You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by "William A. Rowe, Jr." <wr...@covalent.net> on 2001/05/10 06:10:25 UTC

Re: cvs commit: apache-1.3/src/os/os2 util_os2.c

> wrowe       01/05/09 21:07:58
> 
>   Modified:    .        STATUS
>                src      CHANGES
>                src/os/win32 util_win32.c
>                src/os/os2 util_os2.c
>   Log:
>     *) Correct a vulnerability in the Win32 and OS2 ports, by which a
>        client submitting a carefully constructed URI could cause a GP
>        (segment) fault in the child process, which would have to be
>        cleared by the operator to resume operation.  This vulnerability
>        introduced no identified means to comprimize the server's data.
>        Reported by Auriemma Luigi <ka...@genie.it>.
>        [William Rowe, Brian Harvard]
>   
>   PR:  7522
>   
>   Revision  Changes    Path
>   1.936     +12 -19    apache-1.3/STATUS
>   
>   -   1.3.20-dev: Current version.
>   +   1.3.20: In development - security exploit demands a release ASAP.
>   +           Will offers to RM, tag and roll 5/10 9:00pm PST.

Can I have a few +1's on tagging and rolling?

Re: cvs commit: apache-1.3/src/os/os2 util_os2.c

Posted by "William A. Rowe, Jr." <li...@rowe-clan.net>.

From: "Jeff Trawick" <tr...@bellsouth.net>
Sent: Thursday, May 10, 2001 6:57 AM


> > Can I have a few +1's on tagging and rolling?
> 
> if I was sure I'd find time to play with 1.3 on Solaris, AIX, OS/390,
> and Tru64 today (5/10) to see about the *printf() changes...

Gotcha... keep us posted

> Has anyone played with HEAD on any of those platforms?

???  Come on folks, save this man some builds :-)

> Linux and FreeBSD are building fine, but I guess that is to be
> expected...

undoubtedly :-)

> (checking out 1.3 on Tru64 now)

thanks!

Re: cvs commit: apache-1.3/src/os/os2 util_os2.c

Posted by Jeff Trawick <tr...@bellsouth.net>.

"William A. Rowe, Jr." <wr...@covalent.net> writes:

> > wrowe       01/05/09 21:07:58
> > 
> >   Modified:    .        STATUS
> >                src      CHANGES
> >                src/os/win32 util_win32.c
> >                src/os/os2 util_os2.c
> >   Log:
> >     *) Correct a vulnerability in the Win32 and OS2 ports, by which a
> >        client submitting a carefully constructed URI could cause a GP
> >        (segment) fault in the child process, which would have to be
> >        cleared by the operator to resume operation.  This vulnerability
> >        introduced no identified means to comprimize the server's data.
> >        Reported by Auriemma Luigi <ka...@genie.it>.
> >        [William Rowe, Brian Harvard]
> >   
> >   PR:  7522
> >   
> >   Revision  Changes    Path
> >   1.936     +12 -19    apache-1.3/STATUS
> >   
> >   -   1.3.20-dev: Current version.
> >   +   1.3.20: In development - security exploit demands a release ASAP.
> >   +           Will offers to RM, tag and roll 5/10 9:00pm PST.
> 
> Can I have a few +1's on tagging and rolling?

if I was sure I'd find time to play with 1.3 on Solaris, AIX, OS/390,
and Tru64 today (5/10) to see about the *printf() changes...

Has anyone played with HEAD on any of those platforms?

Linux and FreeBSD are building fine, but I guess that is to be
expected...

(checking out 1.3 on Tru64 now)
-- 
Jeff Trawick | trawickj@bellsouth.net | PGP public key at web site:
       http://www.geocities.com/SiliconValley/Park/9289/
             Born in Roswell... married an alien...