[nycbug-talk] Fwd: no more apache updates

G.Rosamond george
Tue Jun 22 00:18:42 EDT 2004

and the response. . . .sorry if the language insults anyone. . .


Begin forwarded message:

> From: Henning Brauer <lists-openbsd at bsws.de>
> Date: June 21, 2004 9:56:45 PM EDT
> To: lars at apache.org
> Cc: misc at openbsd.org
> Subject: Re: no more apache updates
> * Lars Eilebrecht <lars at apache.org> [2004-06-21 18:30]:
>> The Apache HTTP server security team is not aware of any pending
>> patches/fixes for a security vulnerability (or other bug) in Apache
>> proposed by the OpenBSD team.
> Oh gimme a break.
> This has all been mailed to you guys.
> One of the keywords is ETag, another one is chroot.
> And we have quite a few fixes in mod_ssl.
> There's more. I am too lazy too look it all up again. The diff between
> httpd in our tree and the same versioned apache from you guys was about
> 4000 lines last time I checked.
> Not that it matters any more.
>> We really don't have any information about "a number of serious 
>> security
>> problems in Apache". Please accept our apologies should we have 
>> missed a
>> particular email or report from someone from the OpenBSD team, but
>> the most recent report submitted to our security list dates
>> back to Febrary 2003.
> look, when you mail countless security fixes and nobopdy cares because
> it cannot be ported to Netware, do you continue wasting your time doing
> so?
> Not that it matters any more.
> Thank you for fucking up the license and thus stealing a fair share of
> my hacking time that I have to waste on fixing your bugs now without
> using your code.

More information about the talk mailing list