[405] in WWW Security List Archive
Re: CIAC Advisory F-11 Report: Unix NCSA httpd Vulnerability
daemon@ATHENA.MIT.EDU (Rob Hartill)
Thu Feb 16 19:31:58 1995
From: Rob Hartill <hartill@ooo.lanl.gov>
To: www-security@ns2.rutgers.edu
Date: Thu, 16 Feb 95 13:37:26 MST
In-Reply-To: <9502161034.AA06279@void.ncsa.uiuc.edu>; from "Carlos A. Varela" at Feb 16, 95 4:34 am
Reply-To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Hi Carlos,
So you're working in httpd 1.4 eh ?
I posted the following to a couple of places the other day, before
hearing that anyone was working on it at UIUC.
-=-=-=-=
Comments please...
Lots of people have modified NCSA's httpd, but I'm not aware of
any central collection point for distributing these modifications.
Some modifications fix bugs, others add support for new featues,
and some improve efficiency.
First of all, is anyone actively working on the Unix 1.4 version ?
If not, I'd like to propose setting up an archive of patches that
people have applied to their httpd source, so that everyone
can share them.
Maybe if this proposal were to catch on, NCSA httpd could evolve
as a community effort rather than all of us relying on one person
to maintain it.
Last time I looked at the blurb that comes with httpd, I got the
impression that the code could be used and modified without restriction.
I could probably find a FTP home for the archive here at LANL.
-=-=-=-=-=-=-=
So, before I go off wasting my and other's time, can you tell me
what state httpd 1.4 is in, and what timescale has been worked out
for its release.
Are you working alone on it, or is there a group ?.
Any other info on the status of 1.4 would be apprecited.
regaards,
rob
--
Robert Hartill http://nqcd.lanl.gov/~hartill/
Los Alamos National Laboratory Phone: (505) 665 2280
Theoretical Division, T-8, MS B285 Fax: (505) 667 5585
P.O. Box 1663
Los Alamos, NM 87545, U.S.A.
