The Apache Group is pleased to announce the legacy release of the 1.3.34 version of the Apache HTTP Server.

This version of Apache is principally a security and bug fix release. Of particular note is that 1.3.34 addresses the following security issue:

If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length, mitigating some HTTP Request Splitting/Spoofing attacks.