From: Ruediger Pluem <rpluem@apache.org>
Date: Thu, 20 Jul 2006 22:04:13 +0000 (+0000)
Subject: * Remove the word SECURITY to address Joe's and Bill's concern that this would
X-Git-Tag: 2.3.0~2238
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4b3958f3f4852057ab751a64046df8343a6ba5a9;p=thirdparty%2Fapache%2Fhttpd.git

* Remove the word SECURITY to address Joe's and Bill's concern that this would
  imply that FollowSymLinks and SymLinksIfOwnerMatch are security features.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@424084 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index c853a8fddbb..303fe872633 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,8 +2,7 @@
 Changes with Apache 2.3.0
   [Remove entries to the current 2.0 and 2.2 section below, when backported]
 
-  *) SECURITY:
-     core: Do not allow internal redirects like the DirectoryIndex of mod_dir
+  *) core: Do not allow internal redirects like the DirectoryIndex of mod_dir
      to circumvent the symbolic link checks imposed by FollowSymLinks and
      SymLinksIfOwnerMatch. [Nick Kew, Ruediger Pluem, William Rowe]