Apache 2.2
詳細情報
| タイトル | Apache 2.2 |
|---|---|
| URL | http://httpd.apache.org/ |
| バージョン | ver 2.2.34 |
| 更新日 | 2017/07/12 |
| 追加日 | 2013/08/17 |
| 種別 | フリーソフト |
| 説明 | 定番WebサーバApache 2.2系列。 |
レビュー
レビューはありません。
スクリーンショット
スクリーンショットはありません。
更新グラフ
バージョン履歴
Apache HTTP Server 2.2.34 Released
July 11, 2017
The Apache Software Foundation and the Apache HTTP Server Project
announce the release of version 2.2.34 of the Apache HTTP Server
("Apache"), the final maintenance release of the 2.2 series. No
further 2.2 releases are anticipated. This version of Apache is
principally a security and bug fix maintenance release.
We consider the current Apache HTTP Server 2.4 release to be the best
version of Apache available, and encourage every user of 2.2 and all
prior versions to upgrade. This final 2.2 release is offered for those
unable to upgrade at this moment.
Take note that Apache Web Server Project will provide no future release
of the 2.2.x series, although some security patches may be published
through December of 2017. These will be collected at the URL;
http://www.apache.org/dist/httpd/patches/apply_to_2.2.34/
No further maintenance patches of 2.2.x will be published. Users are
strongly encouraged to promptly complete their transitions to the
2.4.x flavor of httpd to receive any future benefit from the user
community or the Apache HTTP Server project developers.
(省略されました)
July 11, 2017
The Apache Software Foundation and the Apache HTTP Server Project
announce the release of version 2.2.34 of the Apache HTTP Server
("Apache"), the final maintenance release of the 2.2 series. No
further 2.2 releases are anticipated. This version of Apache is
principally a security and bug fix maintenance release.
We consider the current Apache HTTP Server 2.4 release to be the best
version of Apache available, and encourage every user of 2.2 and all
prior versions to upgrade. This final 2.2 release is offered for those
unable to upgrade at this moment.
Take note that Apache Web Server Project will provide no future release
of the 2.2.x series, although some security patches may be published
through December of 2017. These will be collected at the URL;
http://www.apache.org/dist/httpd/patches/apply_to_2.2.34/
No further maintenance patches of 2.2.x will be published. Users are
strongly encouraged to promptly complete their transitions to the
2.4.x flavor of httpd to receive any future benefit from the user
community or the Apache HTTP Server project developers.
(省略されました)
Apache HTTP Server 2.2.32 Released
January 13, 2017
pleased to announce the release of version 2.2.32 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a security
and bug fix maintenance release, and addresses these specific security
defects as well as other fixes;
CVE-2016-8743
Enforce HTTP request grammar corresponding to RFC7230 for request
lines and request headers, to prevent response splitting and cache
pollution by malicious clients or downstream proxies.
to upgrade at this time.
Please note that Apache Web Server Project will only provide maintenance
releases of the 2.2.x flavor through June of 2017, and will provide some
security patches beyond this date through at least December of 2017.
Minimal maintenance patches of 2.2.x are expected throughout this period,
and users are strongly encouraged to promptly complete their transitions
to the the 2.4.x flavor of httpd to benefit from a much larger assortment
of minor security and bug fixes as well as new features.
For further details, see:
(省略されました)
January 13, 2017
pleased to announce the release of version 2.2.32 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a security
and bug fix maintenance release, and addresses these specific security
defects as well as other fixes;
CVE-2016-8743
Enforce HTTP request grammar corresponding to RFC7230 for request
lines and request headers, to prevent response splitting and cache
pollution by malicious clients or downstream proxies.
to upgrade at this time.
Please note that Apache Web Server Project will only provide maintenance
releases of the 2.2.x flavor through June of 2017, and will provide some
security patches beyond this date through at least December of 2017.
Minimal maintenance patches of 2.2.x are expected throughout this period,
and users are strongly encouraged to promptly complete their transitions
to the the 2.4.x flavor of httpd to benefit from a much larger assortment
of minor security and bug fixes as well as new features.
For further details, see:
(省略されました)
Apache HTTP Server 2.2.31 Released
pleased to announce the release of version 2.2.31 of the Apache HTTP
Server ("Apache"). (Note that 2.2.30 was not released). This version
CVE-2015-3183
core: Fix chunk header parsing defect.
