From: Christophe Jaillet <jailletc36@apache.org>
Date: Sun, 11 Nov 2018 08:22:48 +0000 (+0000)
Subject: CHANGES related to r1842010.
X-Git-Tag: 2.5.0-alpha2-ci-test-only~2244
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=250c3f4f705cfb10e1054b0573e3bdc9fe9afcad;p=thirdparty%2Fapache%2Fhttpd.git

CHANGES related to r1842010.

I have choosen "unlikely" because this bug has been around for ever ([1]) and the pool is only "cleared"; that is to say, the data is still valid, but the memory *could* be re-used.

[1]: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/modules/dav/main/mod_dav.c?revision=85717&view=markup&sortby=date#l1610

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1846339 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 51e602ae275..6397342b595 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.1
 
+  *) mod_dav: Fix an unlikely time-window where some incorrect data could be returned
+     from a PROPFIND request [Ruediger Pluem]
+
   *) mod_ssl: Fix mod_authz provider for "require ssl" directive to check correctly
      on HTTP/2 connections. Fixes PR 62654. [Stefan Eissing]