> On 29 Aug 2018, at 16:08, William Kimball Jr. <wwapa...@kimballstuff.com> 
> wrote:
> Speaking of suggestions, may I please suggest closing a glaring security hole 
> in apr_dbd_mysql, per https://bz.apache.org/bugzilla/show_bug.cgi?id=62342? I 
> have provided diffs for 1.5 -- because my organization uses RHEL 7, which 
> uses APR 1.5 -- and 2.0 -- because someone on this list instructed me to do 
> so.  I'm happy to do the same for 1.6.

Thanks, that looks as if it makes sense.

Currently we're looking at an APR-1.6 release ASAP.  Not APR-UTIL, which is 
an apr_dbd patch applies, so this isn't of immediate concern.  But yes, it 
looks like
something we should patch for future releases.

Nick Kew

Reply via email to