Received: by taz.hyperreal.com (8.6.12/8.6.5) id LAA11232; Thu, 4 Jan 1996 11:06:07 -0800 Received: from arachnet.algroup.co.uk by taz.hyperreal.com (8.6.12/8.6.5) with SMTP id LAA11204; Thu, 4 Jan 1996 11:05:43 -0800 Received: from heap.ben.algroup.co.uk by arachnet.algroup.co.uk id aa20444; 4 Jan 96 19:04 GMT Received: from gonzo.ben.algroup.co.uk by heap.ben.algroup.co.uk id aa11801; 4 Jan 96 18:44 GMT Subject: Re: Whither 1.0.2? To: new-httpd@hyperreal.com Date: Thu, 4 Jan 1996 18:45:43 +0000 (GMT) From: Ben Laurie In-Reply-To: from "David Robinson" at Jan 4, 96 06:40:00 pm X-Mailer: ELM [version 2.4 PL24 PGP2] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 2720 Message-ID: <9601041845.aa08489@gonzo.ben.algroup.co.uk> Sender: owner-new-httpd@apache.org Precedence: bulk Reply-To: new-httpd@apache.org > > So what's happened to an updated 1.0? Good question! > > I've created a for_Apache_1.0.1 directory on hyperreal, and moved in all > the patches that weren't considered for 1.0.1. On a note of pedantry, I believe that we decided that the directories would be named for the version they would become, rather than the version the patches apply to. This was to make it easier to deal with branches. So, the directory should be called for_Apache_1.0.2. > > The patches are: > > 63.unixware.patch > From: Chuck Murcko > Subject: UnixWare 2.x patch > Affects: Configuration, rfc931.c > ChangeLog: patch to get Apache compiled on UnixWare 2.x, recommended as > a temporary measure, pending rewrite of rfc931.c > > 64.auth_type.patch > From: drtr@ast.cam.ac.uk (David Robinson) > Subject: Set AUTH_TYPE variable for CGI scripts > Affects: http_protocol.c > ChangeLog: Fix get_basic_auth_pw() to set the auth_type of the request. > > 67.setrlimit_define_for_sunos > From: randy@zyzzyva.com (Randy Terbush) > Effects: conf.h > Problem: past changes to http_config.c to only use the > setrlimit function on systems defining RLIMIT_NOFILE > broke the feature on SUNOS4. The following patch defines > HAVE_RESOURCE for SUNOS and prototypes the needed functions. > > 69a.security.patch > From: drtr@ast.cam.ac.uk (David Robinson) > Subject: Fix possible security holes due to stack overwriting > Affects: http_log.c, http_log.h, http_main.c, mod_cookies.c, mod_include.c, > mod_log_common.c, mod_log_referer.c > ChangeLog: Remove uses of MAX_STRING_LEN/HUGE_STRING_LEN from several > routines. > > 79.negptr.patch > From: Cliff Skolnick > Subject: Fix bad pointer > Affects: mod_negotiation.c > ChangeLog: Fix use of pointer to scratch memory > > 80.cgiheaders.patch > From: drtr@ast.cam.ac.uk (David Robinson) > Subject: Read multiple headers from CGI script > Affects: util_script.c > ChangeLog: Merge multiple headers from CGI script instead of taking last one > > Are there any other bug fixes that should be considered for 1.0.2? > I suggest that we start thinking about voting on these next week. There were several which didn't make it into 1.0.1 for lack of votes, or even lack of consideration. I think they should be resubmitted for 1.0.2. If they haven't been already, that is. > David. Cheers, Ben. -- Ben Laurie Phone: +44 (181) 994 6435 Freelance Consultant Fax: +44 (181) 994 6472 and Technical Director Email: ben@algroup.co.uk A.L. Digital Ltd, URL: http://www.algroup.co.uk London, England.