Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apache 1.3.33 Released

Posted by CowboyNeal on from the one-more-try dept.

harmgsn writes "Following the release of Apache 1.3.32, the Apache Group released Apache 1.3.33 to fix a security flaw in mod_include and in the Content-Length field. The official announcement is available as well as the ChangeLog for the 1.3.x series."

20 of 227 comments (clear)

  1. Better yet, use IIS! by Anonymous Coward · · Score: 0, Funny

    It's a real server!

  2. Good thing I use Apache 2 by brandonp · · Score: 2, Funny

    Been using Apache 2 on Fedora Core for the past few months, so shouldn't have any worries.

    Brandon Petersen
    Get Firefox!

    1. Re:Good thing I use Apache 2 by eobanb · · Score: 3, Funny

      Personally, I'm waiting for Apache 1.3.37. 0h y34h!!!

      --

      Take off every sig. For great justice.

  3. Re:How by Anonymous Coward · · Score: 2, Funny

    Yes, I think there is one, it is called the "Hello World" program.

  4. Re:How by Anonymous Coward · · Score: 1, Funny

    Did you check the return value of the printf call?

    BUGGY!

  5. Re:A little overblown by Anonymous+Crowhead · · Score: 5, Funny

    After looking at the changelog [apache.org], is this a topic for the main page?

    No kidding. The Apache section is like Ralph Nader. It's always there, it gets about 1% as many comments as any other section, a boring story about it still hits the headlines now and again, but you try to get rid of it and it gets all crazy.

  6. Re:A little overblown by Anonymous Coward · · Score: 4, Funny

    Don't blame me, I voted IIS.

  7. I tried to migrate to Apache. by shaneh0 · · Score: 5, Funny

    During last years jihad on IIS & IE I decided it would be a good idea to migrate the company's web servers to Apache. I decided to start simple and submit a plan to migrate just the department intranet server.

    This is the actual response from management. The brain-dead VP that made this truly-enlightened decision first made a name for himself as a VP at a FAUCET COMPANY.

    Listen to the faucet kings great idea:

    "Shane, Thanks for your proposal. Unfortunately, I cannot approve the change. In fact, I've decided that we need to streamline these things in the future and make sure everyone is on the same page.

    From now on, we will only install software on the servers that is at version 2.0 and above. There will be no exceptions to this. It's about security and reliability. Everyone knows you dont buy a car the first model year, why should software be any different. I've never heard of apachee, but if these guys are as good as you say they are enough people will bite to keep them going, and when they come out with the next major realease I think you'll see then that we're better off for waiting for them to really get it right.

    thanks for beging on board with this, tom." [my name's shane]

    Two years ago this guy won the "visionary of the year" award at the company conference.

    1. Re:I tried to migrate to Apache. by pchan- · · Score: 3, Funny

      i would love to have had the chance to respond to this.

      you could just download apache, edit the code and bump up the version number. but really, the right solution would have been to inform him that, in fact, there exists an "apachee 3.0". unfortunately, "apachee 3.0" is no longer free, and requires a 500$ yearly site license for under 10 installs (and reasonable fees for more). then you can bump up the version on apache 1.3 and install it on the company's computers. your friend (er, the "apachee foundation") can cash the yearly check for you.

  8. Re:I can't figure this release note out by mrchaotica · · Score: 4, Funny
    does this effect me?
    I don't see how it could, since "effect" is a noun.
    I don't want to loose the security battle
    Well, better keep that battle tied up then!

    [note to mods: With a story this useless, what else could I do but correct usage (I'll leave grammar and capitalization as an exercise for the reader)? I mean come on, the front page for a bugfix?!]
    --

    "[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz

  9. Re:A little overblown by Neil+Blender · · Score: 4, Funny

    No kidding. The Apache section is like Ralph Nader. It's always there, it gets about 1% as many comments as any other section, a boring story about it still hits the headlines now and again, but you try to get rid of it and it gets all crazy.

    Heh, that reminds me: About 3 or 4 years ago, I was up late fixing some server issue. While I was waiting around I checked Slashdot and saw a story in the Apache section about some Apache conference or party or something that was taking place in Belgium or Norway, I can't remember exactly. It had been up for hours, maybe even days with no comments. So, thinking it would be like taking candy from a baby, I first posted. About a week later, I checked the same story and the only post was my first post. I think that story got archived with that single post.

  10. Riddle me this then? by Bill_Royle · · Score: 1, Funny

    Why is your server running 2.0, then?

    Netcraft's "What's That Site Running?" report on www.force-elite.com

    I'm assuming by your nick here that you're Chip, of course.

  11. Re:Apache is awful. by pairo · · Score: 3, Funny

    I'm only going to comment on two bits of your post, since I've never used ColdFusion/JRun with Apache (Or at all, for that matter) and cannot address the main issue.

    disabled all uneeded services, performance tuned our app

    You only did that _after_ you noticed your application is having problems?

  12. As opposed to . . . by WinterpegCanuck · · Score: 2, Funny
    Following the release of Apache 1.3.32

    what, it would follow 1.3.34?

  13. Re:A little overblown by Trepidity · · Score: 2, Funny

    God we're geeks :)

    People told me that I shouldn't take the comments on Slashdot seriously because they are inaccurate, but I believe I have evidence to the contrary.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
  14. In other news.... by abdulwahid · · Score: 4, Funny

    Kernel developers today released the eagerly awaited linux kernel 1.2.14. Everyone should update to this latest version as soon as possible to make use of the security fixes that this update provides.

    --
    perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10);'
  15. Re:I can't figure this release note out by Scarblac · · Score: 2, Funny

    Security effects ALL of us.

    ITYM the other way around - it's LACK of secure (safe) sex that effects all of us.

    --
    I believe posters are recognized by their sig. So I made one.
  16. Re:A little overblown by Tony-A · · Score: 2, Funny

    With all the stories on Microsoft exploits, the Slashdot editors are trying to give equal time.

    "mod_include: Fix potential buffer overflow with escaped characters in SSI tag string."
    -- At least it's a different one.

    "Multiple security issues ... that could allow an attacker to compromise a computer running Windows and gain complete control over it."
    -- I thought they fixed that already.

  17. Future thought by SirLestat · · Score: 5, Funny

    I can't wait for release 1.3.37

  18. Re:Back to /. roots? by 74nova · · Score: 2, Funny
    I'd really like to see ... Gnome & KDE flamewars
    there arent gnome and kde flame wars anymore because we kde zealots won.


    easy there boys, its a joke
    --
    use your turn signal! you people act like it's divulging information to the enemy