]> git.ipfire.org Git - thirdparty/apache/httpd.git/commitdiff
projects / thirdparty / apache / httpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 861a550)
User-facing CHANGES
authorWilliam A. Rowe Jr <wrowe@apache.org>
Thu, 13 Mar 2014 18:39:10 +0000 (18:39 +0000)
committerWilliam A. Rowe Jr <wrowe@apache.org>
Thu, 13 Mar 2014 18:39:10 +0000 (18:39 +0000)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1577276 13f79535-47bb-0310-9956-ffa450edef68

CHANGES patch | blob | blame | history

diff --git a/CHANGES b/CHANGES
index c67e8b0512ec8a144716b7037f62006fc7444e80..dee8788eb3aef6871400c8e090f0de014f53e565 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,12 @@ Changes with Apache 2.2.27
      logging truncated cookies.
      [William Rowe, Ruediger Pluem, Jim Jagielski]
 
+  *) SECURITY: CVE-2013-6438 (cve.mitre.org)
+     mod_dav: Keep track of length of cdata properly when removing
+     leading spaces. Eliminates a potential denial of service from
+     specifically crafted DAV WRITE requests
+     [Amin Tora <Amin.Tora neustar.biz>]
+
   *) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding
      TE/CL conflicts. [Yann Ylavic <ylavic.dev gmail com>, Jim Jagielski]
 
Mirror of https://github.com/apache/httpd.git