s/September/January/
in the announcement (html and txt) CJ > Message du 21/01/19 16:03 > De : drugg...@apache.org > A : c...@httpd.apache.org > Copie à : > Objet : svn commit: r32075 - /dev/httpd/ /release/httpd/ > > Author: druggeri > Date: Mon Jan 21 15:03:33 2019 > New Revision: 32075 > > Log: > Push 2.4.38 up to the release directory > > Added: > release/httpd/CHANGES_2.4.38 > - copied unchanged from r32074, dev/httpd/CHANGES_2.4.38 > release/httpd/httpd-2.4.38.tar.bz2 > - copied unchanged from r32074, dev/httpd/httpd-2.4.38.tar.bz2 > release/httpd/httpd-2.4.38.tar.bz2.asc > - copied unchanged from r32074, dev/httpd/httpd-2.4.38.tar.bz2.asc > release/httpd/httpd-2.4.38.tar.bz2.md5 > - copied unchanged from r32074, dev/httpd/httpd-2.4.38.tar.bz2.md5 > release/httpd/httpd-2.4.38.tar.bz2.sha1 > - copied unchanged from r32074, dev/httpd/httpd-2.4.38.tar.bz2.sha1 > release/httpd/httpd-2.4.38.tar.bz2.sha256 > - copied unchanged from r32074, dev/httpd/httpd-2.4.38.tar.bz2.sha256 > release/httpd/httpd-2.4.38.tar.gz > - copied unchanged from r32074, dev/httpd/httpd-2.4.38.tar.gz > release/httpd/httpd-2.4.38.tar.gz.asc > - copied unchanged from r32074, dev/httpd/httpd-2.4.38.tar.gz.asc > release/httpd/httpd-2.4.38.tar.gz.md5 > - copied unchanged from r32074, dev/httpd/httpd-2.4.38.tar.gz.md5 > release/httpd/httpd-2.4.38.tar.gz.sha1 > - copied unchanged from r32074, dev/httpd/httpd-2.4.38.tar.gz.sha1 > release/httpd/httpd-2.4.38.tar.gz.sha256 > - copied unchanged from r32074, dev/httpd/httpd-2.4.38.tar.gz.sha256 > Removed: > dev/httpd/CHANGES_2.4 > dev/httpd/CHANGES_2.4.38 > dev/httpd/httpd-2.4.38-deps.tar.bz2 > dev/httpd/httpd-2.4.38-deps.tar.bz2.asc > dev/httpd/httpd-2.4.38-deps.tar.bz2.md5 > dev/httpd/httpd-2.4.38-deps.tar.bz2.sha1 > dev/httpd/httpd-2.4.38-deps.tar.bz2.sha256 > dev/httpd/httpd-2.4.38-deps.tar.gz > dev/httpd/httpd-2.4.38-deps.tar.gz.asc > dev/httpd/httpd-2.4.38-deps.tar.gz.md5 > dev/httpd/httpd-2.4.38-deps.tar.gz.sha1 > dev/httpd/httpd-2.4.38-deps.tar.gz.sha256 > dev/httpd/httpd-2.4.38.tar.bz2 > dev/httpd/httpd-2.4.38.tar.bz2.asc > dev/httpd/httpd-2.4.38.tar.bz2.md5 > dev/httpd/httpd-2.4.38.tar.bz2.sha1 > dev/httpd/httpd-2.4.38.tar.bz2.sha256 > dev/httpd/httpd-2.4.38.tar.gz > dev/httpd/httpd-2.4.38.tar.gz.asc > dev/httpd/httpd-2.4.38.tar.gz.md5 > dev/httpd/httpd-2.4.38.tar.gz.sha1 > dev/httpd/httpd-2.4.38.tar.gz.sha256 > Modified: > release/httpd/Announcement2.4.html > release/httpd/Announcement2.4.txt > release/httpd/CHANGES_2.4 > > Modified: release/httpd/Announcement2.4.html > ============================================================================== > --- release/httpd/Announcement2.4.html (original) > +++ release/httpd/Announcement2.4.html Mon Jan 21 15:03:33 2019 > @@ -49,15 +49,15 @@ > > > > - Apache HTTP Server 2.4.37 Released > + Apache HTTP Server 2.4.38 Released > > > > - October 23, 2018 > + September 21, 2018 > > > > The Apache Software Foundation and the Apache HTTP Server Project are > pleased to announce > - the release of version 2.4.37 of the Apache > + the release of version 2.4.38 of the Apache > HTTP Server ("Apache"). This version of Apache is our latest GA > release of the new generation 2.4.x branch of Apache HTTPD and > represents fifteen years of innovation by the project, and is > @@ -69,7 +69,7 @@ > encourage users of all prior versions to upgrade. > > > > - Apache HTTP Server 2.4.37 is available for download from: > + Apache HTTP Server 2.4.38 is available for download from: > > >> @@ -77,7 +77,7 @@ > > > > Please see the CHANGES_2.4 file, linked from the download page, for a > - full list of changes. A condensed list, CHANGES_2.4.37 includes only > + full list of changes. A condensed list, CHANGES_2.4.38 includes only > those changes introduced since the prior 2.4 release. A summary of all > of the security vulnerabilities addressed in this and earlier releases > is available: > > Modified: release/httpd/Announcement2.4.txt > ============================================================================== > --- release/httpd/Announcement2.4.txt (original) > +++ release/httpd/Announcement2.4.txt Mon Jan 21 15:03:33 2019 > @@ -1,9 +1,9 @@ > - Apache HTTP Server 2.4.37 Released > + Apache HTTP Server 2.4.38 Released > > - October 23, 2018 > + September 21, 2018 > > The Apache Software Foundation and the Apache HTTP Server Project > - are pleased to announce the release of version 2.4.37 of the Apache > + are pleased to announce the release of version 2.4.38 of the Apache > HTTP Server ("Apache"). This version of Apache is