아파치 소프트웨어 재단은 아파치 오픈 소스 소프트웨어 프로젝트 커뮤니티 지원을 제공합니다.
아파치 프로젝트는 협업과 개발 프로세스를 기반으로 하는 상호간의 공감대와 개방되어 있는 실용적인 소프트웨어 라이센스, 그 분야에서 선두를 달릴 수 있는 고품질 소프트웨어 개발을 추구하고 있습니다.
우리는 심플한 서버 공유 프로젝트의 모임이라고도 하지만 오히려 개발자와 사용자간의 커뮤니티라고 생각합니다.
The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.4.2 of the Apache HTTP Server ("Apache"). This version of Apache is our 2nd GA release of the new generation 2.4.x branch of Apache HTTPD and represents fifteen years of innovation by the project, and is recommended over all previous releases. This version of Apache is principally a security and bug fix release, including the following security fix:
*) SECURITY: CVE-2012-0883 (cve.mitre.org)
envvars: Fix insecure handling of LD_LIBRARY_PATH that could
lead to the current working directory to be searched for DSOs.
Apache HTTP Server 2.4.2 is available for download from:
http://httpd.apache.org/download.cgi
Apache 2.4 offers numerous enhancements, improvements, and performance boosts over the 2.2 codebase. For an overview of new features introduced since 2.4 please see:
Please see the CHANGES_2.4 file, linked from the download page, for a full list of changes. A condensed list, CHANGES_2.4.2 includes only those changes introduced since the prior 2.4 release. A summary of all of the security vulnerabilities addressed in this and earlier releases is available:
This release requires the Apache Portable Runtime (APR) version 1.4.x and APR-Util version 1.4.x. The APR libraries must be upgraded for all features of httpd to operate correctly.
This release builds on and extends the Apache 2.2 API. Modules written for Apache 2.2 will need to be recompiled in order to run with Apache 2.4, and require minimal or no source code changes.
When upgrading or installing this version of Apache, please bear in mind that if you intend to use Apache with one of the threaded MPMs (other than the Prefork MPM), you must ensure that any modules you will be using (and the libraries they depend on) are thread-safe.
NOTE to Windows users: AcceptFilter None has replaced Win32DisableAcceptEx
and the feature appears to have interoperability issues with mod_ssl.
Apache 2.4.2 may not yet be suitable for all Windows servers. There
is not yet a Windows binary distribution of httpd 2.4, but this is
expected to be remedied soon as various dependencies graduate from
많은 개발자와 서버 운영자들이 기다리시던 Apache HTTP Server 2.4가 릴리즈 되었습니다.
Apache HTTP Server 2.4에서는 클라우드 환경을 구성하는데 적합하게 하는 기능들이 많이 추가 되었습니다.
• Improved performance (lower resource utilization and better concurrency)
• Reduced memory usage
• Asyncronous I/O support
• Dynamic reverse proxy configuration
• Performance on par, or better, than pure event-driven Web servers
• More granular timeout and rate/resource limiting capability
• More finely-tuned caching support, tailored for high traffic servers and proxies.
The Apache Software Foundation and the Apache HTTP Server Project are pleased to announce the release of version 2.2.17 of the Apache HTTP Server ("Apache"). This version of Apache is principally a bug fix release, and a security fix release of the APR-util 1.3.10 dependency;
* SECURITY: CVE-2010-1623 (cve.mitre.org)
Fix a denial of service attack against apr_brigade_split_line().
Fix two buffer over-read flaws in the bundled copy of expat which
could cause httpd to crash while parsing specially-crafted
XML documents.
We consider this release to be the best version of Apache available, and
encourage users of all prior versions to upgrade.
Apache HTTP Server 2.2.17 is available for download from:
http://httpd.apache.org/download.cgi
Apache HTTP Server 2.0.64 legacy release is also currently available, with the same vulnerability correction as well as many others fixed in 2.2.16 and earlier releases. See the corresponding CHANGES files linked from the download page. The Apache HTTP Project developers strongly encourage all users to migrate to Apache 2.2, as only limited and less frequent maintenance is provided for legacy versions.
Apache 2.2 offers numerous enhancements, improvements, and performance boosts over the 2.0 codebase. For an overview of new features introduced since 2.0 please see:
Please see the CHANGES_2.2 file, linked from the download page, for a full list of changes. A condensed list, CHANGES_2.2.17 provides the complete list of changes since 2.2.16. A summary of all of the security vulnerabilities addressed in this and earlier releases is available:
This release includes the Apache Portable Runtime (APR) version 1.4.2 and APR Utility Library (APR-util) version 1.3.10, bundled with the tar and zip distributions. The APR libraries libapr and libaprutil (and
on Win32, libapriconv version 1.2.1) must all be updated to ensure binary compatibility and address many known security and platform bugs.
