You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Brian Behlendorf <br...@organic.com> on 1996/04/20 00:17:48 UTC

1.0.5 (Re: IMPORTANT Apache 1.0.4 _still vulnerable_ !?! (fwd))

On Fri, 19 Apr 1996, Chuck Murcko wrote:
> Permissions on CHANGES don't allow me to change it. 8^( Here they are:
> 
> Changes with Apache 1.0.4
> 
>   *) util.c in src fixed to escape newlines on shell commands
>      [Ben Laurie]
> 
>   *) util.c in cgi-src fixed to escape newlines on shell commands
>      [Ben Laurie]

According to the web and ftp logs, approximately 150 downloads of 1.0.4 went
out, including possibly a mirror or two, so I think to be honest to the
community we will have to call this 1.0.5. 

I'll be happy to do this, and write up the explanation.

	Brian

--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com  |  We're hiring!  http://www.organic.com/Home/Info/Jobs/

1.0.5 (Re: ** IMPORTANT ** Apache 1.0.4 _still vulnerable_ !?! (fwd))

1.0.5 (Re: IMPORTANT Apache 1.0.4 _still vulnerable_ !?! (fwd))