Has anyone added anything into the client library along the lines of the
suggestion made in
http://cert.uni-stuttgart.de/advisories/apache_auth.php
I have just upgraded to 7.1.3 on RH7.1, I wasn't going to bother with the
source. But we do use our database for authentication and consequently are
vulnerable.
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Glen and Rosanne Eustace,
GodZone Internet Services, a division of AGRE Enterprises Ltd.,
P.O. Box 8020, Palmerston North, New Zealand 5301
Ph/Fax: +64 6 357 8168, Mob: +64 21 424 015