This release builds on and extends the Apache 2.0 API. Modules written for Apache 2.0 will need to be recompiled in order to run with Apache 2.2, and require minimal or no source code changes.
When upgrading or installing this version of Apache, please bear in mind that if you intend to use Apache with one of the threaded MPMs (other than the Prefork MPM), you must ensure that any modules you will be using (and the libraries they depend on) are thread-safe.
Please see the CHANGES_2.2 file, linked from the download page, for a full list of changes. A condensed list, CHANGES_2.2.15 provides the complete list of changes since 2.2.14. A summary of security vulnerabilities which were addressed in the previous 2.2.14 and earlier releases is available:
Apache HTTP Server 2.2.15 is compatible with Apache Portable Runtime
(APR) versions 1.3 and 1.4, APR-util library version 1.3, and APR-iconv library version 1.2. The most current releases should be used to address known security and platform bugs. At the time of this httpd release, the recommended APR releases are:
* Apache Portable Runtime (APR) library version 1.4.2 (bundled),
or at minimum, version 1.3.12
* ARR-util library version 1.3.9 (bundled)
* APR-iconv library version 1.2.1 (only bundled in win32-src.zip)
Older releases of these libraries have known vulnerabilities or other defects affecting httpd. For further information and downloads, visit:
Apache HTTP Server 2.2 offers numerous enhancements, bug fixes, and performance enhancements over the 2.0 codebase. For an overview of new features introduced since 2.0 please see:
This release builds upon and extends the httpd 2.0 API. Modules written for httpd 2.0 will need to be recompiled in order to run with httpd 2.2, and may require minimal or no source code changes.
When upgrading or installing this version of httpd, please bear in mind that if you intend to use httpd with one of the threaded MPMs (other than the Prefork MPM), you must ensure that any modules you will be using (and the libraries they depend on) are thread-safe.
아파치 소프트웨어 재단에서 2010년 2월 23일 Apache HTTP Server이 15주년 기념일을 축하였습니다.
아파치 소프트웨어 재단의 대표 프로젝트인 Apache HTTP Server는 전 세계의 대표적인 웹 서버로서, 약 1억12백만 이상의 웹사이트에서 사용되고 있습니다.
2010년 2월 23일 FOREST HILL, MD -- 아파치 소프트웨어 재단(ASF) -- 개발자와 간사, 그리고 138개에 이르는 인큐베이터 오픈 소스 프로젝트 -- 오늘 Apache HTTP Server 탄생 15주년을 기념하였습니다.
이 프로젝트는 아파치 소프트웨어 재단의 발단이 된 첫번째 프로젝트로, 세계에서 가장 널리 이용되는 웹 서버 소프트웨어로서 현재 약 1억 12백만개의 웹사이트에서 운영되고 있습니다.
재단에 참여하는 모든 지원자 노력의 산물인 Apache HTTP Server는 현재 실시간 뉴스 소스, 포츈지의 100대 엔터프라이즈 포털, 클라우드 컴퓨팅 클러스터, 파이낸셜 서비스 플랫폼, 높은 보안성과 정확성을 요구하는 국방 인텔리전스 애플리케이션, 항공 커뮤니케이션 네트워크 등등의 전 세계 사용자들이 필요로 하는 약 Peta 바이트의 데이터를 신속 정확하게 전송하고 있습니다.
더구나, 이 서버 소프트웨어는 무료로 다운 받아서 누구나 설치할 수 있고 수정할 수 있습니다.
다시 한번, Apache HTTP Server의 15주년 기념일을 진심으로 축하드립니다.
History
The Apache Server started as a fork (an independent development stream) of the NCSA httpd, a Web server created by Rob McCool at the National Center for Supercomputing Applications. Further development to the server ceased after McCool's departure from NCSA in 1994, so an online community of individuals was formed to support and enhance its software via email collaboration. The founding members of that community (the Apache Group) included Brian Behlendorf, Roy Fielding, Rob Hartill, David Robinson, Cliff Skolnick, Randy Terbush, Robert Thau, and Andrew Wilson.
Within less than a year of the Apache Group's formation, the Apache server surpassed NCSA httpd as the #1 server on the Internet.
In March 1999, members of the Apache Group formed The Apache Software Foundation to provide organizational, legal, and financial support for the Apache HTTP Server. An additional goal for the Foundation was to serve as a neutral, trusted platform for the development of community-driven software.
