From a1cc758e2284cdddb2caaa6d1a5fa8a11d861f21 Mon Sep 17 00:00:00 2001 From: Ian Holsman Date: Mon, 27 May 2002 14:00:46 +0000 Subject: [PATCH] remove a vote which was resolved PR: Obtained from: Submitted by: Reviewed by: git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@95308 13f79535-47bb-0310-9956-ffa450edef68 --- STATUS | 20 +------------------- 1 file changed, 1 insertion(+), 19 deletions(-) diff --git a/STATUS b/STATUS index dfe7d7bf6e..af44039f09 100644 --- a/STATUS +++ b/STATUS @@ -1,5 +1,5 @@ APACHE 2.0 STATUS: -*-text-*- -Last modified at [$Date: 2002/05/26 22:28:06 $] +Last modified at [$Date: 2002/05/27 14:00:46 $] Release: @@ -133,24 +133,6 @@ CURRENT VOTES: latest code, let's continue tuning and testing) -0: Lars - * Change the default config so that we add a ServerToken Minimal - to the config. Possibly go one step further and add a option - to just report '2.0' instead of '2.0.x' - +1: IanH, BrianP - -1: Greg, Cliff, Justin - I use the default response all the time to verify that a - module is present and at the proper version. This information - is also very handy for the module surveys, to determine what - modules are out there and in prevalent use (see - securityspace.com; frickin' JServ is still increasing in - numbers!). Security conscious people can change this on their - own, when required. Removing the information doesn't remove - any future vulnerabilities. Assuming that a vulnerability - occurred, I highly doubt that somebody would actually bother - to *test* the version reported in the response before - attempting to use the vulnerability, so trying to hide the - information isn't all that useful. - RELEASE NON-SHOWSTOPPERS BUT WOULD BE REAL NICE TO WRAP THESE UP: * exec cmd and suexec arg-passing enhancements -- 2.40.0