httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe, Jr." <>
Subject Re: 2.1.5 available for testing
Date Mon, 20 Jun 2005 04:59:34 GMT
At 03:07 PM 6/17/2005, William A. Rowe, Jr. wrote:
>-1 on Win32, caddr_t isn't sufficiently portable (fix committed).

Correction, -1 on all platforms.

jfclere just committed a significant patch to the T-E override
of the C-L passed to us, as part of the Watchfire vulnerability
fixes.  It seems very irresponsible to release any flavor (alpha,
beta, nadda) with a known vuln, when we've committed a fix already.

Also, possibly across platforms is a fault in ssl_engine_init,
where the host->protocol is still NULL, and we are trying to
strcmp it to 'https'.  I spent part of my weekend trying to
grok what change has broken this, but strcmp to NULL is popping
a segfault.  Not worthy of rejecting 2.1.5 on it's own, this is
still a minor irritation.  FYI - mod_ssl was loaded without SSL
being defined, so no ssl host actually exists.


View raw message