On Tue, Mar 12, 2002 at 12:14:14AM -0800, Justin Erenkrantz wrote: > On Mon, Mar 11, 2002 at 08:28:11PM -0500, Jeff Trawick wrote: > > "Ryan Bloom" <[EMAIL PROTECTED]> writes: > > > > > We should probably do something about this, but I'm not sure what. > > > > I thought the zlib vulnerability was in the decompress path. > > mod_deflate doesn't decompress. > > Yup. Adler mentioned here on-list that there was a memory leak > when using the decompression routines. I'm wondering if that has > something to do with this vulnerability. > > But, yes, I'd say mod_deflate wouldn't be affected unless/until > we add input-filtering support. (I think SVN might like this > at some point.) -- justin
Yessir! It would help whenever a new file is added. Regular commits, though, are sent as small patches, so the to-server direction is usually pretty light, bandwidth-wise. Cheers, -g -- Greg Stein, http://www.lyra.org/
