You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Charles Randall <cr...@matchlogic.com> on 1998/03/26 23:19:26 UTC

Win32 show stoppers for 1.3?

Where's the current list of Win32 show stoppers for Apache 1.3?

>From the 1.3 STATUS message,

	WIN32 1.3 FINAL RELEASE SHOWSTOPPERS:

	    * SECURITY: PR#1203 still needs to be dealt with for WIN32

	    * SECURITY: check if the magic con/aux/nul/etc names do
anything
		really bad

	    * SECURITY: numerous uses of strcpy and strcat have
potential
		for buffer overflow, someone should rewrite or verify
		they're safe

	    * SECURITY: os_ abstract is_only_below() in mod_include.c

Are there more? Are they in the bugdb?

Could someone put together a prioritized list? I've finally got my NT
machine at home set up for anoncvs and would like to take a crack at a
few.

Charles

Charles F. Randall
crandall@matchlogic.com
MatchLogic, Inc.