On Thu, 2005-02-10 at 17:24 +0000, Richard Barrett wrote: > As an aside, I am not able to: > > 1. identify exactly what the exploit is. > > 2. see why it impacts solely on private archive access via private.py. > > 3. why Apache version is relevant to private.py operates unless the > PATH_INFO environment variable value being set up for the CGI script by > Apache is a result of version-dependent processing done by Apache on > the request URI.
Please, lets not discuss the recipe for the attack on an open mailing list. -- John Dennis <[EMAIL PROTECTED]> _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org
