Keep SECURITY entries at the top

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1631685 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index a7d33c6c5e9ac8d51f72411826195422547589ed..3aa52eaa1591b940c74ad3150c385dc9f9d69461 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,13 @@ Changes with Apache 2.4.11
      mod_cache: Avoid a crash when Content-Type has an empty value.
      PR 56924.  [Mark Montague <mark catseye.org>, Jan Kaluza]
 
+  *) SECURITY: CVE-2013-5704 (cve.mitre.org)
+     core: HTTP trailers could be used to replace HTTP headers
+     late during request processing, potentially undoing or
+     otherwise confusing modules that examined or modified
+     request headers earlier.  Adds "MergeTrailers" directive to restore
+     legacy behavior.  [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener]
+
   *) mod_ldap: In 2.4.10, some LDAP searches or comparisons might be done with
      the wrong credentials when a backend connection is reused.
      [Eric Covener]
@@ -37,13 +44,6 @@ Changes with Apache 2.4.11
      "ProxyErrorOverride On" hang until proxy timeout.
      PR53420 [Rainer Jung]
 
-  *) SECURITY: CVE-2013-5704 (cve.mitre.org)
-     core: HTTP trailers could be used to replace HTTP headers
-     late during request processing, potentially undoing or
-     otherwise confusing modules that examined or modified
-     request headers earlier.  Adds "MergeTrailers" directive to restore
-     legacy behavior.  [Edward Lu, Yann Ylavic, Joe Orton, Eric Covener]
-
   *) mod_log_config: Allow three character log formats to be registered. For
      backwards compatibility, the first character of a three-character format
      must be the '^' (caret) character.  [Eric Covener]