httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject cvs commit: apache-1.3/src CHANGES
Date Thu, 15 Apr 2004 23:32:51 GMT
jim         2004/04/15 16:32:51

  Modified:    src      CHANGES
  Log:
  Note revised directive
  
  Revision  Changes    Path
  1.1937    +4 -3      apache-1.3/src/CHANGES
  
  Index: CHANGES
  ===================================================================
  RCS file: /home/cvs/apache-1.3/src/CHANGES,v
  retrieving revision 1.1936
  retrieving revision 1.1937
  diff -u -r1.1936 -r1.1937
  --- CHANGES	15 Apr 2004 15:51:51 -0000	1.1936
  +++ CHANGES	15 Apr 2004 23:32:50 -0000	1.1937
  @@ -2,9 +2,10 @@
   
     *) SECURITY: CAN-2003-0987 (cve.mitre.org)
        Verification as to whether the nonce returned in the client response 
  -     is one we issued ourselves by means of a AuthNonce secret exposed as an 
  -     md5(). See mod_digest documentation for more details. The experimental
  -     mod_auth_digest.c does not have this issue.  [Dirk-Willem van Gulik]
  +     is one we issued ourselves by means of a AuthDigestRealmSeed secret
  +     exposed as an md5(). See mod_digest documentation for more details.
  +     The experimental mod_auth_digest.c does not have this issue. 
  +     [Dirk-Willem van Gulik]
   
   Changes with Apache 1.3.30
   
  
  
  

Mime
View raw message