httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aram Mirzadeh <...@qosina.com>
Subject Re: 1.2b1 status
Date Thu, 28 Nov 1996 05:30:13 GMT
Brian Behlendorf said:
> 
> On Wed, 27 Nov 1996, Alexei Kosut wrote:
> > On Wed, 27 Nov 1996, Rob Hartill wrote:
> > 
> > > 	Security hole: [Brian] - Directory contents can be displayed
> > > 	when a index.html file is supposed to be 'protecting' the directory
> > > 	from view, this is due to a problem with negotiation/Multiviews/mod_dir
> > > 	when the client doesn't accept text/html.
> > > 	(Brian says this is a 1.2 showstopper (he didn't say 1.2b1)
> > 
> > I think it's a 1.2b1 showstopper. At any rate, I've enclosed a
> > fix. 
> 
> The patch works great.  Once again Alexei steps in to save the day.  :)  I +1
> it.  If someone else wants to +1 it just as a sanity check, it can go in, and I
> don't see a reason to not release a 1.2b1 tarball on schedule. 

+1  works for me as well. 

<Aram>
-- 
                                        | Aram Mirzadeh
I'm not under the alkafluence of inkahol| MIS Manager
that some thinkle peep I am.            | Qosina Corp.
It's just the drunker I sit here the    | http://www.qosina.com/~awm/
longer I get.                           | awm@qosina.com
                			| Apache httpd - awm@hyperreal.com
	   -- PGP Key http://www.qosina.com/~awm/pgpkey.html --
	  -- BE 49 9D F6 2A A7 22 FC  02 E9 1E 3D F7 0C 67 A0 --


Mime
View raw message