- update to 2.4.17

- add support for HTTP/2 (RFC 7540)
- remove obsolate libressl patches [1]

In this release are some exciting new features including:

 *) HTTP/2 support via mod_http2 module
 *) Support for SO_REUSEPORT in MPMs for significant scalability

Changes with Apache 2.4.17

 *) mod_http2: added donated HTTP/2 implementation via core module. Similar
    configuration options to mod_ssl. [Stefan Eissing]

 *) mod_proxy: don't recyle backend announced "Connection: close" connections
    to avoid reusing it should the close be effective after some new request
    is ready to be sent.  [Yann Ylavic]

 *) mod_substitute: Allow to configure the patterns merge order with the new
    SubstituteInheritBefore on|off directive.  PR 57641
    [Marc.Stern <Marc.Stern approach.be>, Yann Ylavic, William Rowe]

 *) mod_proxy: Fix ProxySourceAddress binding failure with AH00938.
    PR 56687.  [Arne de Bruijn <apache arbruijn.dds.nl>

 *) mod_ssl: Support compilation against libssl built with OPENSSL_NO_SSL3,
    and change the compiled-in default for SSL[Proxy]Protocol to "all -SSLv3",
    in accordance with RFC 7568. PR 58349, PR 57120. [Kaspar Brand]

 *) mod_ssl: append :!aNULL:!eNULL:!EXP to the cipher string settings,
    instead of prepending !aNULL:!eNULL:!EXP: (as was the case in 2.4.7
    and later). Enables support for configuring the SUITEB* cipher
    strings introduced in OpenSSL 1.0.2. PR 58213. [Kaspar Brand]

 *) mod_ssl: Add support for extracting the msUPN and dnsSRV forms
    of subjectAltName entries of type "otherName" into
    SSL_{CLIENT,SERVER}_SAN_OTHER_{msUPN,dnsSRV}_n environment
    variables. Addresses PR 58020. [Jan Pazdziora <jpazdziora redhat.com>,
    Kaspar Brand]

 *) mod_logio: Fix logging of %^FB (time to first byte) on the first request on
    an SSL connection.  PR 58454.
    [Konstantin J. Chernov <k.j.chernov gmail.com>]

 *) mod_cache: r->err_headers_out is not merged into
    r->headers when mod_cache is enabled and the response
    is cached for the first time. [Edward Lu]

 *) mod_slotmem_shm: Fix slots/SHM files names on restart for systems that
    can't create new (clear) slots while previous children gracefully stopping
    still use the old ones (e.g. Windows, OS2). mod_proxy_balancer failed to
    restart whenever the number of configured balancers/members changed during
    restart.  PR 58024.  [Yann Ylavic]

 *) core/util_script: make REDIRECT_URL a full URL.  PR 57785. [Nick Kew]

 *) MPMs: Support SO_REUSEPORT to create multiple duplicated listener
    records for scalability. [Yingqi Lu <yingqi.lu@intel.com>,
    Jeff Trawick, Jim Jagielski, Yann Ylavic]

 *) mod_proxy: Fix a race condition that caused a failed worker to be retried
    before the retry period is over. [Ruediger Pluem]

 *) mod_autoindex: Allow autoindexes when neither mod_dir nor mod_mime are
    loaded. [Eric Covener]

 *) mod_rewrite:  Allow cookies set by mod_rewrite to contain ':' by accepting
    ';' as an alternate separator.  PR47241.
    [<bugzilla schermesser com>, Eric Covener]

 *) apxs: Add HTTPD_VERSION and HTTPD_MMN to the variables available with
    apxs -q. PR58202. [Daniel Shahaf <danielsh apache.org>]

 *) mod_rewrite: Avoid a crash when lacking correct DB access permissions
    when using RewriteMap with MapType dbd or fastdbd.  [Christophe Jaillet]

 *) mod_authz_dbd: Avoid a crash when lacking correct DB access permissions.
    PR 57868. [Jose Kahan <jose w3.org>, Yann Ylavic]

 *) mod_socache_memcache: Add the 'MemcacheConnTTL' directive to control how
    long to keep idle connections with the memcache server(s).
    Change default value from 600 usec (!) to 15 sec. PR 58091
    [Christophe Jaillet]

 *) mod_dir: Prevent the internal identifier "httpd/unix-directory" from
    appearing as a Content-Type response header when requests for a directory
    are rewritten by mod_rewrite. [Eric Covener]

[1] tested by brnrd@

0 files changed, 0 insertions, 0 deletions