You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by "Jeffrey W. Baker" <jw...@acm.org> on 2000/09/02 00:47:47 UTC
Announce: Apache::Session 1.53
Apache::Session 1.53 has been released. Fixed in this release:
* Three bugs in the file handling code found by Erik Rantapaa and Bart
Shaefer.
* A possible security vulnerability involving bogus session IDs like
'../../../../../etc/passwd'. Don't worry, I wasn't able to actually think
of an exploit, but I put in sanity checks on the session IDs just in case.
Have fun,
Jeffrey Baker