On 18.09.2007 15:47 William A. Rowe, Jr. wrote:
> Yes, of course. However in the second case, you do not have an inheritable
> file handle. apr_file_dup simply dups the handle in the current process,
> so the patch can't possibly have the desired effect.
>
> There is a real concern; under what conditions would stderr_log not be
> initialized. *therein* lies the bug.
Hmm, I don't understand this, so I cannot say how serious it could be.
My question is: Should I stick with 2.0.59 or upgrade with a patched
2.0.61/2.2.6?
This is a production server and the change log lists quite a few
security fixes for the new versions.
As long as all that could be broken is logging, I think I would like to
upgrade or could the change effect other parts as well (security)?
- Michael
|