This patch comes from the ht://Dig maintainers, and fixes a possible

security vulnerability. Quoting from their e-mail announcement:

	There is a security vulnerability in all versions of
	htsearch between 3.1.0b2 and 3.1.5 . . . The hole can
	allow a remote user to pick a file on your system for
	the config file that the UID running the webserver
	can read.

With a default ports install the httpd user should be nobody, which
makes the vulnerability small.

0 files changed, 0 insertions, 0 deletions