-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Pekka Savola wrote: | On Sun, 28 Nov 2004, Dominic Hargreaves wrote: | |> httpd - http://bugzilla.fedora.us/show_bug.cgi?id=2148 |> Needs VERIFY [rh73] | | | This has been superceded. There's a new bug out there allowing local | code execution through SSI parsing, and I guess this update should | include that as well... |
Is there some kind of policy on when an update gets merged in with another? If this continues to happen it can *really* delay the previous fixes. Bug 2148 has been open since 11th October, which means there has been nearly 2 months with webservers running an insecure httpd.
- -- Mark Scott CSUK Solutions Technical Team Tel: +44 (0)845 6444 185 Email: mark.scott@xxxxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFBqu0Bl2I0fYrP+68RAr/cAJ9GJTMRAgYEhtshyEKUwDsLZr02sACgjN52 gSfMxxw4FQL+XDPbd9ythTo= =ky/5 -----END PGP SIGNATURE-----
-- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
