On Sun, 2011-12-04 at 09:47 -0500, Jim Jagielski wrote:
On Dec 2, 2011, at 6:48 PM, Stefan Fritsch wrote:
Hi,
where are we WRT 2.4?
There seems to be a lot of renewed effort in getting 2.4/trunk is a
really releasable state, which is all Goodness. Ideally, I'd like
to release
On Wed, 2012-01-11 at 18:00 -0600, William A. Rowe Jr. wrote:
On 1/11/2012 5:51 PM, Noel Butler wrote:
On Wed, 2012-01-11 at 14:41 -0600, William A. Rowe Jr. wrote:
cycles have taught us users aren't adopting our 2.odd releases. Sigh.
This is likely a carry over from the old days
On Mon, 2012-01-16 at 12:50 -0500, Jim Jagielski wrote:
The 2.4.0 (prerelease) tarballs are available for download and test:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.0 GA.
Vote will last the normal 72 hours... Can I get a w00t
On Tue, 2012-01-17 at 18:31 +1000, Noel Butler wrote:
On Mon, 2012-01-16 at 12:50 -0500, Jim Jagielski wrote:
The 2.4.0 (prerelease) tarballs are available for download and test:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.0 GA
On Tue, 2012-01-17 at 13:02 +0200, Graham Leggett wrote:
On 17 Jan 2012, at 10:31 AM, Noel Butler wrote:
Build fails when using static built modules and disabling dav, but builds
fine if option to disable dav is removed.
ie: --enable-mods-static=all --disable-dav
in /tmp/httpd
On Wed, 2012-01-18 at 14:12 +0200, Graham Leggett wrote:
This never was a problem in 2.2, if one disabled dav it was disabled, as it
should be disabled, fully, not only in parts, here and there, granted it's
now changed because modules are no longer defaulted to statically built,
but
On Sun, 2012-01-29 at 13:19 -0600, William A. Rowe Jr. wrote:
On 1/29/2012 4:21 AM, Michael Felt wrote:
Um. Now that I am back from vacation - I am aware you are busy with a known
bug (core
issue), but would still be nice to have a 2.4.0/2.4.1 something to
test-build with (for
AIX).
On Mon, 2012-01-30 at 11:03 +0100, Michael Felt wrote:
prefix:/opt/apache2
exec_prefix: /opt/apache2
I have often ponderd WHY people do things like this, the projects name
is apache, not apache2
signature.asc
Description: This is a digitally signed message part
On Mon, 2012-01-30 at 15:53 -0600, William A. Rowe Jr. wrote:
On 1/30/2012 3:12 PM, Stefan Fritsch wrote:
And there is apachectl, not httpdctl.
Would anyone else like to see this changed, now, for the 2.4 releases?
No... Maybe that's a consideration for 3.stable-release, if at
On Tue, 2012-01-31 at 14:40 -0500, Jim Jagielski wrote:
The release is a snapshot of time. All we are saying if
we bundle apr/apu (in whatever fashion) is that at the
time we are releasing httpd, here are the additional
ASF packages (apr/apu) that we're providing to you, the
end user, for
On Thu, 2012-02-02 at 09:54 -0500, Jim Jagielski wrote:
[X] +1: Bundle apr/apu w/ Apache httpd 2.4.x
[ ] +0: I don't care
[ ] -1: Do not bundle apr/apu with Apache httpd 2.4.x
signature.asc
Description: This is a digitally signed message part
Builds fine on slackware, though, I did find it mildly amusing I had to
rebuild PHP.
Never had to do that before, not even with 2.4.0
root@fox:/usr/local/src/httpd-2.4.1# /etc/rc.d/rc.httpd start
httpd: Syntax error on line 55 of /usr/local/apache/conf/httpd.conf:
Module
On Mon, 2012-02-13 at 20:05 -0600, William A. Rowe Jr. wrote:
On 2/13/2012 7:07 PM, Noel Butler wrote:
Builds fine on slackware, though, I did find it mildly amusing I had to
rebuild PHP.
Never had to do that before, not even with 2.4.0
If you didn't have to rebuild mod_php5 between
On Fri, 2012-03-16 at 10:18 -0400, Eric Covener wrote:
We still enable TRACE by default.
Is this useful enough to justify making every other poor sap with a
security scanner have to manually turn it off?