Growth, the "Apache Way"
Beyond the Apache HTTP Server, dozens of ASF projects – from build tools to Web services to cloud computing and more – lead the way in Open Source technology.
At the ASF, community plays a vital role in the collaborative development of consensus-driven, enterprise-grade solutions. The number of projects led by the Apache community has grown from the singular Apache HTTP Server at the ASF's inception in 1999 to nearly 140 projects today.
The ASF's commitment to fostering a collaborative approach to development has long served as a model for producing consistently high quality software and helping advance the future of open development. Through its leadership, robust community, and meritocratic process known as the "Apache Way", the ASF continues to gain recognition as one of the most successful influencers in Open Source.
Through the Apache Way, the ASF is able to spearhead new projects that meet the demands of the marketplace and help users achieve their business goals. With the Apache Incubator mentoring more projects than ever before, the ASF continues to meet the growing demand for quality Open Source products.
"Community Over Code": among the Foundation's core tenets is open collaboration through respectful, honest, technically-focused interaction. The ASF's success is testament to its outstanding community efforts that serve as best practices widely embraced by organizations and individuals alike.
"If it didn't happen on-list, it didn't happen": building upon the transparency-oriented culture of the Apache Group, whose collaboration took place on email lists, millions of messages are archived on Apache publicly-accessible mailing lists, documenting the ASF's achievements over the past decade.
"Meritocracy in Action": the ASF's tagline reflects an average of 10,000 code contributions (commits) made each month. The ASF is responsible for millions of lines of code by more than 2,000 ASF Committers and countless contributors across the Open Source landscape. Nearly 500 community-driven modules have been developed to extend functionality of the Apache HTTP Server alone.
Milestones
February 23, 1994: Individual patch authors around the world are invited to join the "new-httpd" mailing list to discuss enhancements and future releases of NCSA httpd. The Apache name was chosen for this new effort within the first few days of discussion, along with basic rules for email-based collaboration and a mission to replace the existing server with a standards-based, open source, and extensible software system.
March 15, 1994: Apache-style voting created (+1, 0, -1; with '-1' meaning 'no', '0' meaning 'neutral', and '+1' meaning 'yes.')
March 18, 1994: First Apache Group release (Apache 0.2)
Apache server v.1.0 was released in December 1995. Four years later, Apache HTTP Server v.1.3.0 was released, and rapidly becoming the most popular Web server on the planet.
Apache HTTP Server v.2.0 alpha was released in March 2000, with the first general availability release two years later. V.2.0 remained best-of-breed sever until the release of v.2.2.0 in December 2005, and is widely deployed across the Internet.
In February 2009, the Apache HTTP Server became the first Web server software in history to surpass the 100 million Website milestone.
The most current, best-of-breed, stable version of the Apache HTTP Server is v.2.2.14, released September 2009. Developers seeking to test new features and preview what will become stable Version 2.4 are able to do so today with the development of v.2.3.5.
Earlier this month, after ten years and more than forty revisions, the Apache HTTP Server v.1.3.x officially reached end of life status with the release of v.1.3.42. Future patches to v.1.3.x will be for critical security updates only.
The Apache HTTP Server remains the world's most beloved Web server, forming the backbone of nearly 70% of all sites on the Internet.
Availability
The Apache HTTP Server is available for a variety of operating systems, including Unix, Linux, GNU, FreeBSD, Netware, Solaris, Windows, Mac OS X, OS/2, TPF, and eCS. In addition, the Apache HTTP Server is redistributed through many proprietary software packages such as WebSphere, Oracle RDBMS, Kylix, NetWare, and Delphi, as well as numerous Linux distributions.
All ASF projects, including the Apache HTTP Server, are available free of charge under the Apache Software License v.2.0. To download, or for more information, visit http://httpd.apache.org/
About The Apache Software Foundation (ASF)
Established in 1999, the all-volunteer Foundation oversees more than seventy leading Open Source projects, including Apache HTTP Server — the world's most popular Web server software. Through The ASF's meritocratic process known as "The Apache Way," more than 300 individual Members and 2,000 Committers successfully collaborate to develop freely available enterprise-grade software, benefiting millions of users worldwide: thousands of software solutions are distributed under the Apache License; and the community actively participates in ASF mailing lists, mentoring initiatives, and ApacheCon, the Foundation's official user conference, trainings, and expo. The ASF is funded by individual donations and corporate sponsors including Facebook, Google, HP, Microsoft, Progress Software, SpringSource, and Yahoo! For more information, visit http://www.apache.org/.
The Apache Software Foundation
