From: William A. Rowe Jr Date: Thu, 6 Aug 2009 07:33:32 +0000 (+0000) Subject: Two notable notes X-Git-Tag: 2.2.13~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=baa43091004b17001bb25c3ee28aec6ba75ac7d5;p=thirdparty%2Fapache%2Fhttpd.git Two notable notes git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@801528 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/CHANGES b/CHANGES index d4286620aed..1ebd9dcb48c 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,15 @@ - -*- coding: utf-8 -*- + -*- coding: utf-8 -*- Changes with Apache 2.2.13 + *) SECURITY: CVE-2009-2412 (cve.mitre.org) + Distributed with APR 1.3.8 and APR-util 1.3.9 to fix potential overflow + in pools and rmm, where size alignment was taking place. + [Matt Lewis , Sander Striker] + + *) mod_ssl, ab: improve compatibility with OpenSSL 1.0.0 betas. Report + warnings compiling mod_ssl against OpenSSL to the httpd developers. + [Guenter Knauf] + *) mod_cgid: Do not add an empty argument when calling the CGI script. PR 46380 [Ruediger Pluem]