* SECURITY first and remove BOM.

author Ruediger Pluem <rpluem@apache.org>

Mon, 20 Jul 2009 13:48:42 +0000 (13:48 +0000)

committer Ruediger Pluem <rpluem@apache.org>

Mon, 20 Jul 2009 13:48:42 +0000 (13:48 +0000)
author Ruediger Pluem <rpluem@apache.org>
Mon, 20 Jul 2009 13:48:42 +0000 (13:48 +0000)
committer Ruediger Pluem <rpluem@apache.org>
Mon, 20 Jul 2009 13:48:42 +0000 (13:48 +0000)
diff --git a/CHANGES b/CHANGES

index c9c5c7cd99d16a2fe05ed5f6370499406496884f..c6a4d034ebc5cbda81623591891d038d587263cc 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,9 +1,6 @@
-                                                         -*- coding: utf-8 -*-
+                                                         -*- coding: utf-8 -*-
  Changes with Apache 2.2.12
  
-  *) mod_include: fix potential segfault when handling back references
-     on an empty SSI variable. [Ruediger Pluem, Lars Eilebrecht, Nick Kew]
-
    *) SECURITY: CVE-2009-1891 (cve.mitre.org)
       Fix a potential Denial-of-Service attack against mod_deflate or other 
       modules, by forcing the server to consume CPU time in compressing a 
@@ -30,6 +27,9 @@ Changes with Apache 2.2.12
       different security issues which may affect particular configurations
       and third-party modules.
  
+  *) mod_include: fix potential segfault when handling back references
+     on an empty SSI variable. [Ruediger Pluem, Lars Eilebrecht, Nick Kew]
+
    *) mod_alias: check sanity in Redirect arguments.
       PR 44729 [Sönke Tesch <st kino-fahrplan.de>, Jim Jagielski]
author	Ruediger Pluem <rpluem@apache.org>
	Mon, 20 Jul 2009 13:48:42 +0000 (13:48 +0000)
committer	Ruediger Pluem <rpluem@apache.org>
	Mon, 20 Jul 2009 13:48:42 +0000 (13:48 +0000)