Apache 2.4.67 Release Candidate Fixes Memory Leaks and ACME Certificate Hiccups
The Apache HTTP Server team dropped a new release candidate for version 2.4.67, and this build actually targets some real stability pain points instead of just bumping version numbers. Administrators running production web servers will want to know how the updated memory handling in mod_http2 and the ACME certificate renewal fixes might affect their current setups. This breakdown covers what changed, why those adjustments matter for long term uptime, and whether you should test this code before the final drop.
Why the Apache 2.4.67 release candidate mod_http2 changes matter
The update to version 2.0.39 strips out the streams own memory allocator after reports of memory problems with third party modules. Server admins who run custom extensions or older proxy modules often see Apache chew through RAM until the system starts swapping, and this removal forces the module to rely on the core server allocation routines instead. The previous version sync just pulled code from the upstream repository without touching functionality, but the double free fix in 2.0.37 actually prevents a crash when streams get purged twice during connection teardown. Those kinds of memory management tweaks usually show up after a driver or module update goes sideways on a busy production box, so testing this build in a staging environment before pushing it live makes sense.
ACME certificate renewal and APR compatibility fixes
The mod_md module jumped through several version bumps to address certificate handling quirks that have been tripping up automated Let's Encrypt setups. Version 2.6.10 ignores job.json files that claim a certificate renewal finished completely but failed to produce the actual result files, which stops the module from getting stuck in an endless retry loop. Earlier patches fixed a regression in MDStapleOthers that broke staple caching regardless of configuration, and another update corrected how the ARI replaces property gets sent during ACME order creation. The team also added compatibility for APR versions older than 1.6.0 by swapping out a missing string comparison function, which means legacy build environments will compile without throwing errors. Anyone who has watched a cron job fail silently because of a stale certificate file knows how quickly these small fixes prevent larger downtime headaches.
Updated mime types and testing recommendations
The default configuration files now recognize vnd.sqlite3, HEIC, and HEIF media formats in the mime.types database. Those additions mostly help modern browsers serve image assets correctly without falling back to generic binary handlers or triggering download prompts on older server setups. Since this remains a release candidate, the code is stable enough for evaluation but still carries the usual warning about potential last minute adjustments before final publication. Administrators should run the standard test suite against their current module stack and verify that custom proxy rules do not trigger the old memory allocator bugs. The Apache project usually ships the final version within a few weeks of an RC, so keeping this build on a secondary server gives enough time to catch any edge cases without risking production traffic.
Release Apache 2.4.67-rc1-candidate
2.4.67-rc1-candidate
Keep your test servers updated and let the logs tell you what breaks before the official release hits your main stack. Happy troubleshooting.
