httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Orton <jor...@redhat.com>
Subject Re: CVE-2003-1418 - still affects apache 2 current
Date Thu, 01 Sep 2011 14:45:43 GMT
On Thu, Sep 01, 2011 at 02:39:11PM +0200, Marcus Meissner wrote:
> Hi,
> 
> CVE-2003-1418, a minor security issue, is still affecting the current codebase.
> 
> someone opened a tracker bug a year ago without feedback:
> https://issues.apache.org/bugzilla/show_bug.cgi?id=49623
> 
> Do you have a statement?

Use "FileETag -INode" if you care about leaking inode numbers.

I think there was consensus that the default should be changed to that, 
but I can't find the discussion.

Regards, Joe

Mime
View raw message