Remove apr_brigade_flatten(), buffering and duplicated code from
the HTTP_IN filter, parse chunks in a single pass with zero copy.
Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext
authorized characters.
Apache HTTP Server 2.4 and 2.2.31 are available for download from:
full list of changes. A condensed list, CHANGES_2.2.31 includes only
pleased to announce the release of version 2.2.31 of the Apache HTTP
Server ("Apache"). (Note that 2.2.30 was not released). This version
CVE-2015-3183
core: Fix chunk header parsing defect.
Remove apr_brigade_flatten(), buffering and duplicated code from
the HTTP_IN filter, parse chunks in a single pass with zero copy.
Limit accepted chunk-size to 2^63-1 and be strict about chunk-ext
authorized characters.
Apache HTTP Server 2.4 and 2.2.31 are available for download from:
full list of changes. A condensed list, CHANGES_2.2.31 includes only
Apache HTTP Server 2.2.29 Released
pleased to announce the release of version 2.2.29 of the Apache HTTP
Server ("Apache"). (Note that 2.2.28 was not released). This version
of Apache is principally a security and bug fix maintenance release,
and addresses these specific security defects as well as other fixes;
CVE-2014-0118
mod_deflate: The DEFLATE input filter (inflates request bodies) now
limits the length and compression ratio of inflated request bodies to
avoid denial of sevice via highly compressed bodies. See directives
DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
and DeflateInflateRatioBurst.
CVE-2014-0231
mod_cgid: Fix a denial of service against CGI scripts that do
not consume stdin that could lead to lingering HTTPD child processes
filling up the scoreboard and eventually hanging the server. By
default, the client I/O timeout (Timeout directive) now applies to
communication with scripts. The CGIDScriptTimeout directive can be
used to set a different timeout for communication with scripts.
CVE-2014-0226
(省略されました)
pleased to announce the release of version 2.2.29 of the Apache HTTP
Server ("Apache"). (Note that 2.2.28 was not released). This version
of Apache is principally a security and bug fix maintenance release,
and addresses these specific security defects as well as other fixes;
CVE-2014-0118
mod_deflate: The DEFLATE input filter (inflates request bodies) now
limits the length and compression ratio of inflated request bodies to
avoid denial of sevice via highly compressed bodies. See directives
DeflateInflateLimitRequestBody, DeflateInflateRatioLimit,
and DeflateInflateRatioBurst.
CVE-2014-0231
mod_cgid: Fix a denial of service against CGI scripts that do
not consume stdin that could lead to lingering HTTPD child processes
filling up the scoreboard and eventually hanging the server. By
default, the client I/O timeout (Timeout directive) now applies to
communication with scripts. The CGIDScriptTimeout directive can be
used to set a different timeout for communication with scripts.
CVE-2014-0226
(省略されました)
Apache HTTP Server 2.2.27 Released
pleased to announce the release of version 2.2.27 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a security
and bug fix maintenance release.
CVE-2014-0098
Segfaults with truncated cookie logging.
mod_log_config: Prevent segfaults when logging truncated
cookies. Clean up the cookie logging parser to recognize
only the cookie=value pairs, not valueless cookies.
CVE-2013-6438
mod_dav: Keep track of length of cdata properly when removing
leading spaces. Eliminates a potential denial of service from
specifically crafted DAV WRITE requests
Apache HTTP Server 2.4 and 2.2.27 are available for download from:
full list of changes. A condensed list, CHANGES_2.2.27 includes only
This release includes the Apache Portable Runtime (APR) version 1.5.0
and APR Utility Library (APR-util) version 1.5.3, bundled with the tar
APR version 1.5 and APR-util version 1.5 represent minor version upgrades
from earlier httpd 2.2 source distributions.
pleased to announce the release of version 2.2.27 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a security
and bug fix maintenance release.
CVE-2014-0098
Segfaults with truncated cookie logging.
mod_log_config: Prevent segfaults when logging truncated
cookies. Clean up the cookie logging parser to recognize
only the cookie=value pairs, not valueless cookies.
