The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems including UNIX and Windows NT.
The main goal of Apache HTTP Server is to provide an efficient, secure and extensible server that provides HTTP services in sync with the current HTTP standards.
Apache has been the most popular web server on the Internet since 1996.
The Apache HTTP Server Project is a collaborative software development effort aimed at creating a robust, commercial-grade, featureful, and freely-available source code implementation of an HTTP (Web) server.
The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation.
This project is part of the Apache Software Foundation. In addition, hundreds of users have contributed ideas, code, and documentation to the project.
Apache is run on millions of Internet servers. It has been tested thoroughly by both developers and users. The Apache HTTP Server Project maintains rigorous standards before releasing new versions of our server, and our server runs without a hitch on over 70% of all WWW servers available on the Internet. When bugs do show up, we release patches and new versions as soon as they are available.
What's New in This Release:
· Reject requests where the request-URI does not match the HTTP specification, preventing unexpected expansion of target URLs in some reverse proxy configurations. [Joe Orton]
· Fix integer overflow in ap_pregsub() which, when the mod_setenvif module is enabled, could allow local users to gain privileges via a .htaccess file. [Stefan Fritsch, Greg Ames]
· Resolve additional cases of URL rewriting with ProxyPassMatch or RewriteRule, where particular request-URIs could result in undesired backend network exposure in some configurations. [Joe Orton]
· mod_log_config: Fix segfault (crash) when the '%{cookiename}C' log format string is in use and a client sends a nameless, valueless cookie, causing a denial of service. The issue existed since version 2.2.17. PR 52256. [Rainer Canavan ]
· Fix scoreboard issue which could allow an unprivileged child process could cause the parent to crash at shutdown rather than terminate cleanly. [Joe Orton]
· Fix an issue in error responses that could expose "...