- New upstream release 2.3.7
- Introduce FcgidWin32PreventOrphans directive on Windows to use OS Job
Control Objects to terminate all running fcgi's when the worker process
has been abruptly terminated (PR: 51078)
- Periodically clean out the brigades that are pulling in the request body
for handoff to the fcgid child (PR: 51749)
- Resolve crash during graceful restarts (PR: 50309)
- Solve latency/congestion of resolving effective user file access rights
when no such info is desired, for config-related filename stats (PR: 51020)
- Fix regression in 2.3.6 that broke process controls when using
vhost-specific configuration
- Account for first process in class in the spawn score
- Drop patch for CVE-2012-1181, now included in upstream release
- New upstream release 2.3.6 (see CHANGES-FCGID for full details)
- Fix possible stack buffer overwrite (CVE-2010-3872)
- Change the default for FcgidMaxRequestLen from 1GB to 128K; administrators
should change this to an appropriate value based on site requirements
- Correct a problem that resulted in FcgidMaxProcesses being ignored in some
situations
- Return 500 instead of segfaulting when the application returns no output
- Don't include SELinux policy for RHEL-5 builds since RHEL >= 5.5 includes it
- Explicitly require /bin/sed for fixconf script
