Apache HTTP Server 2.2.20
The Apache HTTP Server Project is a collaborative software development effort aimed at creating a robust, commercial-grade, featureful, and freely-available source code implementation of an HTTP (Web) server. The project is jointly managed by a group of volunteers located around the world, using the Internet and the Web to communicate, plan, and develop the server and its related documentation. This project is part of the Apache Software Foundation. In addition, hundreds of users have contributed ideas, code, and documentation to the project. This file is intended to briefly describe the history of the Apache HTTP Server and recognize the many contributors.
httpd-2.2.19-win32-x86-no_ssl.msi file was thoroughly tested by our system on Aug 10, 2011 by the three antivirus programs and passed. Is absolutely clean, enjoy!
This archive is 100% safe to download and install.
Have a look at the full Apache HTTP Server 2.2.20 antivirus scan reports.
Download alternate Apache HTTP Server solution
Look at the free or trial alternatives and similar apps to Apache HTTP Server software by the tags. It's possible also to find substitutes for the most popular titles in the Net Servers Services category.
| Web Server | Http Server Project | Apache Software Foundation |
History updates (Complete changelogs since the listing on this site)
2.2.20 [09-01-11]
Other versions : 2.2.19 2.2.18 2.2.17 2.2.16 2.2.15 2.2.14 2.2.13
v2.2.19 [06-02-11]
2.2.19 *) Revert ABI breakage in 2.2.18 caused by the function signature change of ap_unescape_url_keep2f(). This release restores the signature from 2.2.17 and prior, and introduces ap_unescape_url_keep2f_ex(). [Eric Covener]
v2.2.18 [05-13-11]
2.2.18 *) Log an error for failures to read a chunk-size, and return 408 instead 413 when this is due to a read timeout. This change also fixes some cases of two error documents being sent in the response for the same scenario. [Eric Covener] PR49167 *) core: Only log a 408 if it is no keepalive timeout. PR 39785 [Ruediger Pluem, Mark Montague ] *) core: Treat timeout reading request as 408 error, not 400. Log 408 errors in access log as was done in Apache 1.3.x. PR 39785 [Nobutaka Mantani , Stefan Fritsch, Dan Poirier] *) Core HTTP: disable keepalive when the Client has sent Expect: 100-continue but we respond directly with a non-100 response. Keepalive here led to data from clients continuing being treated as a new request. PR 47087. [Nick Kew] *) htpasswd: Change the default algorithm for htpasswd to MD5 on all platforms. Crypt with its 8 character limit is not useful anymore; improve out of disk space handling (PR 30877); print a warning if a password is truncated by crypt. [Stefan Fritsch] *) mod_win32: Added shebang check for '! so that .vbs scripts work as CGI. Win32's cscript interpreter can only use a single quote as comment char. [Guenter Knauf] *) configure: Fix htpasswd/htdbm libcrypt link errors with some newer linkers. [Stefan Fritsch] *) MinGW build improvements. PR 49535. [John Vandenberg , Jeff Trawick] *) mod_ssl, ab: Support OpenSSL compiled without SSLv2 support. [Stefan Fritsch] *) core: AllowEncodedSlashes new option NoDecode to allow encoded slashes in request URL path info but not decode them. PR 35256, PR 46830. [Dan Poirier] *) mod_rewrite: Allow to unset environment variables. PR 50746. [Rainer Jung] *) suEXEC: Add Suexec directive to disable suEXEC without renaming the binary (Suexec Off), or force startup failure if suEXEC is required but not supported (Suexec On). [Jeff Trawick] *) mod_proxy: Put the worker in error state if the SSL handshake with the backend fails. PR 50332. [Daniel Ruggeri , Ruediger Pluem] *) prefork: Update MPM state in children during a graceful restart. Allow the HTTP connection handling loop to terminate early during a graceful restart. PR 41743. [Andrew Punch ] *) mod_ssl: Correctly read full lines in input filter when the line is incomplete during first read. PR 50481. [Ruediger Pluem] *) mod_autoindex: Merge IndexOptions from server to directory context when the directory has no mod_autoindex directives. PR 47766. [Eric Covener] *) mod_cache: Make sure that we never allow a 304 Not Modified response that we asked for to leak to the client should the 304 response be uncacheable. PR45341 [Graham Leggett] *) mod_dav: Send 400 error if malformed Content-Range header is received for a put request (RFC 2616 14.16). PR 49825. [Stefan Fritsch] *) mod_userdir: Add merging of enable, disable, and filename arguments to UserDir directive, leaving enable/disable of