Late last week, the Aache httpsd project released version 2.2.9 of the apache web server, which fixes a couple of mod_proxy vulnerabilities as well as addressing some outstanding bugs. Here is the link to the changelog. No one really blogs about apache any more--at least none of the blogs I regularly visit. Interestingly, only one or two sites tracked by technorati made mention of it. I'm not really sure why this would be the case given that this web server is used on about 50% of the sites that you might be visiting today. An interesting parallel exists for me at work. When all the change orders for a new web app are compiled by a development team, the mod-proxy or mod-jk changes to expose this new app to the Internet are consistenly forgotten. Poor apache--your success and ubiquity has transformed you into just another "plumbing" component alongside ethernet and tcp/ip and dns. At least in the j2ee world I live in, apache is quickly becoming one of those things that is just 'there'--another component of the 'ping' in 'ping, power, and pipe'.