From: Randy Terbush <randy@apache.org>
Date: Sun, 12 Jan 1997 00:51:19 +0000 (+0000)
Subject: Update CHANGES
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=33e9c3c8d9df432f789dd57eff777a67b9c9874b;p=thirdparty%2Fapache%2Fhttpd.git

Update CHANGES


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/1.3@77421 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/RELEASE_1_1_X/src/CHANGES b/RELEASE_1_1_X/src/CHANGES
index 1b2e030195b..a030d6be807 100644
--- a/RELEASE_1_1_X/src/CHANGES
+++ b/RELEASE_1_1_X/src/CHANGES
@@ -1,3 +1,13 @@
+Changes with Apache 1.1.2:
+
+  *) Fix a buffer overflow problem in mod_cookies. Without these
+     changes, it is possible to gain unauthorized user privledges
+     on systems running with mod_cookies compiled into the server.
+
+  *) Fix another problem that could give a directory listing of
+     the document root if the request recieved is long enough to
+     force an error by the stat() function.
+
 Changes with Apache 1.1.1:
 
   *) Fixed bug where Redirect in .htaccess files would cause memory