CentALT has released Apache 2.2.21 packages for CentOS 5
For i386:
For x86_64:
Changes with Apache 2.2.21You can download the packages here or over the CentALT Repository:
*) SECURITY: CVE-2011-3348 (cve.mitre.org)
mod_proxy_ajp: Respond with HTTP_NOT_IMPLEMENTED when the method is not
recognized. [Jean-Frederic Clere]
*) Fix a regression introduced by the CVE-2011-3192 byterange fix in 2.2.20.
PR 51748. []
*) mod_filter: Instead of dropping the Accept-Ranges header when a filter
registered with AP_FILTER_PROTO_NO_BYTERANGE is present,
set the header value to "none". [Eric Covener, Ruediger Pluem]
*) mod_proxy_ajp: Ignore flushing if headers have not been sent.
PR 51608 [Ruediger Pluem]
*) mod_dav_fs: Fix segfault if apr DBM driver cannot be loaded. PR 51751.
[Stefan Fritsch]
*) mod_alias: Adjust log severity of "incomplete redirection target"
message. PR 44020.
*) mod_rewrite: Check validity of each internal (int:) RewriteMap even if the
RewriteEngine is disabled in server context, avoiding a crash while
referencing the invalid int: map at runtime. PR 50994.
[Ben Noordhuis ]
*) core: Allow MaxRanges none|unlimited|default and set 'Accept-Ranges: none'
in the case Ranges are being ignored with MaxRanges none.
[Eric Covener]
*) mod_proxy_ajp: Respect "reuse" flag in END_REPONSE packets.
[Rainer Jung]
For i386:
rpm -ihv http://centos.alt.ru/repository/centos/5/i386/centalt-release-5-3.noarch.rpm
For x86_64:
rpm -ihv http://centos.alt.ru/repository/centos/5/x86_64/centalt-release-5-3.noarch.rpm