]> git.ipfire.org Git - thirdparty/apache/httpd.git/commitdiff
projects / thirdparty / apache / httpd.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 627c50e)
The vulnerable code was not in 2.2.16's mod_reqtimeout, therefore we
authorStefan Fritsch <sf@apache.org>
Fri, 8 Oct 2010 18:56:59 +0000 (18:56 +0000)
committerStefan Fritsch <sf@apache.org>
Fri, 8 Oct 2010 18:56:59 +0000 (18:56 +0000)
don't need to mention CVE-2010-1623 in the changelog.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1005957 13f79535-47bb-0310-9956-ffa450edef68

CHANGES patch | blob | blame | history

diff --git a/CHANGES b/CHANGES
index 9282c03c7184347c3fac8e863eb04bd76541686d..92ccdee6d6e0bf5f42e02a290c36f6f5275fa651 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,10 +1,6 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.17
 
-  *) SECURITY: CVE-2010-1623 (cve.mitre.org)
-     Fix a denial of service attack against mod_reqtimeout.
-     [Stefan Fritsch]
-
   *) mod_reqtimeout: Do not wrongly enforce timeouts for mod_proxy's backend
      connections and other protocol handlers (like mod_ftp). Enforce the
      timeout for AP_MODE_GETLINE. If there is a timeout, shorten the lingering
Mirror of https://github.com/apache/httpd.git