clogger RubyGem user+dev discussion/patches/pulls/bugs/help
 help / color / mirror / code / Atom feed
* [ANN] clogger 1.1.0 - more escaping!
@ 2011-12-06  3:02 Eric Wong
  0 siblings, 0 replies; only message in thread
From: Eric Wong @ 2011-12-06  3:02 UTC (permalink / raw)
  To: clogger

Changes:

This release fixes potential vulnerabilities when escape
sequences are viewed in certain terminals.

The 0x7F-0xFF byte range is escaped to match behavior of nginx
1.0.9+, as some character sets may have escape characters in
that range.

$cookie_* values are now escaped to be consistent with the
behavior of the $http_cookie value.  All users of $cookie_* in
their log format must upgrade (of course there may be no
Clogger users other than myself, and I don't use $cookie_*)

* http://clogger.rubyforge.org/
* clogger@librelist.org
* git://bogomips.org/clogger.git
* http://clogger.rubyforge.org/NEWS.atom.xml


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2011-12-06  3:03 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-12-06  3:02 [ANN] clogger 1.1.0 - more escaping! Eric Wong

Code repositories for project(s) associated with this inbox:

	../../../clogger.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).