dgaudet 98/01/07 14:24:39
Modified: . STATUS src CHANGES Log: mod_include and mod_imap cleanup/security fixes Revision Changes Path 1.57 +1 -4 apachen/STATUS Index: STATUS =================================================================== RCS file: /export/home/cvs/apachen/STATUS,v retrieving revision 1.56 retrieving revision 1.57 diff -u -r1.56 -r1.57 --- STATUS 1998/01/07 17:04:02 1.56 +++ STATUS 1998/01/07 22:24:36 1.57 @@ -70,12 +70,9 @@ scheme never succeeds (fwd) * Paul's [PATCH] a bundle of multithreading changes * Ken's [PATCH] for copyright year update + * Dean's [PATCH] 1.3: security updates for mod_imap and mod_include Available Patches: - - * Dean's [PATCH] 1.3: security updates for mod_imap and mod_include - <[EMAIL PROTECTED]> - Status: Dean +1, Jim +1, Martin +1 * Dean's [PATCH] yet another slow function <[EMAIL PROTECTED]> 1.559 +12 -5 apachen/src/CHANGES Index: CHANGES =================================================================== RCS file: /export/home/cvs/apachen/src/CHANGES,v retrieving revision 1.558 retrieving revision 1.559 diff -u -r1.558 -r1.559 --- CHANGES 1998/01/05 08:41:22 1.558 +++ CHANGES 1998/01/07 22:24:37 1.559 @@ -1,5 +1,12 @@ Changes with Apache 1.3b4 + *) SECURITY: General mod_include cleanup, including fixing several + possible buffer overflows and a possible infinite loop. + [Dean Gaudet, Marc Slemko] + + *) SECURITY: Numerous changes to mod_imap in a general cleanup + including fixing a possible buffer overflow. [Dean Gaudet] + *) WIN32: overhaul of multithreading code. Shutdowns are now graceful (connections are not dropped). Code can handle graceful restarts (but there is as yet no way to signal this to Apache). Various @@ -537,11 +544,11 @@ update_mtime() routine has also been added to advance it if appropriate. [Roy Fielding, Ken Coar] - *) If a htaccess file can not be read due to bad permissions, deny - access to the directory with a HTTP_FORBIDDEN. The previous - behavior was to ignore the htaccess file if it could not - be read. This change may make some setups with unreadable - htaccess files stop working. PR#817 [Marc Slemko] + *) SECURITY: If a htaccess file can not be read due to bad permissions, + deny access to the directory with a HTTP_FORBIDDEN. The previous + behavior was to ignore the htaccess file if it could not be read. + This change may make some setups with unreadable htaccess files + stop working. PR#817 [Marc Slemko] *) Add aplog_error() providing a mechanism to define levels of verbosity to the server error logging. This addition also provides