From: Ruediger Pluem <rpluem@apache.org>
Date: Sat, 15 Dec 2007 15:42:42 +0000 (+0000)
Subject: * Wrong order, Security changes first.
X-Git-Tag: 2.0.62~41
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=45a42cb09d79a9ae317ec424f6f9adc334fcdefb;p=thirdparty%2Fapache%2Fhttpd.git

* Wrong order, Security changes first.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@604441 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 9e5e3002569..c29f628ca92 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.0.62
 
+  *) SECURITY: CVE-2007-5000 (cve.mitre.org)
+     mod_imagemap: Fix a cross-site scripting issue.  Reported by JPCERT.
+     [Joe Orton]
+
   *) http_protocol: Escape request method in 405 error reporting.
      This has no security impact since the browser cannot be tricked
      into sending arbitrary method strings.  [Jeff Trawick]
@@ -9,10 +13,6 @@ Changes with Apache 2.0.62
      Determined to be not generally exploitable, but a flaw in any case.
      PR 44014 [Victor Stinner <victor.stinner inl.fr>]
 
-  *) SECURITY: CVE-2007-5000 (cve.mitre.org)
-     mod_imagemap: Fix a cross-site scripting issue.  Reported by JPCERT.
-     [Joe Orton]  
-
 Changes with Apache 2.0.61
 
   *) SECURITY: CVE-2007-3847 (cve.mitre.org)