[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS: cvs.openbsd.org: src

To: source-changes_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org
Subject: CVS: cvs.openbsd.org: src
From: Brad Smith <brad_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org>
Date: Wed, 9 Jun 2004 20:09:05 -0600 (MDT)

CVSROOT:	/cvs
Module name:	src
Changes by:	brad_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org	2004/06/09 20:09:05

Modified files:
	usr.sbin/httpd/src/include: Tag: OPENBSD_3_5 httpd.h 
	usr.sbin/httpd/src/main: Tag: OPENBSD_3_5 http_log.c util.c 

Log message:
MFC:
Fix by brad@

Apache does not filter terminal escape sequences from its error logs, which
could make it easier for attackers to insert those sequences into terminal
emulators containing vulnerabilities related to escape sequences.

CAN-2003-0020

Prev by Date: CVS: cvs.openbsd.org: src
Next by Date: CVS: cvs.openbsd.org: www
Previous by thread: CVS: cvs.openbsd.org: src
Next by thread: CVS: cvs.openbsd.org: src
Index(es):
- Date
- Thread

Visit your host, monkey.org