httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "MATHIHALLI,MADHUSUDAN (HP-Cupertino,ex1)" <madhusudan_mathiha...@hp.com>
Subject RE: cvs commit: httpd-2.0 acinclude.m4
Date Fri, 09 Aug 2002 22:37:53 GMT
-----Original Message-----
From: Roy T. Fielding [mailto:fielding@apache.org]
Sent: Friday, August 09, 2002 3:03 PM

>-1.  Please revert the change.  The purpose of the check is to identify
>incompatible APIs, not security holes.

should apache be allowed to be built against a version of OpenSSL that has a
known problem - I don't think so. But if everybody thinks against - then, so
be it.

Also, as per your argument, I'd question the validity of the following
checks in acinclude.m4. Does it make sense to eliminate them ??.
OpenSSL "[[1-9]]* 
OpenSSL "0.[[1-9]][[0-9]]*

Thanks,
-Madhu

Mime
View raw message