https://bz.apache.org/bugzilla/show_bug.cgi?id=57584
--- Comment #9 from sebast...@pipping.org --- (In reply to Rich Bowen from comment #8) > I've extended this to [^.]+\.cgi in r1674099 > > Does that address the concern? It should protect against execution of * hidden files and * files with other extensions before the final ".cgi" extension. Doesn't sound too bad. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org For additional commands, e-mail: docs-h...@httpd.apache.org