CVE-2013-6438
mod_dav: Keep track of length of cdata properly when removing
leading spaces. Eliminates a potential denial of service from
specifically crafted DAV WRITE requests
Apache HTTP Server 2.4 and 2.2.27 are available for download from:
full list of changes. A condensed list, CHANGES_2.2.27 includes only
This release includes the Apache Portable Runtime (APR) version 1.5.0
and APR Utility Library (APR-util) version 1.5.3, bundled with the tar
APR version 1.5 and APR-util version 1.5 represent minor version upgrades
from earlier httpd 2.2 source distributions.
Apache HTTP Server 2.2.26 Released
pleased to announce the release of version 2.2.26 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a bug fix
maintenance release.
Apache HTTP Server 2.4 and 2.2.26 are available for download from:
full list of changes. A condensed list, CHANGES_2.2.26 includes only
pleased to announce the release of version 2.2.26 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a bug fix
maintenance release.
Apache HTTP Server 2.4 and 2.2.26 are available for download from:
full list of changes. A condensed list, CHANGES_2.2.26 includes only
Apache HTTP Server 2.2.25 Released
pleased to announce the release of version 2.2.25 of the Apache HTTP
and bug fix maintenance release, including the following security fixes:
SECURITY: CVE-2013-1896 (cve.mitre.org)
mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn
with the source href (sent as part of the request body as XML) pointing
to a URI that is not configured for DAV will trigger a segfault.
SECURITY: CVE-2013-1862 (cve.mitre.org)
mod_rewrite: Ensure that client data written to the RewriteLog is
escaped to prevent terminal escape sequences from entering the
log file.
The Apache HTTP Project thanks Ben Riser and Ramiro Molina for bringing
these issues to the attention of the project security team.
Erratta; the build is known to fail against OpenSSL when that library
is built to provide no SSLv2 support whatsoever. The following patch
will successfully build httpd 2.2.25 against such OpenSSL installations:
http://svn.apache.org/viewvc?view=revision&revision=1500108
We consider the Apache HTTP Server 2.4 release to be the best version
to upgrade at this time. For further details, see:
(省略されました)
pleased to announce the release of version 2.2.25 of the Apache HTTP
and bug fix maintenance release, including the following security fixes:
SECURITY: CVE-2013-1896 (cve.mitre.org)
mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn
with the source href (sent as part of the request body as XML) pointing
to a URI that is not configured for DAV will trigger a segfault.
SECURITY: CVE-2013-1862 (cve.mitre.org)
mod_rewrite: Ensure that client data written to the RewriteLog is
escaped to prevent terminal escape sequences from entering the
log file.
The Apache HTTP Project thanks Ben Riser and Ramiro Molina for bringing
these issues to the attention of the project security team.
Erratta; the build is known to fail against OpenSSL when that library
is built to provide no SSLv2 support whatsoever. The following patch
will successfully build httpd 2.2.25 against such OpenSSL installations:
http://svn.apache.org/viewvc?view=revision&revision=1500108
We consider the Apache HTTP Server 2.4 release to be the best version
to upgrade at this time. For further details, see:
(省略されました)
Apache HTTP Server 2.2.24 Released
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.2.24 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a security
and bug fix maintenance release, including the following significant
security fixes:
SECURITY: CVE-2012-3499 (cve.mitre.org)
Various XSS flaws due to unescaped hostnames and URIs HTML output in
mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.
SECURITY: CVE-2012-4558 (cve.mitre.org)
XSS in mod_proxy_balancer manager interface.
We consider the Apache HTTP Server 2.4.4 release to be the best version
of Apache available, and encourage users of 2.2 and all prior versions
to upgrade. This 2.2 maintenance release is offered for those unable
to do so at this time. For further details, see
http://www.apache.org/dist/httpd/Announcement2.4.html
Apache HTTP Server 2.4.4 and 2.2.24 are available for download from:
http://httpd.apache.org/download.cgi
Please see the CHANGES_2.2 file, linked from the download page, for a
(省略されました)
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.2.24 of the Apache HTTP
Server ("Apache"). This version of Apache is principally a security
and bug fix maintenance release, including the following significant
security fixes:
SECURITY: CVE-2012-3499 (cve.mitre.org)
Various XSS flaws due to unescaped hostnames and URIs HTML output in
mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.
