httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From stodd...@apache.org
Subject cvs commit: httpd-2.0/include http_log.h
Date Tue, 30 Jul 2002 18:14:47 GMT
stoddard    2002/07/30 11:14:47

  Modified:    include  http_log.h
  Log:
  Fix the PATH exposure security problem I thought I fixed in 2.0.36.
  
  Revision  Changes    Path
  1.40      +1 -1      httpd-2.0/include/http_log.h
  
  Index: http_log.h
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/include/http_log.h,v
  retrieving revision 1.39
  retrieving revision 1.40
  diff -u -r1.39 -r1.40
  --- http_log.h	11 Jul 2002 06:14:30 -0000	1.39
  +++ http_log.h	30 Jul 2002 18:14:47 -0000	1.40
  @@ -119,7 +119,7 @@
    * Note: Client generated text streams sent back to the client MUST 
    * be escaped to prevent CSS attacks.
    */
  -#define APLOG_TOCLIENT          (APLOG_LEVELMASK + 2)
  +#define APLOG_TOCLIENT          ((APLOG_LEVELMASK + 1) * 2)
   
   /* normal but significant condition on startup, usually printed to stderr */
   #define APLOG_STARTUP           ((APLOG_LEVELMASK + 1) * 4) 
  
  
  

Mime
View raw message