I'm hoping 2.4.x is early enough in life where flipping this wouldn't
be too
On Wed, 2012-03-21 at 13:55 +0100, Reindl Harald wrote:
Firstly, as stated previously, I agree TRACE should be disabled by
default because those that need it are probably at about 1 in 1, and
I'd like to see a proper vote called on it :) however...
fact is that nessus-scans usually
On Wed, 2012-03-21 at 14:48 +0100, Reindl Harald wrote:
Nessus, despite I do like it, and as it is a respected industry standard,
has its fair share of false positives,
for simple example, look at FTP, running a public FTP server you get a
severity medium warning, I mean like..
On Fri, 2012-04-06 at 12:39 -0400, Jim Jagielski wrote:
On Apr 5, 2012, at 8:24 AM, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.2 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache
On Sun, 2012-04-15 at 13:10 +0200, Guenter Knauf wrote:
!--#echo var=REMOTE_ADDR--
Related to the removal of config option DefaultType perhaps?
signature.asc
Description: This is a digitally signed message part
This is NOT the list for starting OS wars on.
On Sun, 2012-04-15 at 19:10 +0200, Reindl Harald wrote:
what is the reason to use Netware for a webserver?
besides the fact that there are so many operating
systems running httpd fine and Netware is EOL at all
signature.asc
Description:
On Wed, 2012-06-20 at 22:52 +0200, Stefan Fritsch wrote:
On Wed, 20 Jun 2012, Nick Edwards wrote:
I posted this to users list last week but no-one bit, so I'm trying here.
With md5crypt no longer recommended for use by its author, will Apache
soon support sha256/sha512 in basic
On Thu, 2012-06-21 at 10:40 +0100, Ben Laurie wrote:
4. Use something that is hard to optimise in hardware (ideally).
5. Only hire web developers who know what they're doing, who know what
security is, and how to audit their code :)
If they cant get the database, then it wouldn't mater if
On Thu, 2012-06-21 at 10:57 +0100, Ben Laurie wrote:
On Thu, Jun 21, 2012 at 10:53 AM, Issac Goldstand mar...@beamartyr.net
wrote:
On 21/06/2012 12:40, Ben Laurie wrote:
4. Use something that is hard to optimise in hardware (ideally).
And what about massive sites that need the crypto HW
On Wed, 2012-08-08 at 17:03 +0100, Joe Orton wrote:
On Wed, Aug 08, 2012 at 08:00:25AM +0200, Kaspar Brand wrote:
My thinking was that people should explicitly tell configure that they
want to link with the libs in a build directory (so that they don't
accidentally use a directory which
On Fri, 2012-08-10 at 13:36 -0400, Jeff Trawick wrote:
-2.4.3 : In development. Jim proposes a TR around July 25.
+2.4.3 : In development. Jim proposes a TR around Aug 10.
Jim, please give a heads up some handful of hours in advance if at all
possible.
is not 4 weeks enough
On Fri, 2012-08-10 at 20:17 -0400, Jeff Trawick wrote:
On Fri, Aug 10, 2012 at 8:10 PM, Noel Butler noel.but...@ausics.net wrote:
On Fri, 2012-08-10 at 13:36 -0400, Jeff Trawick wrote:
-2.4.3 : In development. Jim proposes a TR around July 25.
+2.4.3 : In development. Jim
On Fri, 2012-08-17 at 13:34 -0400, Jim Jagielski wrote:
[X] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Robinson. And why.
Vote will last the normal 72 hrs.
Good to go on Slackware 13.1 13.37(and 14.0 rc2)
signature.asc
Description: This is a digitally signed message
Confirmed
On Sat, 2012-09-01 at 16:09 +1000, Nick Edwards wrote:
Hello,
I have an issue where, apache is, when using graceful reload, setting
perms for domains as root
-rw--- 1 root root 44 Sep 1 05:59 somedomain
yet if I delete this and either click on URL, or, stop
my bad...
confirmed on 2.4.3
Nick, what version of httpd are you running? including this information
helps.
