September 29, 2016

Apache 2.2.19 Released: Security Update and Bug-fix

The Apache HTTP Server Project team released the new version 2.2.19 of the Apache HTTP Server (httpd).

This new version is a security update and bug-fix release to address CVE-2011-1928 and CVE-2011-0419 DoS vulnerabilities. This release also corrects a versioning incompatibility in 2.2.18 and it is a major release of the stable branch, and represents the best available version of Apache HTTP Server according to the project’s website.

The Apache 2.2.19 includes some new features such as Smart Filtering, Improved Caching, AJP Proxy, Proxy Load Balancing, Graceful Shutdown support, Large File Support, the Event MPM, and refactored Authentication/Authorization.

This new release includes the Apache Portable Runtime (APR) version 1.4.5 and APR Utility Library (APR-util) version 1.3.12, bundled with the tar and zip distributions. The APR libraries libapr and libaprutil (and on Win32, libapriconv version 1.2.1) must all be updated to ensure binary compatibility and address many known security and platform bugs.

Apache HTTP Server 2.2.19 is available for download here.