|tag name||v1.1.0 (4f91f8c3518e4b49a28ad88a25dbce38e853b611)|
|tag date||2011-12-05 18:58:56 -0800|
|tagged by||Eric Wong <firstname.lastname@example.org>|
|tagged object||commit a1c4506c01...|
clogger 1.1.0 - more escaping!
This release fixes potential vulnerabilities when escape sequences are viewed in certain terminals. The 0x7F-0xFF byte range is escaped to match behavior of nginx 1.0.9+, as some character sets may have escape characters in that range. $cookie_* values are now escaped to be consistent with the behavior of the $http_cookie value. All users of $cookie_* in their log format must upgrade (of course there may be no Clogger users other than myself, and I don't use $cookie_*)