On Fri, 2012-09-07 at 09:27 +1000, Noel Butler wrote:
Confirmed
On Sat, 2012-09-01 at 16:09 +1000, Nick Edwards wrote:
Hello,
I have an issue where, apache is, when
On Wed, 2012-10-03 at 23:15 -0400, Eric Covener wrote:
http://people.apache.org/~gsmith/httpd/apache_pb2copy.png
http://www.humbedooh.com/apache/apache_pb.png
http://www.humbedooh.com/apache/apache_pb2.png
http://www.humbedooh.com/apache/apache_pb3.png
pb3 has my vote
+1
On Wed, 2012-11-28 at 12:27 +, Plüm, Rüdiger, Vodafone Group wrote:
-Original Message-
From: Jim Jagielski [mailto:j...@jagunet.com]
Sent: Mittwoch, 28. November 2012 13:22
To: dev@httpd.apache.org
Subject: Re: Volunteers to drive an MSI build
On Nov 28, 2012, at
On Mon, 2013-02-18 at 15:34 -0500, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.4 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.4 GA.
NOTE: The -deps tarballs are included here
On Tue, 2013-02-19 at 13:35 +1000, Noel Butler wrote:
reports: APR-util Version: 1.5.1
I note the APR version in -deps is only 1.4.6, but APR-utils is 1.5.1
could this be the issue?
signature.asc
Description: This is a digitally signed message part
Hi Bill,
On Mon, 2013-02-18 at 23:23 -0600, William A. Rowe Jr. wrote:
in -deps is only 1.4.6, but APR-utils is 1.5.1
have tested overwrites, and clearing of all bin/ build/ lib/ and fresh
installs no change.
You cleaned lib/ of all *subdirectories*?
I install httpd under
On Tue, 2013-02-19 at 07:34 -0500, Jim Jagielski wrote:
A simple check would be to rebuild 2.4.3 but using the -deps
from 2.4.4...
Close... 2.4.3 with 2.4.4 -deps fail *but* 2.4.4 with
-deps from 2.4.3 *works*
So as I suspected it is something in 2.4.4. APR/ APR-util as
On Tue, 2013-02-19 at 12:03 +0100, Rainer Jung wrote:
LogLevel info auth_basic:trace8 authn_dbd:trace8
Thanks
I checked whether the patch compiles fine, but haven't tested it, so
careful if applying to production.
no problem this is only on dev at present.
NOTE: passwords returned in
On Wed, 2013-02-20 at 02:20 +0100, Rainer Jung wrote:
grep CRYPT build/apache/srclib/apr-util/config.status
D[HAVE_CRYPT_R]= 1
D[CRYPT_R_STRUCT_CRYPT_DATA]= 1
| I'd like to check, whether your platform has CRYPT_R_CRYPTD or
CRYPT_R_STRUCT_CRYPT_DATA defined. If it is the latter, then what OS
On Tue, 2013-02-19 at 23:31 -0600, William A. Rowe Jr. wrote:
Note he mentioned SHA512, not crypt(). I don't know that this makes
a difference on that architecture.
But isn't it just a hand off to system crypt() (modern crypt(), not the
ancient 8 char one), since httpd is limited in
On Wed, 2013-02-20 at 01:07 -0600, William A. Rowe Jr. wrote:
On Wed, 20 Feb 2013 16:42:56 +1000
Noel Butler noel.but...@ausics.net wrote:
On Tue, 2013-02-19 at 23:31 -0600, William A. Rowe Jr. wrote:
Note he mentioned SHA512, not crypt(). I don't know that this makes
On Wed, 2013-02-20 at 01:07 -0600, William A. Rowe Jr. wrote:
Which remains my point... our current 2.4 and 2.2 candidates should
suffer the same flaw.
Confirmed, 2.2 candidate suffers same problem
signature.asc
Description: This is a digitally signed message part
On Wed, 2013-02-20 at 15:06 -0500, Jim Jagielski wrote:
-deps for 2.4.4 are not released, so it's a non-issue for 2.4.x.
I can't recall if we bundle apr/apu with 2.2.x but if we do, then
I ran a test for Bill to check if it suffers same fate, yes it is
included, and yes, it does.
I say
Hi Rainer,
On Wed, 2013-02-20 at 09:07 +0100, Rainer Jung wrote:
I prepared another round of patches t check, what's wrong in
apr_password_validate. All patches can be applied in srclib/apr-util.
They are *not* cumulative:
1) Undo one change in the password validation function and check
On Wed, 2013-02-20 at 22:28 +0100, Stefan Fritsch wrote:
[moving to dev@apr, please remove dev@httpd when replying]
On Wednesday 20 February 2013, Noel Butler wrote:
On Wed, 2013-02-20 at 01:07 -0600, William A. Rowe Jr. wrote:
Which remains my point... our current 2.4 and 2.2 candidates
On Wed, 2013-02-20 at 23:56 +0100, Rainer Jung wrote:
That's strange, the additional stderr output
crypt_r returned NULL
or
crypt_r returned '%s'
is not shown here.
