K 10
svn:author
V 6
olgeni
K 8
svn:date
V 27
2012-06-25T01:10:44.000000Z
K 7
svn:log
V 569
Upgrade to version 1.93, which contains a security fix among other changes.

From Erlyaws-list:

"Use crypto:rand_bytes() instead of the cryptographically weak random
module. Swedish security consultant and cryptographer Kalle
Zetterlund discovered a way to - given a sequence of cookies produced
by yaws_session_server - predict the next session id. Thus providing
a gaping security hole into yaws servers that use the yaws_session_server
to maintain cookie based HTTP sessions (klacke/kallez)"

PR:		ports/169363
Submitted by:	Kenji Rikitake <kenji.rikitake@acm.org>

END