You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@httpd.apache.org by Brian Behlendorf <br...@organic.com> on 1996/04/20 00:17:48 UTC
1.0.5 (Re: ** IMPORTANT ** Apache 1.0.4 _still vulnerable_ !?! (fwd))
On Fri, 19 Apr 1996, Chuck Murcko wrote:
> Permissions on CHANGES don't allow me to change it. 8^( Here they are:
>
> Changes with Apache 1.0.4
>
> *) util.c in src fixed to escape newlines on shell commands
> [Ben Laurie]
>
> *) util.c in cgi-src fixed to escape newlines on shell commands
> [Ben Laurie]
According to the web and ftp logs, approximately 150 downloads of 1.0.4 went
out, including possibly a mirror or two, so I think to be honest to the
community we will have to call this 1.0.5.
I'll be happy to do this, and write up the explanation.
Brian
--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--
brian@organic.com | We're hiring! http://www.organic.com/Home/Info/Jobs/