Project

General

Profile

1.4.18

closed

2007-09-11

100%

3 issues   (3 closed — 0 open)

Release Info

  • Version: 1.4.18
  • Previous version: 1.4.17
  • Branch: 1.4
  • Status: Stable
  • Release Purpose: security and bug fixes
  • Release manager: darix
  • Released date: 2007-09-09

"Release early, release often."

So here we are again. The previous release is already 12 days old! It already got grey hair.

And again we have a small security bug! It seems, if you get the more popular, more people are looking at your code. This time Mattias Bengtsson and Philip Olausson from secweb.se took a look at the code. They found a small bug that could lead to remote code execution in fastcgi applications. (We wont mention names here.)

Changes from 1.4.17

  • fixed compile error on IRIX 6.5.x on prctl() (#1333)
  • fixed forwarding a SIGINT and SIGHUP when using max-workers (#902)
  • fixed FastCGI header overrun in mod_fastcgi (reported by )
  • fixed hanging redirects with keep-alive due to missing "Content-Length: 0" headers
  • fixed crashing when using undefined environment variables in the config
  • fixed compilation of mod_mysql_vhost on irix (#1341)

External references

Downloads

Issues by
Bug

3/3

Also available in: TXT