From 9a1a37c2b21aaeeb2d21fc4e14d0676935aaf541 Mon Sep 17 00:00:00 2001
From: Luca Toscano <elukey@apache.org>
Date: Tue, 12 Sep 2017 08:08:35 +0000
Subject: [PATCH] Update CHANGES after r1808008

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1808085 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/CHANGES b/CHANGES
index 12363b3c7e6..495453acf9c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) htdigest: prevent a buffer overflow when a string exceeds the allowed max
+     length in a password file.
+     [Luca Toscano, Hanno Böck <hanno hboeck de>]
+
   *) mod_md: v0.9.2: new directive 'MDHttpProxy' to define a proxy for outgoing connection,
      some minor bugfixes, twiddle the build system to avoid non-pic code generation.
      [Stefan Eissing]
-- 
2.47.3