From: Colm MacCarthaigh <colm@apache.org>
Date: Fri, 31 Mar 2006 22:02:42 +0000 (+0000)
Subject: Put the SECURITY notices at the top again.
X-Git-Tag: 2.0.56~32
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=775d9b224e272d1ccc7d61968dbc2ca314570406;p=thirdparty%2Fapache%2Fhttpd.git

Put the SECURITY notices at the top again.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@390517 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 7a1cc3b0fd3..1d1a07bd1ab 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,9 +1,7 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.0.56
 
-  *) keep the Content-Length header for a HEAD with no response body.
-     PR 18757 [Greg Ames]
-     
+    
   *) SECURITY: CVE-2005-3357 (cve.mitre.org)
      mod_ssl: Fix a possible crash during access control checks if a
      non-SSL request is processed for an SSL vhost (such as the
@@ -17,6 +15,9 @@ Changes with Apache 2.0.56
      ap_escape_html so we escape quotes.  Reported by JPCERT.
      [Mark Cox]
 
+  *) keep the Content-Length header for a HEAD with no response body.
+     PR 18757 [Greg Ames]
+ 
   *) Modify apr[util] .h detection to avoid breakage on VPATH builds
      using Solaris make (amoung others) and avoid breakage in ./buildconf
      when srclib/apr[-util] are symlinks rather than directories proper.