On 21 Mar 2002 [EMAIL PROTECTED] wrote: > + This version of Apache is principally a security and bug fix release. > + A summary of the bug fixes and major new features is given at the end > + of this document. Of particular note is that 1.3.24 addresses and > + fixes the issues noted in CAN-2002-0061 (mitre.org) regarding escaping > + of command line args on Win32. We would like to thank Ory Segal > + <[EMAIL PROTECTED]> for discovering and reporting the > + vulnerability.
In hindsight, it would have been nice if we had credited Owen Cliffe <[EMAIL PROTECTED]> with reporting the mod_include issue somewhere CHANGES? Announcement?. Too late I guess. :( -------------------------------------------------------------- Cliff Woolley [EMAIL PROTECTED] Charlottesville, VA
