Fred Moyer wrote: > Geoffrey Young wrote: > >> Fred Moyer wrote: >> >>> Philip gave a +1 here - >>> http://marc.info/?l=apache-modperl&m=117462227916610&w=2 >>> >>> I think I need another +1, right? >> >> >> I'll work on it now. this needs tests, though. definitely in mp2, and >> in mp1 if we can figure it out :) > > > Ok I will add tests for this. Sorry if I jumped the gun with the patch > - was concerned that we were in some danger here, but reading through > threads this morning I realize that those concerns may have been premature.
nope, you're good. I've figured out that nothing we ship as a real handler in mp2 is affected, and you can see why if you trace the cooker code back. if you want to whip up a test for a custom cooker module feel free, but I think we're ok. I'll commit the test I have that doesn't break but exercises the security breach. in light of this, I don't think we need to force our a mp2 release. but I'll RM a mp1 release now. --Geoff --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