userlists unmerged. PR 44076 [Eric Covener] *) core: Honor 'AcceptPathInfo OFF' during internal redirects, such as per-directory mod_rewrite substitutions. PR 50349. [Eric Covener] *) mod_cache: Check the request to determine whether we are allowed to return cached content at all, and respect a "Cache-Control: no-cache" header from a client. Previously, "no-cache" would behave like "max-age=0". [Graham Leggett] *) mod_mem_cache: Add a debug msg when a streaming response exceeds MCacheMaxStreamingBuffer, since mod_cache will follow up with a scary 'memory allocation failed' debug message. PR 49604. [Eric Covener] *) proxy_connect: Don't give up in the middle of a CONNECT tunnel when the child process is starting to exit. PR50220. [Eric Covener]
v2.2.17 [10-22-10]
*) SECURITY: CVE-2009-2699 (cve.mitre.org) Fixed in APR 1.3.9. Faulty error handling in the Solaris pollset support (Event Port backend) which could trigger hangs in the prefork and event MPMs on that platform. PR 47645. [Jeff Trawick] *) SECURITY: CVE-2009-3095 (cve.mitre.org) mod_proxy_ftp: sanity check authn credentials. [Stefan Fritsch , Joe Orton] *) SECURITY: CVE-2009-3094 (cve.mitre.org) mod_proxy_ftp: NULL pointer dereference on error paths. [Stefan Fritsch , Joe Orton] *) mod_proxy_scgi: Backport from trunk. [André Malo] *) mod_ldap: Don't try to resolve file-based user ids to a DN when AuthLDAPURL has been defined at a very high level. PR 45946. [Eric Covener] *) htcacheclean: 19 ways to fail, 1 error message. Fixed. [Graham Leggett] *) mod_ldap: Bring the LDAPCacheEntries and LDAPOpCacheEntries usage() in synch with the manual and the implementation (0 and -1 both disable the cache). [Eric Covener] *) mod_ssl: The error message when SSLCertificateFile is missing should at least give the name or position of the problematic virtual host definition. [Stefan Fritsch sf sfritsch.de] *) htdbm: Fix possible buffer overflow if dbm database has very long values. PR 30586 [Dan Poirier] *) Add support for HTTP PUT to ab. [Jeff Barnes ] *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute type. PR 45107. [Michael Ströder , Peter Sylvester ] *) mod_cache: Add CacheIgnoreURLSessionIdentifiers directive to ignore defined session identifiers encoded in the URL when caching. [Ruediger Pluem] *) mod_mem_cache: fix seg fault under load due to pool concurrency problem PR: 47672 [Dan Poirier ] *) mod_autoindex: Correctly create an empty cell if the description for a file is missing. PR 47682 [Peter Poeml ]
v2.2.16 [08-04-10]
*) SECURITY: CVE-2009-2699 (cve.mitre.org) Fixed in APR 1.3.9. Faulty error handling in the Solaris pollset support (Event Port backend) which could trigger hangs in the prefork and event MPMs on that platform. PR 47645. [Jeff Trawick] *) SECURITY: CVE-2009-3095 (cve.mitre.org) mod_proxy_ftp: sanity check authn credentials. [Stefan Fritsch , Joe Orton] *) SECURITY: CVE-2009-3094 (cve.mitre.org) mod_proxy_ftp: NULL pointer dereference on error paths. [Stefan Fritsch , Joe Orton] *) mod_proxy_scgi: Backport from trunk. [André Malo] *) mod_ldap: Don't try to resolve file-based user ids to a DN when AuthLDAPURL has been defined at a very high level. PR 45946. [Eric Covener] *) htcacheclean: 19 ways to fail, 1 error message. Fixed. [Graham Leggett] *) mod_ldap: Bring the LDAPCacheEntries and LDAPOpCacheEntries usage() in synch with the manual and the implementation (0 and -1 both disable the cache). [Eric Covener] *) mod_ssl: The error message when SSLCertificateFile is missing should at least give the name or position of the problematic virtual host definition. [Stefan Fritsch sf sfritsch.de] *) htdbm: Fix possible buffer overflow if dbm database has very long values. PR 30586 [Dan Poirier] *) Add support for HTTP PUT to ab. [Jeff Barnes ] *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute type. PR 45107. [Michael Ströder , Peter Sylvester ] *) mod_cache: Add CacheIgnoreURLSessionIdentifiers directive to ignore defined session identifiers encoded in the URL when caching. [Ruediger Pluem] *) mod_mem_cache: fix seg fault under load due to pool concurrency problem PR: 47672 [Dan Poirier ] *) mod_autoindex: Correctly create an empty cell if the description for a file is missing. PR 47682 [Peter Poeml ]
v2.2.15 [03-30-10]
