« Nikto version 2.1.1 released | Main | Larry Suto Web Application Security Scanner Comparison Report Inaccurate Vendors Say »

R.I.P. Apache 1.x: Apache 1.3.42 marks of end life

The latest version of Apache 1.3.42 is the last 1.3 version of Apache that will be released. I admit I've been running 1.3 for ages now due to it being rock solid and having a decent security track record. The announcement states that security patches 'may be available' at http://www.apache.org/dist/httpd/patches/ but consider this the time to finally upgrade to 2.x.

"This version of Apache is is principally a bug and security fix release. The following moderate security flaw has been addressed:

  • CVE-2010-0010: mod_proxy: Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long). Reported by Adam Zabrocki." - Apache

Announcement: http://www.apache.org/dist/httpd/Announcement1.3.html


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

I continue to use Apache/1.3 on my home web server. I use the prefork model anyways so upgrading would not give me the performance boost of Apache2.0/2.2 with worker mpm. Apache 1.3 is compact and super fast to compile.

Post a comment

Remember personal info?