All releases of mod_ssl

2.8.29-1.3.39

13 Sep 2007 08:11

Release Notes: This release is for Apache 1.3.39.

2.8.27-1.3.36

18 Jul 2006 09:51

Release Notes: This release is for Apache 1.3.36.

2.8.26-1.3.35

08 May 2006 08:34

Release Notes: This version was adjusted for Apache 1.3.35. Some small fixes were made.

2.8.24-1.3.33

02 Sep 2005 21:46

Release Notes: A security issue (CAN-2005-2700) has been fixed where "SSLVerifyClient require" was not enforced in per-location context if "SSLVerifyClient optional" was configured in the global virtual host configuration.

2.8.23-1.3.33

06 Jul 2005 14:10

Release Notes: This version was ported to the OpenSSL 0.9.8 API. Connection timeout handling was fixed. The ca-bundle.crt file from Mozilla's "certdata.txt" was updated. Timeout handling in POST request processing was fixed. A double-definition of OPENSSL_free under OpenSSL 0.9.6 was fixed.

2.8.22-1.3.33

30 Oct 2004 18:30

Release Notes: This is the companion version to Apache 1.3.33. There is no functional change, just an adjusted patch set.

2.8.21-1.3.32

22 Oct 2004 14:29

Release Notes: This is the companion mod_ssl version for Apache 1.3.32.

2.8.19-1.3.31

17 Jul 2004 10:50

Release Notes: Fixed a security bug caused by a format string vulnerability.

2.8.16-1.3.29

02 Nov 2003 07:06

Release Notes: This version upgrades to Apache 1.3.29 and fixes a few bugs. It avoids memory corruption in certificate handling caused by a heap memory double-freeing situation, allows the "HTTPS" variable to be passed through by suEXEC, clears the OpenSSL error code in the pass phrase reading code, reverts the recent change where ap_cleanup_for_exec() called ap_kill_alloc_shared(), and correctly checks for SSL_R_HTTP_REQUEST.