ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pannese_Don...@emc.com
Subject RE: XML-RPC security question and Apache implementation
Date Tue, 02 May 2006 22:17:38 GMT
Really? That is strange because when you go to
http://classic.helma.at/hannes/xmlrpc/ which is the old site of the helma
release it points you to the Apache site because Apache adopted the Helma
code.

So why is the software I point to totally different? Is it not the software
that Apache adopted (and modified later)?

-Don 

-----Original Message-----
From: Georg Sauer-Limbach [mailto:gsl@gslweb.de] 
Sent: Tuesday, May 02, 2006 5:38 PM
To: xmlrpc-user@ws.apache.org
Subject: Re: XML-RPC security question and Apache implementation

Pannese_Donald@emc.com wrote:
> So I was just wondering
> if the Apache implementation patched this problem.
> 
> http://xmlrpc-c.sourceforge.net/hacks/helma-xmlrpc-introspection.diff

This software you are pointing to is totally different from
Apache's XML-RPC implementation. The bugs and security wholes
were in that other software, not in Apache XML-RPC.

Georg

Mime
View raw message