On Sep 23, 2004, at 4:43 PM, William A. Rowe, Jr. wrote:
Please see http://httpd.apache.org/dev/dist/ for the current httpd 2.0 release candidate. Among other items noted in the CHANGES file, this candidate contains the patch for the CAN-2004-0811 (cve.mitre.org) flaw in the processing of Satisfy directives, a bug introduced in 2.0.51.
Ran the test suite against the tag on Darwin and FreeBSD 5.2.1, and against the tarball on Fedora Core 2. Also ran test suite against 2.0.51 on all three platforms (I need to automate this). Looks like the tests we wanted to see fixed, are. Other test rot may be due to the state of putrefaction of the Perl modules on the former two machines: the only tests left failing on the linux box (a new perl-framework install as of this morning) are two tests in t/apache/limits.t (not analyzed).
Test results attached. In general, t/security/CAN-2004-0811.t and t/ssl/basicauth.t fixed on all platforms, no new breakage.
S.
-- [EMAIL PROTECTED] http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF
2052rc1.result
Description: application/text
smime.p7s
Description: S/MIME cryptographic signature