On 18.09.2007 15:47 William A. Rowe, Jr. wrote: > Yes, of course. However in the second case, you do not have an inheritable > file handle. apr_file_dup simply dups the handle in the current process, > so the patch can't possibly have the desired effect. > > There is a real concern; under what conditions would stderr_log not be > initialized. *therein* lies the bug.
Hmm, I don't understand this, so I cannot say how serious it could be. My question is: Should I stick with 2.0.59 or upgrade with a patched 2.0.61/2.2.6? This is a production server and the change log lists quite a few security fixes for the new versions. As long as all that could be broken is logging, I think I would like to upgrade or could the change effect other parts as well (security)? - Michael