SECURITY: CVE-2012-4558 (cve.mitre.org)
XSS in mod_proxy_balancer manager interface.
We consider the Apache HTTP Server 2.4.4 release to be the best version
of Apache available, and encourage users of 2.2 and all prior versions
to upgrade. This 2.2 maintenance release is offered for those unable
to do so at this time. For further details, see
http://www.apache.org/dist/httpd/Announcement2.4.html
Apache HTTP Server 2.4.4 and 2.2.24 are available for download from:
http://httpd.apache.org/download.cgi
Please see the CHANGES_2.2 file, linked from the download page, for a
(省略されました)
2.4.4 (released 2013-02-25)
2.2.23 (released 2012-09-13)
http://ftp.meisei-u.ac.jp/mirror/apache/dist/. If you encounter a problem with this mirror, please select
Apache HTTP Server 2.4.4 (httpd): 2.4.4 is the latest available version 2013-02-25
release of version 2.4.4 of the Apache HTTP Server ("Apache" and "httpd").
This version of Apache is our latest GA release of the new generation 2.4.x
CHANGES_2.4.4 lists
Unix Source: httpd-2.4.4.tar.bz2
Unix Source: httpd-2.4.4.tar.gz [
NetWare Binary:
httpd_2.4.4-netware-bin.zip
[
PGP
] [
MD5
] [
SHA1
]
Apache HTTP Server 2.2.23 (httpd) 2012-09-13
(省略されました)
2.2.23 (released 2012-09-13)
http://ftp.meisei-u.ac.jp/mirror/apache/dist/. If you encounter a problem with this mirror, please select
Apache HTTP Server 2.4.4 (httpd): 2.4.4 is the latest available version 2013-02-25
release of version 2.4.4 of the Apache HTTP Server ("Apache" and "httpd").
This version of Apache is our latest GA release of the new generation 2.4.x
CHANGES_2.4.4 lists
Unix Source: httpd-2.4.4.tar.bz2
Unix Source: httpd-2.4.4.tar.gz [
NetWare Binary:
httpd_2.4.4-netware-bin.zip
[
PGP
] [
MD5
] [
SHA1
]
Apache HTTP Server 2.2.23 (httpd) 2012-09-13
(省略されました)
Essentials
About
License
FAQ
Security Reports
Download!
From a Mirror
Documentation
Version 2.4
Version 2.2
Version 2.0
Trunk (dev)
Wiki
Get Support
Support
Get Involved
Mailing Lists
(省略されました)
2.4.2 (released 2012-04-17)
The currently selected mirror is http://ftp.jaist.ac.jp/pub/apache/. If you encounter a
http://ftp.jaist.ac.jp/pub/apache/http://ftp.riken.jp/net/apache/http://ftp.meisei-u.ac.jp/mirror/apache/dist/http://ftp.kddilabs.jp/infosystems/apache/
Apache HTTP Server 2.4.2 (httpd):
2.4.2 is the latest available version
2012-04-17
the release of version 2.4.2 of the Apache HTTP Server ("Apache"
and "httpd"). This version of Apache is our 2nd GA
CHANGES_2.4.2 lists
httpd-2.4.2.tar.bz2
httpd-2.4.2.tar.gz
httpd-2.4.2.tar.* are signed by Jim Jagielski 791485A8
Copyright © 2012 The Apache Software Foundation
The currently selected mirror is http://ftp.jaist.ac.jp/pub/apache/. If you encounter a
http://ftp.jaist.ac.jp/pub/apache/http://ftp.riken.jp/net/apache/http://ftp.meisei-u.ac.jp/mirror/apache/dist/http://ftp.kddilabs.jp/infosystems/apache/
Apache HTTP Server 2.4.2 (httpd):
2.4.2 is the latest available version
2012-04-17
the release of version 2.4.2 of the Apache HTTP Server ("Apache"
and "httpd"). This version of Apache is our 2nd GA
CHANGES_2.4.2 lists
httpd-2.4.2.tar.bz2
httpd-2.4.2.tar.gz
httpd-2.4.2.tar.* are signed by Jim Jagielski 791485A8
Copyright © 2012 The Apache Software Foundation
RSS[全体]
Tw[@softantenna]