Update CHANGES

author Randy Terbush <randy@apache.org>

Sun, 12 Jan 1997 00:51:19 +0000 (00:51 +0000)

committer Randy Terbush <randy@apache.org>

Sun, 12 Jan 1997 00:51:19 +0000 (00:51 +0000)
author Randy Terbush <randy@apache.org>
Sun, 12 Jan 1997 00:51:19 +0000 (00:51 +0000)
committer Randy Terbush <randy@apache.org>
Sun, 12 Jan 1997 00:51:19 +0000 (00:51 +0000)
diff --git a/RELEASE_1_1_X/src/CHANGES b/RELEASE_1_1_X/src/CHANGES

index 1b2e030195bed9c603563a6580a8e553098df069..a030d6be80770c903e958540f3046e2121097aa6 100644 (file)
--- a/RELEASE_1_1_X/src/CHANGES
+++ b/RELEASE_1_1_X/src/CHANGES
@@ -1,3 +1,13 @@
+Changes with Apache 1.1.2:
+
+  *) Fix a buffer overflow problem in mod_cookies. Without these
+     changes, it is possible to gain unauthorized user privledges
+     on systems running with mod_cookies compiled into the server.
+
+  *) Fix another problem that could give a directory listing of
+     the document root if the request recieved is long enough to
+     force an error by the stat() function.
+
  Changes with Apache 1.1.1:
  
    *) Fixed bug where Redirect in .htaccess files would cause memory
author	Randy Terbush <randy@apache.org>
	Sun, 12 Jan 1997 00:51:19 +0000 (00:51 +0000)
committer	Randy Terbush <randy@apache.org>
	Sun, 12 Jan 1997 00:51:19 +0000 (00:51 +0000)