Indeed, I'm running :
LogLevel debug auth_basic:trace8 authn_dbd:trace8
Briefly ran trace8 globally, but only
On Sat, 2013-02-23 at 13:29 +0100, Rainer Jung wrote:
Concerning the apr_password_validate() problem in APU 1.5.1 and related
httpd release testing failures:
The bug was fixed in
http://svn.apache.org/viewvc?view=revisionrevision=1449309
Don't know how I could stare so long at the code
On Wed, 2013-05-01 at 14:40 +0200, Graham Leggett wrote:
On 01 May 2013, at 1:51 PM, André Warnier a...@ice-sa.com wrote:
But *based on the actual data and patterns which I can observe on my
servers (not guesses), I think it might have an effect*.
Of course it might have an effect -
On Wed, 2013-05-01 at 21:15 +0200, Christian Folini wrote:
real-time blacklist lookup (- ModSecurity's @rbl operator).
Try using that on busy servers (webhosts/ISP's)... might be fine for a
SOHO, but in a larger commercial world, forget it, the impact is far
far worse than the other
sad state of affairs when system administrators don't even know how to
unsubscribe from mailing lists, what hope do their users have...
On Thu, 2013-05-30 at 21:44 +0200, Reindl Harald wrote:
do it yourself like on any other mailing-list
mail-headers are your friend
Am 30.05.2013 18:47,
to unsubscribe me lol
On May 30, 2013, at 6:25 PM, Noel Butler noel.but...@ausics.net
wrote:
sad state of affairs when system administrators don't even know
how to unsubscribe from mailing lists, what hope do their users
have...
On Thu, 2013-05-30 at 21:44 +0200, Reindl Harald wrote
On Wed, 2013-07-10 at 03:24 -0500, William A. Rowe Jr. wrote:
Because the project is incapable of releasing more than two minor
subversions, per year, at present.
on holiday with a dog slow 3G vpn tonight, so I'll be brief (and wont
see any replies until I return on Sunday...)
I have never
On Sun, 2013-07-14 at 23:40 +0200, Rainer Jung wrote:
On 14.07.2013 23:05, Rainer Jung wrote:
On 11.07.2013 20:54, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.5 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on
On Mon, 2013-07-15 at 13:51 -0400, Jim Jagielski wrote:
On Jul 15, 2013, at 12:48 PM, Jim Jagielski j...@jagunet.com wrote:
The pre-release test tarballs for Apache httpd 2.4.6 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing
On Tue, 2013-11-19 at 12:45 -0500, Jim Jagielski wrote:
I'm calling a VOTE on releasing these as Apache httpd 2.4.7 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Robinson. And why.
Vote will last the normal 72 hrs.
+1 slackware 13.1 13.37 14.0 14.1
built w/ apr
On Thu, 2014-01-09 at 14:15 -0600, William A. Rowe Jr. wrote:
I can certainly apply and propose for back port the defect fixes, this
week.
Those which change the configured behavior in an unexpected way are no
longer easy fits on 2.2 or 2.4, and need further discussion about
their
On Fri, 2014-01-10 at 08:38 -0500, Jeff Trawick wrote:
[ X] It is mandatory to provide best available description and any
available tracking information when committing fixes for
vulnerabilities to any branch, delaying committing of the fix if the
information shouldn't be provided yet.
On Fri, 2014-03-07 at 12:58 -0500, Mikhail T. wrote:
On 07.03.2014 12:28, Yann Ylavic wrote:
Sorry, this was posted from gmail...
Is it written anywhere in the bylaws of this mailing list, that use of
HTML is something to apologize for? With all due sympathies to
Reindl's medical
Harry, you have been warned before, dont bring your antics onto this
list, this is about the only list you have been most well behaved on,
unlike others, please remember our previous conversations. If you think
a posters post violates some RFC, ignore it, or take it up with him in
private, do
because they ask for
easier readable posts while you are the one proven to playing net cop
due maintaining a RBL?
Is it written anywhere in the bylaws of this mailing list
is the response you should have been attacking
Am 08.03.2014 00:39, schrieb Noel Butler:
Harry, you have been warned before
On 12/03/2014 09:17, Noel Butler wrote:
On 12/03/2014 02:34, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.8 can be found
at the usual place:
http://httpd.apache.org/dev/dist/ [1]
I'm calling a VOTE on releasing these as Apache httpd 2.4.8 GA.
