At 08:31 PM 8/9/2002, Roy T. Fielding wrote: >>Cool. I believe something is better than nothing :). >> >>(I'm sure you're already aware of this - but thought it'd be better to let >>you know) >>I believe my patch went into r1.127 - and has been labelled for the 2.0.40 >>release. So, you might want to bump the label before it's released. > >It has already been released. And where did the three +1 come from >anyway? That is still required on the tarball (not the tag) before >the announcement is supposed to go out, even for security releases.
You are absolutely correct. Consider this my publicly recorded +1. >2.0.40 will fail to compile for future releases of OpenSSL 0.9.x >except for those that also happen to end in e-z or are specifically >asked for via the --with-ssl=DIR option in configure. >Maybe that could go on the "known bugs" page. Right on the README.html page of /dist/httpd/ would be a good start. >I have no idea why the patch was applied just prior to the tag. Must have been some security conscious over-eager attempt to deliver secure code, in spite of third party libraries. After cutting them [Madhu/Sander] much slack, I'll agree I really like your approach much better. Thanks for the rational compromise patch, Roy. Bill
