By Jeff Trawick on Jul 29, 2009
First, Apache has been updated to 2.2.11, with later security fixes. So while scheduling prevented delivery of the absolute latest version, Web Stack 1.5 includes all security fixes in the current Apache, APR, and APR-Util releases (2.2.12, 1.3.7, and 1.3.8 respectively).
- The new Web Stack Enterprise Manager provides monitoring support for Apache, in addition to the other server components of Web Stack.
- The new IPS/pkg(5) delivery allows multiple installs of Apache (and the rest of Web Stack) on a system, including non-root installs. (Existing native packages for administrators continue to be supported.)
- LDAP authentication over SSL is now supported on Solaris 10, via OpenLDAP. (It was already supported on Red Hat Enterprise Linux.)
- Exception hooks are now supported via a change to the configure options. Users now have the option to use diagnostic modules like mod_whatkilledus to capture information at the point of a child process crash.
- mod_sed, a Sun contribution to the next release of Apache, has been backported to the Web Stack Apache 2.2 delivery. mod_sed provides more versatile content filtering relative to mod_substitute.
- mod_security is now provided.