httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <wr...@rowe-clan.net>
Subject Re: cvs commit: httpd-2.0 acinclude.m4
Date Sat, 10 Aug 2002 04:54:59 GMT
At 08:31 PM 8/9/2002, Roy T. Fielding wrote:
>>Cool. I believe something is better than nothing :).
>>
>>(I'm sure you're already aware of this - but thought it'd be better to let
>>you know)
>>I believe my patch went into r1.127 - and has been labelled for the 2.0.40
>>release. So, you might want to bump the label before it's released.
>
>It has already been released.  And where did the three +1 come from
>anyway?  That is still required on the tarball (not the tag) before
>the announcement is supposed to go out, even for security releases.

You are absolutely correct.  Consider this my publicly recorded +1.

>2.0.40 will fail to compile for future releases of OpenSSL 0.9.x
>except for those that also happen to end in e-z or are specifically
>asked for via the --with-ssl=DIR option in configure.
>Maybe that could go on the "known bugs" page.

Right on the README.html page of /dist/httpd/ would be a good start.

>I have no idea why the patch was applied just prior to the tag.

Must have been some security conscious over-eager attempt to
deliver secure code, in spite of third party libraries.

After cutting them [Madhu/Sander] much slack, I'll agree I really
like your approach much better.  Thanks for the rational compromise
patch, Roy.

Bill



Mime
View raw message