Hi, On Fri, 31 May 2002, Cliff Woolley wrote:
> On Fri, 31 May 2002, Geoff Thorpe wrote: > > > oh yeah, there's also that security problem with modssl that I mentioned > > ages ago - AFAIK this still hasn't been changed in modssl and *may* not > > yet have changed in apache 2.0 either. Ralf or David, please correct me > > if I'm wrong; > > http://marc.theaimsgroup.com/?l=apache-modssl&m=99717585106420&w=2 > > This was fixed in 2.0 as of 2.0.25 but is not yet fixed in 1.3's modssl. Ah, thanks for the update on that. I mentioned this problem a couple of times *ages* ago, including private mail to Ralf, but it seemed very few people seemed to regard it as "an issue". I'm glad Apache 2.0 has taken it seriously. Ralf, would it be possible to get it similarly incorporated into the 1.3.* tree? Please? Cheers, Geoff -- Geoff Thorpe, geoff(at)geoffthorpe(dot)net 2000 years on, it's a different empire but the same zealots and the same attrocities. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]