[ ] +1
On 12/03/2014 02:34, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.8 can be found
at the usual place:
http://httpd.apache.org/dev/dist/ [1]
I'm calling a VOTE on releasing these as Apache httpd 2.4.8 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will
On 14/03/2014 02:49, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.9 can be found
at the usual place:
http://httpd.apache.org/dev/dist/ [1]
I'm calling a VOTE on releasing these as Apache httpd 2.4.9 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will
On Tue, 2011-02-22 at 20:04 +0300, Alexander GQ Gerasiov wrote:
because I use modern OS with package system and don't want to depend on
Now there's a contradiction.
2.I'd like to use apache2+fcgid+suexec+php5. But with original suexec I
apache2 ?? whats that sarcasm? it is called
On Wed, 2011-02-23 at 02:46 +0300, Alexander GQ Gerasiov wrote:
Hello, Noel.
If you have seen apache2 it is only because debian (and its clones) call
it that, I've seen an apache tree call it that yet.
But, thats a pretty typical response from a debian troll, debian is
right and everyone
On Wed, 2011-02-23 at 11:55 +1000, Noel Butler wrote:
If you have seen apache2 it is only because debian (and its clones)
call it that, I've seen an apache tree call it that yet.
Correction, I've *never* seen...
signature.asc
Description: This is a digitally signed message part
On Mon, 2011-03-07 at 13:51 +0100, Johan De Meersman wrote:
Umm... I'm no crypto guru, but I've never heard of MD5 having variants, let
alone a salt. MD5 is MD5 is MD5. APR, incidentally, is the Apache Runtime,
afaik - part of the build kit for apache modules.
I strongly suspect your
On Mon, 2011-03-07 at 19:38 -0600, William A. Rowe Jr. wrote:
On 3/7/2011 5:31 PM, Noel Butler wrote:
On Mon, 2011-03-07 at 13:51 +0100, Johan De Meersman wrote:
Umm... I'm no crypto guru, but I've never heard of MD5 having variants,
let alone a salt. MD5 is MD5 is MD5. APR, incidentally
?
On Tue, 2011-03-08 at 00:06 -0600, William A. Rowe Jr. wrote:
On 3/7/2011 8:31 PM, Noel Butler wrote:
On Mon, 2011-03-07 at 19:38 -0600, William A. Rowe Jr. wrote:
On 3/7/2011 5:31 PM, Noel Butler wrote:
On Mon, 2011-03-07 at 13:51 +0100, Johan De Meersman wrote:
Umm... I'm no crypto
On Sun, 2011-05-08 at 02:24 -0500, William A. Rowe Jr. wrote:
Candidate binaries are available from http://httpd.apache.org/dev/dist/ -
these do not yet constitute ASF releases. Win32 specific artifacts
(x86 binary distribution) will follow shortly; note that -win32-src.zip
is generated from
On Fri, 2011-05-20 at 12:17 -0500, William A. Rowe Jr. wrote:
Candidate binaries are available from http://httpd.apache.org/dev/dist/ -
these do not yet constitute ASF releases. Win32 -win32-src.zip and the
win32-x86 binary distribution will follow shortly, in the next 1.5 hrs.
This will be
On Mon, 2011-08-29 at 20:19 -0400, Jim Jagielski wrote:
+1 from me: OSX 10.7.1, Fed14, Ubuntu 10.04
+1 Slackware 13.0, 13.1, and 13.37
signature.asc
Description: This is a digitally signed message part
On Fri, 2011-09-09 at 11:10 -0500, William A. Rowe Jr. wrote:
Candidate binaries are available from http://httpd.apache.org/dev/dist/
which do not yet constitute ASF releases. win32-x86 binary distribution
will follow shortly.
This will be a 72 hour vote, which ends no later than Noon ET
On Mon, 2011-09-12 at 12:59 -0700, Luke Meyer wrote:
Is anyone planning to announce (i.e. announce@h.a.o):
1. The location of the revised CVE-2011-3192 advisory
2. The availability of new release(s)
?
The last thing on that list is the initial advisory, August 24.
The last thing that
On Mon, 2011-09-12 at 15:01 -0700, Luke Meyer wrote:
From: Noel Butler [mailto:noel.but...@ausics.net]
The last thing that needs to be done is make announcement when the mirrors
may not have synced, hence Bill's 24 hr mirror clock update time allowance
comment, have patience.
