Apache HTTP Server 2.2.19 发布

该版本修复了两个问题：

     * SECURITY: CVE-2011-1928 (cve.mitre.org)
       APR 1.4.4 中 apr_fnmatch() 修复的 CVE-2011-0419 导致一个新的漏洞.  
       httpd workers enter a hung state
       (100% cpu utilization) after updating to APR 1.4.4.  Upgrading to
       APR 1.4.5 bundled with the httpd 2.2.19 package, or using APR 1.4.3
       or prior with the 'IgnoreClient' option of the 'IndexOptions'
       directive will circumvent both issues.

     * httpd 2.2.18: The ap_unescape_url_keep2f() function signature was
       inadvertantly changed. This breaks binary compatibility of a number
       of third-party modules.  This httpd-2.2.19 package restores the
       function signature provided by 2.2.17 and prior.

同时发布的还有 APR 1.4.5 和 APR-Utils 1.3.12

下载地址：http://httpd.apache.org/download.cgi

文章来源：开源中国社区