Received: by taz.hyperreal.com (8.6.12/8.6.5) id QAA01115;
 Mon, 15 Jul 1996 16:21:07 -0700
Received: from acidik.organic.com by taz.hyperreal.com (8.6.12/8.6.5) with
 ESMTP id QAA01105; Mon, 15 Jul 1996 16:21:05 -0700
Received: from localhost (akosut@localhost) by acidik.organic.com
 (8.7.5/8.6.12) with SMTP id QAA08329 for <new-httpd@hyperreal.com>;
 Mon, 15 Jul 1996 16:20:47 -0700 (PDT)
X-Authentication-Warning: acidik.organic.com: akosut owned process doing -bs
Date: Mon, 15 Jul 1996 16:20:45 -0700 (PDT)
From: Alexei Kosut <akosut@organic.com>
To: new-httpd@hyperreal.com
Subject: Re: security holes and other fun stuff
In-Reply-To: <199607152316.QAA22309@atropos.c2.org>
Message-ID: <Pine.SOL.3.93.960715161924.8327A-100000@acidik.organic.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-new-httpd@apache.org
Precedence: bulk
Reply-To: new-httpd@hyperreal.com

On Mon, 15 Jul 1996, sameer wrote:

> 	Would you suggest using this to workaround the port-number
> virtual host bug I found? I am really edgy about doing a release of

No. This shouldn't affect that.

> apache-ssl-us with the patch I posted because I'm not familiar with
> the code and I'm pretty sure my patch doesn't really fix things in the
> right way.

To be honest, I can't see how your patch does *anything* different than
the current code; near as I can tell, it'll do exactly the same thing,
except it will cause a seg fault on some systems. Maybe I missed
something.

-- Alexei Kosut <akosut@organic.com>            The Apache HTTP Server 
   http://www.nueva.pvt.k12.ca.us/~akosut/      http://www.apache.org/