| delorie.com/archives/browse.cgi | search |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sources.redhat.com/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Message-ID: | <403EB543.4C494E15@dessent.net> |
| Date: | Thu, 26 Feb 2004 19:10:59 -0800 |
| From: | Brian Dessent <brian AT dessent DOT net> |
| Organization: | My own little world... |
| MIME-Version: | 1.0 |
| To: | cygwin AT cygwin DOT com |
| Subject: | Re: What happened to mod_php |
| References: | <c1mab6$f2l$1 AT sea DOT gmane DOT org> <Pine DOT GSO DOT 4 DOT 56 DOT 0402262152290 DOT 23353 AT slinky DOT cs DOT nyu DOT edu> |
| X-IsSubscribed: | yes |
| Reply-To: | cygwin AT cygwin DOT com |
Igor Pechtchanski wrote: > now. Both apache and mod_php4 were suffering from multiple > vulnerabilities due to being linked to the old ssl libraries. The > maintainer was rather busy and couldn't update them in a timely manner, so Actually IIRC the vulnerability was part of the core Apache, and had something to do with "..\" being able to traverse paths due to the fact that '\' is not a pathname seperator in unix. But yes, new mod_php packages should be posted soon to go with the fixed 1.3.29 Apache. Brian -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Problem reports: http://cygwin.com/problems.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |