Apache 1.3.32 Released 27
chipster writes "Apache 1.3.32 has been released. This version of Apache is principally a security and bug fix release. You can read about the new features here, and get Apache 1.3.32 here. Also available is the 1.3 ChangeLog. Additionally, to compliment this release of Apache, mod_ssl- 2.8.21-1.3.32 has also been released."
whch license? (Score:2)
Re:whch license? (Score:5, Informative)
Nice. (Score:1)
BTW: First post?
Re:Nice. (Score:3, Informative)
Its time to hit... (Score:1, Offtopic)
Re:Its time to hit... (Score:1)
Funny, those commands work just fine on my RedHat, Fedora, Aurora, and Yellow Dog boxen. Then again, I'm using apt4rpm [sourceforge.net].
Re:Its time to hit... (Score:2)
Lighttpd (Score:1, Offtopic)
1.3.37 (Score:5, Funny)
Re:1.3.37 (Score:2)
Practical difference between Apache 1.3 & 2.0 (Score:2, Interesting)
1.3 ships with OS X (yes, I am one of those) and has always performed great. Plus, it is integrated in the operating system. I have always been curious about what advantages 2.0 might have and whether I should upgrade. I have installed it a couple of times, both from source and from binary but found it had to be executed from the shell. No big deal but the fact that I have not seen where anyone has integrated 2.0 into OS X's GUI we
Re:Practical difference between Apache 1.3 & 2 (Score:5, Informative)
1. mod_proxy has been completely rewritten so as to be fully compatible with HTTP/1.1
2. caching has been removed from mod_proxy and made into its own module, mod_cache, with a couple of implementations available
3. your choice of pre-fork (1.3.x model), single process/multiple threads, and various hybrids
As a point of fact, OS X Server comes with Apache2 as well (check your
The web accelerator's tendency to redirect clients to port 16080 in some configurations is annoying though. It makes me wonder if Apache2 configured as a reverse proxy and using mod_cache would work just as well.
As for your security concerns, switching to 2.0.x will not arbitrarily hand your bandwidth and personal files to everyone on the internet. File and Directory directives still apply.
1.3 VS 2.0 (Score:1)
1.3 is fine, super-stable and most versions of 1.3 have the old Apache license. 2.0 is distributed under a new Apache license which cannot keep everyone happy. For example, Theo and his OpenBSD team decided to drop support for Apache in their OS.
I have worked both with 1.3 and 2.0. 2.0 is modular and some people like it, but I think that monolithic programs are more stable and much more faster than modular ones.
Re:1.3 VS 2.0 (Score:5, Informative)
Shall I go on? The proxy and cache improvements alone were worth the upgrade to me. As far as problems with PHP, the pre-fork processing module retains the advantages of 2.0.x while retaining the robustness of PHP on 1.3.x.
There is absolutely no reason for a sane webmaster to use Apache 1.3.x on new installations unless they have an absolute showstopper incompatibility.
That said, 1.3.32 has the newer Apache 2.0 license, not the old one. So here you have the choice of the new license or older versions with bugs and security flaws.
Theo and his OpenBSD team have dropped support, it's true. Can you find the reason why? Is it because the FSF states that it isn't GPL compatible? No, that can't be it because the older license wasn't either. Could it be because of the patent termination clause -- if you put a patented algorithm in the code and sue someone over patent violation, you can no longer use Apache software? I never knew Theo and Co. to be in favor of protecting software patents in open source software. So why?
I was able to find this comment from Theo: "We've been clear: Their new license contains more stuff, and we do not accept MORE STUFF in licenses."
I'm sorry, that's a bullshit argument. Imagine if a group of lawmakers were writing code on the side to make their jobs easier, a group of professional programmers found a problem with the small program, submitted a patch, and the lawyers proclaimed, "We will not accept this new code patch because we lawyers can't understand it at first glance." It's the same thing here folks. If you want no legalese at all, you submit your code to the public domain and be done with it. Why do we have these licenses with legalese? Because the public domain isn't good enough in many regards. That's why the various open source and free software licenses exist. They are not present so that coders can sit back with a cup of tea by the fire reading them with enjoyment. They are formulated by a group of people working in the problem area in which they have specialized so that you and I don't have to reinvent the wheel badly. THIS IS THE SOLE REASON THE APACHE SOFTWARE FOUNDATION EXISTS!
The day I want Theo acting as my legal advisor is the day that I want OJ's lawyers hacking my production kernel. That said, the Apache 2.0 license is NOT that hard to understand. As for Theo's charge of containing "more stuff", that's like saying v1.0 of the Linux kernel is automatically better than v2.6.9 because they've added "more stuff" to the newer version.
As for the modular vs. monolithic tripe, what pray tell do you think 1.3.x is? See all those LoadModule directives in your httpd.conf file? Take away modules and Apache 1.3.x does NOTHING. What's that? You can compile modules in statically with 1.3.x? Guess what Einstein? You can also do it with 2.0.x. Apache 2.0.x is simply slightly more fine-grained modularity.
Regarding the speed and stablility argument, I call bullshit. 2.0.x is faster than 1.3.x under every metric I have seen used from dynamic content generation to flat file serving. Hell! Even server-side include processing is faster in 2.0.x. As far as stability, where is your data? Neither goes down for me. Then again, when running PHP apps, I use the pre-fork module because so
Re:1.3 VS 2.0 (Score:2, Informative)
it contains more unfree stuff in the license. that is the 'MORE STUFF' they will not accept into the tree
Re:1.3 VS 2.0 (Score:3, Interesting)
If you get into a patent war with the ASF, you can't use ASF code anymore. This is terribly unfree? Apparently we have differing views on what "free" is. Since a software developer needs a cadre of patent lawyers on their side with the way things are going on the software patent arena, I for one welcome the clause. It allows me the freedom to compete and participate in a field that
Re:Where not to use 2.0 (Score:2)
I don't use client SSL certificates, so it's not a showstopper for me.
If a bug in any one feature disqualifies a version, then surely the HTTP 1.1 problems in 1.3.x's mod_proxy would surely apply. In this case, 1.3.x is not an option because I need and use mod_proxy. In fact, I would wager that more people use mod_proxy as a reverse proxy than use c
Well, 1.3.32 was never really officially released (Score:4, Informative)
Apache 2 (Score:3, Insightful)
I was wondering why this is. Is there something bad about the 2.x release, or are people simply sticking with what they know?
Re:Apache 2 (Score:1, Insightful)
Re:Apache 2 (Score:1, Insightful)
Re:Apache 2 (Score:1)
Re:Apache 2 (Score:2, Informative)
Apache security documentation (Score:1, Interesting)
http://www.cgisecurity.com/webservers/apache/ [cgisecurity.com]