You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Charles Randall <cr...@matchlogic.com> on 1998/03/26 23:19:26 UTC
Win32 show stoppers for 1.3?
Where's the current list of Win32 show stoppers for Apache 1.3?
>From the 1.3 STATUS message,
WIN32 1.3 FINAL RELEASE SHOWSTOPPERS:
* SECURITY: PR#1203 still needs to be dealt with for WIN32
* SECURITY: check if the magic con/aux/nul/etc names do
anything
really bad
* SECURITY: numerous uses of strcpy and strcat have
potential
for buffer overflow, someone should rewrite or verify
they're safe
* SECURITY: os_ abstract is_only_below() in mod_include.c
Are there more? Are they in the bugdb?
Could someone put together a prioritized list? I've finally got my NT
machine at home set up for anoncvs and would like to take a crack at a
few.
Charles
Charles F. Randall
crandall@matchlogic.com
MatchLogic, Inc.