
====
NEWS
====

- 1.5.0 -
  * fixed decoding of common headers in AJP13 (#1399)
  * disable experimental linux-aio and posix-aio support, use gthread-aio instead
  * fixed several crashes in log-request-handling with %s being NULL on solaris
  * fixed network-backend-solaris-sendfilev (EINVAL in writev())
  * fixed initgroups() called after chroot (#1384)
  * execute fcgi app without /bin/sh if used as argument to spawn-fcgi (#1428)
  * fix bug that rrdtool reports "0" for incoming data (#1514)
  * ssl.cipher-list and ssl.use-sslv2 ported from 1.4.x (#1422)
  * add IdleServers and Scoreboard directives in ?auto mode for mod_status (#1507)
  * support letterhomes in mod_userdir (#1473)
  * mod_auth ldap rework, most important change is being able to startup if ldap server is down (#1535)
  * fixed ECONNRESET handling in network-openssl
  * fixed log_write() for log-files > 4kbyte
  * fix sending source of cgi script instead of 500 error if fork fails
  * fix min-procs handling in mod_scgi.c, just set to max-procs (patch from #623)
  * mod_cgi: add a event-handler for STDERR_FILENO and log it with ERROR()
  * fixed building/testing outside of the src dir
  * fix many (64-bit) format warnings and unsigned/signed compare warnings
  * fixed out of range access in fd array (#1562, #372, #1603) (CVE-2008-0983)
  * fix auth-ldap configuration in tests
  * fcgi-stat-accel: Fix unused var / indentation
  * fix mod_compress bug (#1027)
  * fix ssl error queue handling (#285) (CVE-2008-1531)
  * fix dependencies of the parser files in the Makefile
  * fix server.kbytes-per-second (#1102)
  * let spawn-fcgi propagate exit code from spawned fcgi application
  * fix in/out statistics for connections
  * close connection after redirect in trigger_b4_dl
  * remove scons build system
  * fix memory leak on windows (#1371)
  * do not add Accept-Ranges header if range-request is disabled (#1449)
  * mod_compress: match mime-type additionaly against the part before ";" (i.e. without encoding)
  * fix bug with IPv6 in mod_evasive (#1579)

- 1.5.0-r19.. -
  * -F option added for spawn-fcgi
  * replaced mod_fastcgi, mod_scgi, mod_proxy with mod_proxy_core + backends
  * added query-string parsing for mod_uploadprogress
  * added threaded stat()
  * added threaded disk-read() support
  * added dir-listing.set-footer in mod_dirlisting (#1277)
  * added logging of the PID and UID of the sending process for SIGTERM and SIGINT
  * added support for AJP13 to mod_proxy_core
  * fixed the out-of-fd support
  * fixed crash in mod_expire if 'modification' is used and stat() failed (#1063)
  * fixed hardcoded font-sizes in mod_dirlisting (#1267)
  * fixed different ETag length on 32/64 platforms (#1279)
  * fixed conditional dir-listing.exclude (#930)
  * fixed CONTENT_LENGTH = -1 in mod_cgi (#1276)
  * fixed typecast of NULL on execl() (#1235)
  * fixed extra Content-Length header on 1xx, 204 and 304 (#1002)
  * fixed mysql server reconnects (#518)
  * fixed prctl() usage (#1310, #1333)
  * fixed FastCGI header overrun in mod_fastcgi (reported by mattias@secweb.se)
  * fixed mem-leak in mod_auth (reported by Stefan Esser)
  * fixed crash with md5-sess and cnonce not set in mod_auth (reported by Stefan Esser)
  * fixed missing check for base64 encoded string in mod_auth and Basic auth
    (reported by Stefan Esser)
  * fixed possible crash in Auth-Digest header parser on trailing WS in
    mod_auth (reported by Stefan Esser)
