From: Jeff Trawick <trawick@apache.org>
Date: Tue, 9 Mar 2010 17:29:22 +0000 (+0000)
Subject: follow up r920961 with the related CHANGES entry
X-Git-Tag: 2.0.64~69
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=33f5fd3be2a56e65f7de5e11c5bff50d5b89a943;p=thirdparty%2Fapache%2Fhttpd.git

follow up r920961 with the related CHANGES entry


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@920995 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 0c0921790c6..0dfbae62d37 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,11 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.0.64
 
+  *) SECURITY: CVE-2010-0425 (cve.mitre.org)
+     mod_isapi: Do not unload an isapi .dll module until the request
+     processing is completed, avoiding orphaned callback pointers.
+     [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
+
   *) SECURITY: CVE-2008-2939 (cve.mitre.org)
      mod_proxy_ftp: Prevent XSS attacks when using wildcards in the path of
      the FTP URL. Discovered by Marc Bevand of Rapid7. [Ruediger Pluem]