  * fixed cgi-module for POST request above 4k
  * fixed mod_alias and follow-symlink

- 1.3.5 - 2004-10-31

  * added mod_alias
  * added mod_userdir
  * added the exec command to the SSI handler
  * added a switch to disable follow-symlinks
  * added a switch to disable IPv6 at compile-time
  * fixed compilation on FreeBSD and NetBSD 1.3.x
  * fixed segfault in pipelining
  * fixed a segfault in writev() handler if LFS is used

- 1.3.4 - 2004-10-24

  * added limiter for open files
  * added logging of user supplied data to accesslogs
  * added build target for OpenWRT
  * added plain backend support for auth-digest
  * fixed handling the external accesslog processes
  * fixed SERVER_NAME in CGI and FastCGI

- 1.3.3 - 2004-10-16

  * added support for NL terminators in CGI-scripts
  * added support for conditionals in mod_auth,
    mod_simple_vhost and mod_evhost
  * added a error-handler for 404 codes
  * fixed request counter in the rrdtool module
  * fixed log-file cycling
  * fixed seg-fault

- 1.3.2 - 2004-09-30

  * fixed file-cache

- 1.3.1 - 2004-09-30

  * fixed file-cache
  * fixed parsing of IPv6 adresses
  * fixed cgi for cygwin
  * fixed test-suite for FreeBSD and IRIX
  * fixed handling of shrinked files
  * fixed handling of REQUEST_URI after rewrite

- 1.3.0 - 2004-09-17

  * added build for MacOS X and Cygwin
  * added handling of more than one socket
  * added config-conditions for User-Agent and Referer
  * added final rewrite-rules

- 1.2.8 - 2004-09-11

  * added a cache for mimetypes
  * added X-Forwarded-For for mod_proxy
  * fixed handling of comments in If-Modified-Since
  * fixed error handling in FastCGI code
  * fixed expire plugin for second Expire header

- 1.2.7 - 2004-09-04

  * added mod_rrdtool for internal statistics
  * added xattr support
  * added user-controlable timeouts
  * improved documentation for many plugins
  * fixed POST requests for mod_proxy
  * fixed rare hang with CGI
  * fixed seg-fault if no configfile is specified
  * fixed rare problem in FastCGI header generation

- 1.2.6 - 2004-08-26

  * added apache-like accesslog definition
  * enabled timestamp cache again
  * improved performance in the string compare functions
  * fixed double-free in fastcgi handler
  * fixed error-handling in cgi handler

- 1.2.5 - 2004-08-10

  * added skeleton for solaris 10 port-API
  * added compression support even if no cachedir is set
  * added conditional configoptions
  * fixed compilation on OpenBSD
  * fixed kqueue support
  * fixed pipelining bug
  * fixed parallel build (triggered by Gentoo)
  * updated debian postinst

- 1.2.4 - 2004-07-31

  * added kqueue support
  * added server-side includes (mod_ssi)
  * fixed large post uploads in fastcgi
  * fixed rt-signals handling of delayed events

- 1.2.3 - 2004-07-10

  * added a proxy module for Java and friends
  * added support to pass accesslog through an external programm
  * added mimetypes for text/css and text/javascript
  * fixed index-files for FastCGI if webserver is in chroot
  * fixed error messages of CGI process fails to exec()
  * fixed detection of pcre on IRIX and FreeBSD
  * fixed timestamps in Last-Modified checks
  * fixed 64bit builds
  * fixed mmap-caching of large files
  * relaxed the HTTP parser on empty headerfields

- 1.2.2 - 2004-06-15

  * added support for unix domain sockets in FastCGI
  * fixed mmap caching
  * fixed compile-time check for linux sendfile()
  * fixed check for pcre.h on Fedora Core 2

- 1.2.1 - 2004-05-30

  * added experimental support for AIX send_file()
  * added an mmap cache to the filehandle cache
  * enabled FreeBSD sendfile support again
  * added support for calling CGI binaries directly
  * fixed pipelining for POST requests
  * fixed some seg-faults if no configfile is used

- 1.2.0 - 2004-05-17

  * added conforming Expect: handling
  * added a module for secure and fast downloading
  * rewrote the event handling interface
  * fixed array handling which might lead to 'missing header'
  * fixed pipelining support
  * fixed build of the localizer extension
  * fixed cgi handling for headers which are flushed to often
  * fixed compilation on Solaris 2.5

- 1.1.9 - 2004-04-29

  * added AUTHORIZER mode to the FastCGI module
  * added 'check-local' option to disable local stat() in the FastCGI module
  * added prefix-notation for FastCGI module
  * added 'mod_usertrack'
  * improved CGI/FastCGI spec conformance
  * more code cleanup
  * fixed HTTP/1.1 chunk headers
  * fixed POST handling
  * fixed SSL network handler
  * fixed writev() network handler

- 1.1.8 - 2004-04-16

  * code cleanup
  * limiting the size of the request-body and the request-header
  * minor speed improvements
  * tightend the HTTP-Parser again

- 1.1.7 - 2004-04-12

  * added REMOTE_USER to the Server->FastCGI parameters
  * added bzip2 compression
  * improved the error-messages from the new configfile parser
  * fixed accesslog writing for errornous requests
  * fixed LFS (64bit filesizes) handling
  * fixed Content-Length for HEAD requests
  * fixed some memory leaks in the configfile parser

- 1.1.6 - 2004-04-10

  * tightend the HTTP-Parser
  * rewrote the configfile parser (based on lemon)
  * fixed openssl support
  * fixed mmap+write support
  * use localtime in accesslog if possible

- 1.1.5 - 2004-04-07

  * added ldap backend to the auth
  * added a mod_expire
  * added debian packaging structure
  * merged redhat and suse spec-file
  * fixed eventhandler for solaris
  * fixed 64bit fileoffsets
  * fixed permissions of the PID-file

- 1.1.4 - 2004-04-04

  * added server.pid-file
  * added support for solaris /dev/poll and solaris sendfilev()
  * added support for writev()
  * added PATHINFO support (again)
  * fixed CLF logfile writing

- 1.1.3 - 2004-03-25

  * set default event-handler to 'poll'
  * fixed logcycling in chroot()
  * fixed hostname detection
  * added syslog() as fallback for error-logging

- 1.1.2 - 2004-03-22

  * added a "docroot" setting for fastcgi processes
  * performance improvements
  * improved configure script
  * rewrote the fastcgi config parser
  * added a rc-script for RedHat
  * added epoll() support for Linux 2.6.x

- 1.1.1 - 2004-03-15

  * added localizer module
  * performance improvements
  * code cleanup

- 1.1.0 - 2004-03-06

  * changed some configuration keys for better readability
  * moved the virtual-host code to mod_simple_vhost
  * added enhanced virtual host plugin from Christian Kruse
  * added two new auth-backends (htpasswd, htdigest)
  * fixed and improved authentification
  * stricter parsing of the Host: field
  * added a warning for unused configuration keys
  * improved FastCGI documentation

- 1.0.3 - 2004-02-13

  * a startup script has been added (LSB compliant)
  * HEAD requests were submitting the content like a GET request
  * the virtual directory listing got a face-lifting and fixes
  * request-headers are now handled case-in-sensitive as required
    by the standard. this fixes POST requests for w3m and some Proxies.

- 1.0.2 - 2004-02-07

  * rearrangement of the default configfile
  * some updates in the documentation
  * a entry in the error-log for a 404
  * stdout is no longer the default for the accesslog