I
On Fri, 2011-11-11 at 14:25 -0600, William A. Rowe Jr. wrote:
On 11/11/2011 1:42 PM, Issac Goldstand wrote:
-0
I DO want the EOL, but not until after 2.4 has a couple of GAs, if only
because folks might not update twice.
They've had six years? I'm talking deprecating 2.0, not 2.2,
On Sat, 2011-11-12 at 07:00 -0600, William A. Rowe Jr. wrote:
On 11/11/2011 3:12 PM, Paul Querna wrote:
I don't see why we would continue to support 2.0.x for longer than
Redhat's already long support cycles.
I don't see why we would tie this to RedHat's schedule or any other
vendor,
On Sat, 2011-11-19 at 01:46 +0200, Graham Leggett wrote:
On 19 Nov 2011, at 12:38 AM, William A. Rowe Jr. wrote:
After several prods, it seems the security@ and hackathon participants
can't be drawn out of their shells on to dev@. So I'll simply call
for
a majority vote on the
On 16/07/2014 03:20, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.10 can be found
at the usual place:
http://httpd.apache.org/dev/dist/
I'm calling a VOTE on releasing these as Apache httpd 2.4.10 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will
On 21/07/2014 04:40, olli hauer wrote:
On 2014-07-20 19:14, Graham Leggett wrote:
On 20 Jul 2014, at 18:03, dev d...@cor0.com wrote:
Has 2.4.10 been released or not ?
It has been released, but we need to wait for the mirrors to update
before formerly announcing the release.
Regards,
On 22/07/2014 15:02, dev wrote:
I hope this is the right maillist for this sort of question.
not really, the users list would be more appropriate
and then build httpd after checking a few basic dependencies. Must I
unpack
the apr and apr-util sources into ./srclib and use
On 16/01/2015 06:10, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.11 can be found
at the usual place:
http://httpd.apache.org/dev/dist/ [1]
I'm calling a VOTE on releasing these as Apache httpd 2.4.11 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger
On 15/01/2015 20:06, Yann Ylavic wrote:
On Thu, Jan 15, 2015 at 9:25 AM, Yann Ylavic ylavic@gmail.com wrote:
There is still missing the ListenCoresBucketsRatio documentation, and I
don't think I can do it today, could you?
Also, would you share maybe some recommended settings
Jan 2015 11:23:20 +1000
Noel Butler noel.but...@ausics.net wrote:
On 25/01/2015 17:21, Nick Edwards wrote: I am noticing a number of hits using
UTC with this version? Not all, only some, is anyone else seeing this? Does
not occur on 2.4.10. They are php pages, however, the main site which
On 28/01/2015 06:41, William A. Rowe Jr. wrote:
There is a possibility that OP's had actually rebuilt APR (from the
-deps), even with the very same APR version, which resulting in some
different autoconf detection on their platform relative to time.h
function handling. It would be worth
On 27/01/2015 03:21, Rainer Jung wrote:
Am 26.01.2015 um 14:14 schrieb Eric Covener:
On Mon, Jan 26, 2015 at 8:08 AM, Jim Jagielski j...@jagunet.com wrote: svn
diff https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.11 [1]
https://svn.apache.org/repos/asf/httpd/httpd/tags/2.4.12 [2]
On 13/03/2015 02:54, Eric Covener wrote:
I stumbled on this link that Bill had shared previously and went back
to look at previous snapshots:
March 2014: 2.0: 4.1%, 2.4: 4.3%
http://web.archive.org/web/20140327151641/http://w3techs.com/technologies/details/ws-apache/2/all
[1]
On 24/01/2015 00:56, Jim Jagielski wrote:
On Jan 22, 2015, at 1:54 PM, Jim Jagielski j...@jagunet.com wrote: The
pre-release test tarballs for Apache httpd 2.4.12 can be found at the usual
place: http://httpd.apache.org/dev/dist/ [1] I'm calling a VOTE on releasing
these as Apache
On 25/01/2015 17:21, Nick Edwards wrote:
I am noticing a number of hits using UTC with this version?
Not all, only some, is anyone else seeing this?
Does not occur on 2.4.10.
