From: Eric Covener <covener@apache.org>
Date: Wed, 30 Nov 2011 08:37:27 +0000 (+0000)
Subject: bump security change to the top
X-Git-Tag: 2.2.22~74
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=268d0e321d348f3b8163c3f2c4eaf7f48ae7a19a;p=thirdparty%2Fapache%2Fhttpd.git

bump security change to the top


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1208322 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index f947c91b050..b75c9f3aa37 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,11 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.22
 
+  *) SECURITY: CVE-2011-3368 (cve.mitre.org)
+     Reject requests where the request-URI does not match the HTTP
+     specification, preventing unexpected expansion of target URLs in
+     some reverse proxy configurations.  [Joe Orton]
+
   *) mod_log_config: Prevent segfault. PR 50861. [Torsten Förtsch
      <torsten.foertsch gmx.net>]
 
@@ -10,11 +15,6 @@ Changes with Apache 2.2.22
      all vars from 3rd-party modules will be fixed. PR 13029 / 34985.
      [Guenter Knauf]
 
-  *) SECURITY: CVE-2011-3368 (cve.mitre.org)
-     Reject requests where the request-URI does not match the HTTP
-     specification, preventing unexpected expansion of target URLs in
-     some reverse proxy configurations.  [Joe Orton]
-
   *) core: Fix hook sorting for Perl modules, a regression introduced in
      2.2.21. PR: 45076. [Torsten Foertsch <torsten foertsch gmx net>]