our latest GA > release of the new generation 2.4.x branch of Apache HTTPD and > represents fifteen years of innovation by the project, and is > @@ -13,7 +13,7 @@ > We consider this release to be the best version of Apache available, and > encourage users of all prior versions to upgrade. > > - Apache HTTP Server 2.4.37 is available for download from: > + Apache HTTP Server 2.4.38 is available for download from: > > http://httpd.apache.org/download.cgi > > @@ -24,7 +24,7 @@ > http://httpd.apache.org/docs/trunk/new_features_2_4.html > > Please see the CHANGES_2.4 file, linked from the download page, for a > - full list of changes. A condensed list, CHANGES_2.4.37 includes only > + full list of changes. A condensed list, CHANGES_2.4.38 includes only > those changes introduced since the prior 2.4 release. A summary of all > of the security vulnerabilities addressed in this and earlier releases > is available: > > Modified: release/httpd/CHANGES_2.4 > ============================================================================== > --- release/httpd/CHANGES_2.4 (original) > +++ release/httpd/CHANGES_2.4 Mon Jan 21 15:03:33 2019 > @@ -1,4 +1,53 @@ > -*- coding: utf-8 -*- > +Changes with Apache 2.4.38 > + > + *) mod_ssl: Clear retry flag before aborting client-initiated renegotiation. > + PR 63052 [Joe Orton] > + > + *) mod_negotiation: Treat LanguagePriority as case-insensitive to match > + AddLanguage behavior and HTTP specification. PR 39730 [Christophe Jaillet] > + > + *) mod_md: incorrect behaviour when synchronizing ongoing ACME challenges > + have been fixed. [Michael Kaufmann, Stefan Eissing] > + > + *) mod_setenvif: We can have expressions that become true if a regex pattern > + in the expression does NOT match. In this case val is NULL > + and we should just set the value for the environment variable > + like in the pattern case. [Ruediger Pluem] > + > + *) mod_session: Always decode session attributes early. [Hank Ibell] > + > + *) core: Incorrect values for environment variables are substituted when > + multiple environment variables are specified in a directive. [Hank Ibell] > + > + *) mod_rewrite: Only create the global mutex used by "RewriteMap prg:" when > + this type of map is present in the configuration. PR62311. > + [Hank Ibell ] > + > + *) mod_dav: Fix invalid Location header when a resource is created by > + passing an absolute URI on the request line [Jim Jagielski] > + > + *) mod_session_cookie: avoid duplicate Set-Cookie header in the response. > + [Emmanuel Dreyfus , Luca Toscano] > + > + *) mod_ssl: clear *SSL errors before loading certificates and checking > + afterwards. Otherwise errors are reported when other SSL using modules > + are in play. Fixes PR 62880. [Michael Kaufmann] > + > + *) mod_ssl: Fix the error code returned in an error path of > + 'ssl_io_filter_handshake()'. This messes-up error handling performed > + in 'ssl_io_filter_error()' [Yann Ylavic] > + > + *) mod_ssl: Fix $HTTPS definition for "SSLEngine optional" case, and fix > + authz provider so "Require ssl" works correctly in HTTP/2. > + PR 61519, 62654. [Joe Orton, Stefan Eissing] > + > + *) mod_proxy: If ProxyPassReverse is used for reverse mapping of relative > + redirects, subsequent ProxyPassReverse statements, whether they are > + relative or absolute, may fail. PR 60408. [Peter Haworth ] > + > + *) mod_lua: Now marked as a stable module [https://s.apache.org/Xnh1] > + > Changes with Apache 2.4.37 > > *) mod_ssl: Fix HTTP/2 failures when using OpenSSL 1.1.1. [Rainer Jung] > @@ -19,12 +68,17 @@ Changes with Apache 2.4.36 > *) mod_proxy_scgi, mod_proxy_uwsgi: improve error handling when sending the > body of the response. [Jim Jagielski] > > + *) mpm_event: Stop issuing AH00484 "server reached MaxRequestWorkers..." > when > + there are still idle threads available. When there are less idle threads > than > + MinSpareThreads, issue new one-time message AH10159. Matches worker MPM. > + [Eric Covener] > + > *) mod_http2: adding defensive code for stream EOS handling, in case the > request handler > missed to signal it the normal way (eos buckets). Addresses github issues > https://github.com/icing/mod_h2/issues/164, > https://github.com/icing/mod_h2/issues/167 > and https://github.com/icing/mod_h2/issues/170. [Stefan Eissing] > > - *) ab: Add client certificate support. [Graham Leggett] > + *) ab: Add client certificate support. PR 55774. [Graham Leggett] > > *) ab: Disable printing temp key for OpenSSL before > version 1.0.2. SSL_get_server_tmp_key is not available > > >