[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVS: cvs.openbsd.org: src



CVSROOT:	/cvs
Module name:	src
Changes by:	brad_(_at_)_cvs_(_dot_)_openbsd_(_dot_)_org	2004/06/09 21:55:18

Modified files:
	usr.sbin/httpd/src/include: Tag: OPENBSD_3_4 httpd.h 
	usr.sbin/httpd/src/main: Tag: OPENBSD_3_4 http_log.c util.c 

Log message:
MFC:
Fix by brad@

Apache does not filter terminal escape sequences from its error logs, which
could make it easier for attackers to insert those sequences into terminal
emulators containing vulnerabilities related to escape sequences.

CAN-2003-0020