On Mon, 18 May 2009 12:23:38 -0700 "Roy T. Fielding" <field...@gbiv.com> wrote:
> On May 18, 2009, at 11:53 AM, Nick Kew wrote: > > The case under discussion was errors generated by a script and > > propagated by the server without reference to > > ap_send_error_response. > > Fix the script. > > ....Roy So, to take just one example, we should've ignored CVE-2008-2939 and fixed the backend instead? -- Nick Kew
