httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@covalent.net>
Subject Re: [PATCH] lets do 1.2.5
Date Sun, 04 Jan 1998 21:06:31 GMT
On Sun, Jan 04, 1998 at 01:31:47PM -0700, Marc Slemko wrote:
> NOTE: please do not redistribute the below information.  I fully
> support the concept of full disclosure, but let us get a release out
> without all sorts of rumors starting to fly before it.  Thanks.
> 
> The below patch addresses several security problems in the Apache
> code that Dean and I have found.  The below changes has been discussed
> privately with most of the primary developers.
> 
> Once we get some votes on this (the patch and the suggested process), it
> will be committed soon and a tarball rolled.  After a day or so to test,
> it will be released as early in the week as we can reasonably manage.  The
> idea is move very quickly getting this voted on, committed and the tarball
> rolled, then give a bit of time to verify things before it goes out.
> 
> I am writing a security announcement to go with it, guess I may as well
> do the 1.2.5 announcement as well.  Brian, can you please add marcs@znep.com
> to those who can post to apache-announce.  
> 
> I need a volunteer to roll the tarball when we are ready.

+1

I'll roll the tarball when we have the votes.



Mime
View raw message