*) SECURITY: CVE-2009-2699 (cve.mitre.org) Fixed in APR 1.3.9. Faulty error handling in the Solaris pollset support (Event Port backend) which could trigger hangs in the prefork and event MPMs on that platform. PR 47645. [Jeff Trawick] *) SECURITY: CVE-2009-3095 (cve.mitre.org) mod_proxy_ftp: sanity check authn credentials. [Stefan Fritsch , Joe Orton] *) SECURITY: CVE-2009-3094 (cve.mitre.org) mod_proxy_ftp: NULL pointer dereference on error paths. [Stefan Fritsch , Joe Orton] *) mod_proxy_scgi: Backport from trunk. [André Malo] *) mod_ldap: Don't try to resolve file-based user ids to a DN when AuthLDAPURL has been defined at a very high level. PR 45946. [Eric Covener] *) htcacheclean: 19 ways to fail, 1 error message. Fixed. [Graham Leggett] *) mod_ldap: Bring the LDAPCacheEntries and LDAPOpCacheEntries usage() in synch with the manual and the implementation (0 and -1 both disable the cache). [Eric Covener] *) mod_ssl: The error message when SSLCertificateFile is missing should at least give the name or position of the problematic virtual host definition. [Stefan Fritsch sf sfritsch.de] *) htdbm: Fix possible buffer overflow if dbm database has very long values. PR 30586 [Dan Poirier] *) Add support for HTTP PUT to ab. [Jeff Barnes ] *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute type. PR 45107. [Michael Ströder , Peter Sylvester ] *) mod_cache: Add CacheIgnoreURLSessionIdentifiers directive to ignore defined session identifiers encoded in the URL when caching. [Ruediger Pluem] *) mod_mem_cache: fix seg fault under load due to pool concurrency problem PR: 47672 [Dan Poirier ] *) mod_autoindex: Correctly create an empty cell if the description for a file is missing. PR 47682 [Peter Poeml ]
v2.2.14 [10-06-09]
*) SECURITY: CVE-2009-2699 (cve.mitre.org) Fixed in APR 1.3.9. Faulty error handling in the Solaris pollset support (Event Port backend) which could trigger hangs in the prefork and event MPMs on that platform. PR 47645. [Jeff Trawick] *) SECURITY: CVE-2009-3095 (cve.mitre.org) mod_proxy_ftp: sanity check authn credentials. [Stefan Fritsch , Joe Orton] *) SECURITY: CVE-2009-3094 (cve.mitre.org) mod_proxy_ftp: NULL pointer dereference on error paths. [Stefan Fritsch , Joe Orton] *) mod_proxy_scgi: Backport from trunk. [André Malo] *) mod_ldap: Don't try to resolve file-based user ids to a DN when AuthLDAPURL has been defined at a very high level. PR 45946. [Eric Covener] *) htcacheclean: 19 ways to fail, 1 error message. Fixed. [Graham Leggett] *) mod_ldap: Bring the LDAPCacheEntries and LDAPOpCacheEntries usage() in synch with the manual and the implementation (0 and -1 both disable the cache). [Eric Covener] *) mod_ssl: The error message when SSLCertificateFile is missing should at least give the name or position of the problematic virtual host definition. [Stefan Fritsch sf sfritsch.de] *) htdbm: Fix possible buffer overflow if dbm database has very long values. PR 30586 [Dan Poirier] *) Add support for HTTP PUT to ab. [Jeff Barnes ] *) mod_ssl: Fix SSL_*_DN_UID variables to use the 'userID' attribute type. PR 45107. [Michael Ströder , Peter Sylvester ] *) mod_cache: Add CacheIgnoreURLSessionIdentifiers directive to ignore defined session identifiers encoded in the URL when caching. [Ruediger Pluem] *) mod_mem_cache: fix seg fault under load due to pool concurrency problem PR: 47672 [Dan Poirier ] *) mod_autoindex: Correctly create an empty cell if the description for a file is missing. PR 47682 [Peter Poeml ]
v2.2.13 [09-21-09]
*) SECURITY: CVE-2009-2412 (cve.mitre.org) Distributed with APR 1.3.8 and APR-util 1.3.9 to fix potential overflow in pools and rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] *) mod_ssl, ab: improve compatibility with OpenSSL 1.0.0 betas. Report warnings compiling mod_ssl against OpenSSL to the httpd developers. [Guenter Knauf] *) mod_cgid: Do not add an empty argument when calling the CGI script. PR 46380 [Ruediger Pluem] *) Fix potential segfaults with use of the legacy ap_rputs() etc interfaces, in cases where an output filter fails. PR 36780. [Joe Orton]
Predicted future versions and notices:
The doDownload.com constantly monitors the update of all programs, including information from the Apache HTTP Server 2.2.21 changelog file, however sometimes it can happen that data are not complete or are outdated.We assume that author continue's to develop 2.3.0 version with further advanced features, and soon you will be informed. Equally important 3.0.0 upgrades of the program we will continue to monitor. Full Apache HTTP Server description has been compared with the overall software database and our algorithm has found the following applications (are showed below).
Bookmark
Favorites
Del.icio.us
Digg
StumbleUpon
Google
Facebook
Reddit
Live
(11.3MB, Extension: MSI)
Average review rating :
Useful independent reviews and opinions of the users