Craig... we are waiting on only one issue; addressing the inherited apr handles vulnerability discussed for httpd 2.0 cgi scripting on vuln-dev.
Bjoern Zeeb has spearheaded the effort for the Apache and APR projects to adopt appropriate patches... and as soon as those are evaluated and committed you can expect APR 0.9.2 and very soon after, Apache 2.0.45 built on that tag. It's unclear to me (but I'm starting to get a handle on it) if it's entirely Apache's issue (unlikely) or if we have things to change in apr_file_inherit_set (likely). My confusion comes from the fact that I'm still wrapping my brain around when FD_CLOEXEC actually is triggered, and how to safely assure we close what we intend, and leave open the handles that the author desires. Doesn't give you a definitive date, but I hope this helps explain where we sit right now. More eyeballs on Bjoern's patches will definitely speed this along ;-) Bill At 09:38 AM 3/14/2003, you wrote: >Hi, > >When will apr 0.9.2 be released? > >I am the FreeBSD maintainer of the apr port, and several users >are asking me about this. > >Thanks. >-- >Craig Rodrigues >http://home.attbi.com/~rodrigc >[EMAIL PROTECTED]
