Module Name: src Committed By: leot Date: Sat Dec 15 12:39:22 UTC 2018
Modified Files:
src/libexec/httpd: bozohttpd.c
Log Message:
Avoid .htpasswd exposure to authenticated users when .htpasswd is
in the slashdir too.
Problem reported by JP via tech-security@ and discussed with <mrg>, thanks!
To generate a diff of this commit:
cvs rdiff -u -r1.104 -r1.105 src/libexec/httpd/bozohttpd.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
