jkew wrote: > Mark Thomas wrote: >> William L. Thomson Jr. wrote: >> >>> I take it down streams should run with the first patches to work around >>> this vulnerability till next release. I already applied the one liner, >>> kinda glad I did not apply the other last night ;) Please advise, >>> thanks. >>> >> >> You need a version of the second patch for a complete fix. If you want >> logging - apply my version, if you don't - apply Remy's. Both fix the >> problem, just in slightly different ways. >> >> > > I've been using Mark's patch, which I personally prefer right now. I'll > experiment with Remy's patch on Monday, but I have a slightly tangential > question: > > Q. Where should I put, and how should I build a unit test for the webdav > issue? I noticed that Jean-Frederic created a great unit test within > /test for the cookie issue, but I don't believe his patch was ever > committed. Is there a formal unit test framework for these issues?
No yet but I think we should have tests for nearly everything. Cheers Jean-Frederic > > My existing test for the webdav issue is just a war file, but I'd like > something semi-permanent and manageable. I'm a little ignorant of of the > history here, so forgive me if I'm a little lost. >> We'll have to wait and see which way the voting goes for which patch >> gets incorporated into the code base. >> >> Mark >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
