diff options
author | Daniel Stenberg <daniel@haxx.se> | 2003-08-03 21:33:25 +0000 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2003-08-03 21:33:25 +0000 |
commit | 296046510bc213090ea9e69a7314abb79f4d792e (patch) | |
tree | 25e49e6e2f3e0fb5970a40d816edec661162e734 /CHANGES | |
parent | db9f87f697c86cdeca4e6da9f8baabb8246b2d0e (diff) |
serios info leakage!
Diffstat (limited to 'CHANGES')
-rw-r--r-- | CHANGES | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -6,6 +6,14 @@ Changelog +Daniel (3 August) +- When proxy authentication is used in a CONNECT request (as used for all SSL + connects and otherwise enforced tunnel-thru-proxy requests), the same + authentication header is also wrongly sent to the remote host. + + This is a rather significant info leak. I've fixed it now and mailed a patch + and warning to the mailing lists. + Daniel (1 August) - David Byron provided a patch to make 7.10.6 build correctly with the compressed hugehelp.c source file. |