Re: Looking to T&R 2.4.8 in Feb...

2014-01-08 Thread William A. Rowe Jr.
On Mon, 6 Jan 2014 15:01:58 -0500 Jim Jagielski wrote: > > On Jan 6, 2014, at 2:40 PM, Blaise Tarr wrote: > > > > So mod_rewrite is not recognizing the "unix:" prefix as being > > valid. I temporarily commented out the call of fully_qualify_uri(r) > > at mod_rewrite.c:4130, and now r->filename

Security Advisories

2014-01-08 Thread Ben Reser
So I've received at least two people asking me for more details about CVE-2013-1896. I thinking it might be better to provide more than a couple sentences on the issues. It can be hard to understand the impact of an issue from what we're providing now.

Re: Event and atomics, round II

2014-01-08 Thread Jim Jagielski
If the unsigned quantity can be expressed as a signed quantity, then all is well. The only undefined behavior (implementation specific) is if it can't be. However, the conversion from a non-0 quantity to a 0 would be extremely unlikely. You'd get an unexpected signed value, but I can't imagine any

RE: Event and atomics, round II

2014-01-08 Thread Plüm , Rüdiger , Vodafone Group
From: Yann Ylavic Sent: Mittwoch, 8. Januar 2014 16:57 To: httpd; apr Subject: Re: Event and atomics, round II On Wed, Jan 8, 2014 at 2:03 PM, Jim Jagielski mailto:j...@jagunet.com>> wrote: On Jan 7, 2014, at 3:15 PM, Jeff Trawick mailto:traw...@gmail.com>> wrote: > > +1 for APR trunk, +0.9 f

Re: Event and atomics, round II

2014-01-08 Thread Yann Ylavic
On Wed, Jan 8, 2014 at 2:03 PM, Jim Jagielski wrote: > > On Jan 7, 2014, at 3:15 PM, Jeff Trawick wrote: > > > > +1 for APR trunk, +0.9 for future APR 1.6.x, -0.9 for APR 1.5.x... > > > > alternate opinions? > > > > As far as I know, C guarantees that > > if (a) > > is the same as > >

RE: Event and atomics, round II

2014-01-08 Thread Plüm , Rüdiger , Vodafone Group
> -Original Message- > From: Jim Jagielski > Sent: Mittwoch, 8. Januar 2014 14:03 > To: Jeff Trawick > Cc: Apache HTTP Server Development List; apr > Subject: Re: Event and atomics, round II > > > On Jan 7, 2014, at 3:15 PM, Jeff Trawick wrote: > > > > +1 for APR trunk, +0.9 for futur

Re: Event and atomics, round II

2014-01-08 Thread Jim Jagielski
On Jan 7, 2014, at 3:15 PM, Jeff Trawick wrote: > > +1 for APR trunk, +0.9 for future APR 1.6.x, -0.9 for APR 1.5.x... > > alternate opinions? > As far as I know, C guarantees that if (a) is the same as if (a != 0) So I'm unsure of the need for this patch.

Adding -DDUMP_CA_CERTS for mod_ssl (Re: svn commit: r1550060 - in /httpd/httpd/trunk: CHANGES modules/ssl/ssl_engine_config.c)

2014-01-08 Thread Kaspar Brand
On 06.01.2014 08:46, Jan Kaluža wrote: > On 01/05/2014 11:10 AM, Kaspar Brand wrote: > I think I have no problem with changing the code to work as you > describe. I've only thought the way it works now is better, because > otherwise httpd could dump some files which it does not consider later. >