From owner-freebsd-security  Thu Nov 26 11:58:18 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id LAA29189
          for freebsd-security-outgoing; Thu, 26 Nov 1998 11:58:18 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from lambic.physics.montana.edu (lambic.physics.montana.edu [153.90.192.128])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA29183
          for <freebsd-security@FreeBSD.ORG>; Thu, 26 Nov 1998 11:58:17 -0800 (PST)
          (envelope-from handy@lambic.physics.montana.edu)
Received: from localhost (handy@localhost)
	by lambic.physics.montana.edu (8.8.8/8.8.7) with ESMTP id MAA12995;
	Thu, 26 Nov 1998 12:57:40 -0700 (MST)
	(envelope-from handy@lambic.physics.montana.edu)
Date: Thu, 26 Nov 1998 12:57:40 -0700 (MST)
From: Brian Handy <handy@lambic.physics.montana.edu>
To: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE>
cc: Sheldon Hearn <axl@iafrica.com>, freebsd-security@FreeBSD.ORG
Subject: Re: cgi-bin/phf* security hole in apache
In-Reply-To: <19981126190545.A26062@gil.physik.rwth-aachen.de>
Message-ID: <Pine.BSF.4.05.9811261257040.12975-100000@lambic.physics.montana.edu>
X-files: The truth is out there
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

>> > Could someone explain the effect of the 'phf*' security hole
>> > (severeness) in earlier apache versions?
>> 
>> See the Apache FAQ, question 8.
>
>Excuse me, if you already are that precise, what apache FAQ are you refering?
>The 'offical' one on their web page carries
>
>"8. Whom do I contact for support?"

How about:

http://bugs.apache.org/index/full/1605

(I wondered this once before.  Apache's search engine on their site works
pretty well.)


Brian


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message