They are php pages, however, the main site which is php is static, it
only uses php for counter nothing else, its
On 07/05/2015 09:22, William A Rowe Jr wrote:
For trunk, I propose we drop TLSv1 and TLSv1.1 protocols and simply adopt the
recommended cipher list illustrated below (!SSLv3) in the default
extra/httpd-ssl.conf source, following the SHOULD recommendations.
unless trunk is for the 2.6
Thanks Christian.
On 11/05/2015 01:57, Christian Seiler wrote:
On 05/10/2015 03:26 AM, Noel Butler wrote:
Can any SUSE and debian users confirm the current supported stable
release supports 1.2?
Currently, three Debian releases are still supported:
- Debian Jessie (current
On 07/05/2015 12:17, William A Rowe Jr wrote:
On May 6, 2015 9:09 PM, William A Rowe Jr wr...@rowe-clan.net wrote:
On May 6, 2015 8:12 PM, Noel Butler noel.but...@ausics.net wrote:
On 07/05/2015 09:22, William A Rowe Jr wrote:
For trunk, I propose we drop TLSv1 and TLSv1.1
On 10/05/2015 11:08, Reindl Harald wrote:
Am 10.05.2015 um 03:02 schrieb Noel Butler:
Either way, using slackware on all my servers its trivial since the
distro keeps pretty much up to date by design - unlike RH/debian and
their kiddy versions who bring out new releases with 2+yo
On 05/06/2015 02:33, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.13 can be found
at the usual place:
http://httpd.apache.org/dev/dist/ [1]
I'm calling a VOTE on releasing these as Apache httpd 2.4.13 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger
On 20/06/2015 02:50, Jim Jagielski wrote:
I'm calling a VOTE on releasing these as Apache httpd 2.4.15 GA.
using included apr 1.5.2 and apr-util 1.5.4 and with mysql (mariadb)
+1 Slackware 13.1 - 14.1
PS: Hopefully, 3rd time's the charm!
:)
On 15/06/2015 07:56, Yann Ylavic wrote:
On Sun, Jun 14, 2015 at 1:31 PM, Gregg Smith g...@gknw.net wrote:
http://people.apache.org/~gsmith/proposal/sslcertificatechainfile_compromise.diff
[1]
I'm fine with this approach too.
We have to decide whether a single [warn] is acceptable
On 12/06/2015 00:08, Jim Jagielski wrote:
I'm calling a VOTE on releasing these as Apache httpd 2.4.14 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger Will Robinson. And why.
-1
The SSLCertificateChainFile directive () is deprecated,
SSLCertificateFile should be used instead
The
On 28/05/2015 17:59, William A Rowe Jr wrote:
On Thu, May 28, 2015 at 2:48 AM, Noel Butler noel.but...@ausics.net wrote:
On 28/05/2015 14:48, William A Rowe Jr wrote:
Enough of this ad-hominem BS... [...]
You've lost the argument and lost respect, you have demonstrated
On 28/05/2015 14:48, William A Rowe Jr wrote:
Enough of this ad-hominem BS... this is in fact a majority rule decision (it
is a vote
not on code but on procedure), and is binding on the project as a whole. I
don't
want to discuss this again for six months and I'm not keen on the smug
On 28/05/2015 07:38, olli hauer wrote:
- for long time there was no working mod_php module for 2.4, and changing to
php-fpm was not for everyone a solution.
huh?
I personally since dawn of the httpd/php love have always only ever used
mod_php and at no time did I have a a non usable
On 28/05/2015 03:17, Jim Jagielski wrote:
No need to go off... 2.2 has been out for almost 10 years.
2.4 for a bit over 3. That is a LONG time. I'm simply
*suggesting* (no BDFL posturing Mr. Rowe) that after 10
years, maybe it's time to say that 2.2's era is done, and
2.4's time is here,
On 11/07/2015 06:33, Jim Jagielski wrote:
The pre-release test tarballs for Apache httpd 2.4.16 can be found
at the usual place:
http://httpd.apache.org/dev/dist/ [1]
I'm calling a VOTE on releasing these as Apache httpd 2.4.16 GA.
[ ] +1: Good to go
[ ] +0: meh
[ ] -1: Danger
On 17/11/2015 19:24, Graham Leggett wrote:
On 17 Nov 2015, at 07:13, Noel Butler <noel.but...@ausics.net> wrote:
??? We only had 2.4.17 5 weeks ago, why the rush?
We have improvements, why make people wait?
Regards,
Graham
--
You run into complacency dangers if you end up in a &q
1 - 100 of 163 matches
Mail list logo