Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apache 2.0.48 Released

Posted by CowboyNeal on from the hitting-the-streets dept.

Gruturo writes "Busy week for the Apache software foundation: After 1.3.29, version 2 gets an update as well with 2.0.48, which mainly fixes these two security vulnerabilities. As usual, using a mirror is recommended." The official announcement lists several changes as well.

4 of 159 comments (clear)

  1. Re:A step in the right direction by Tim+C · · Score: 4, Informative

    commercial application servers such as Tomcat

    Tomcat is open source; it's one of the Jakarta projects.

    compared to Oracle's WebSphere

    IBM make WebSphere, not Oracle.

    If Ximian would only release the .NET framework for Solaris

    Microsoft makes the .NET Framework, not Ximian, although Ximian does have a hand in Mono, the open source implementation of the .NET Framework.

    --
    It's official. Most of you are morons.
  2. Logging bug by KalvinB · · Score: 4, Informative

    I used Apache 2.0.47 for all of a day before I decided to never use the 2.0.x line again. Apparently when a partial transfer is requested, Apache 2.0.47 logs the full amount requested. Not what was actually transfered. I ended up showing over 10GB of transfer in a single day on a 256Kbit DSL line. Which if you do the math is only physically capable of about 2.5GB a day.

    I looked at my logs and determined that a couple AOL users were trying to get a rather large file

    aca9bd40.ipt.aol.com 655 6689 1004 310
    acc4e74f.ipt.aol.com 1014 5412 521 148
    ac8bd972.ipt.aol.com 140 1565 534 745

    Requests MB KB Bytes. All that transfer supposedly happened in about a day.

    I notified bug-track but apparently such a simple problem (which doesn't exist in the 1.3.x line) isn't worth addressing.

    After all, who actually uses the Apache 2.0.x logs to monitor transfer? Hopefully not any hosting companies because the customers are going to get royally screwed.

    Ben

    --
    Work Safe Porn
    1. Re:Logging bug by portnoy · · Score: 5, Informative
      Um, didn't someone provide a solution to your bug report? (i.e. use the more advanced log module).

      Seems to me that they do see this as a problem worth addressing; they already have a fix.

  3. Re:Apache 2.0 by Spoke · · Score: 5, Informative

    IMO, the best reason to use Apache 2.0 is that with mod_deflate, you can now easily add content encoding compression to an entire website to save bandwidth. Previously with Apache 1.3, you could add in mod_gzip, but mod_gzip wouldn't compress SSL content without some very ugly config hacks including mod_proxy with a substantial performance benefit. 2.0 eliminates this issue.

    I've seen bandwith drop on websites drop from 20-80% depending on how much content is non-compressible (like graphics).