Return-Path: Delivered-To: apmail-httpd-cvs-archive@www.apache.org Received: (qmail 65518 invoked from network); 5 Jul 2007 20:21:37 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 5 Jul 2007 20:21:37 -0000 Received: (qmail 23958 invoked by uid 500); 5 Jul 2007 16:21:40 -0000 Delivered-To: apmail-httpd-cvs-archive@httpd.apache.org Received: (qmail 23892 invoked by uid 500); 5 Jul 2007 16:21:40 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 23881 invoked by uid 99); 5 Jul 2007 16:21:40 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 05 Jul 2007 09:21:40 -0700 X-ASF-Spam-Status: No, hits=-99.5 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [140.211.11.3] (HELO eris.apache.org) (140.211.11.3) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 05 Jul 2007 09:21:36 -0700 Received: by eris.apache.org (Postfix, from userid 65534) id 9BEC11A981A; Thu, 5 Jul 2007 09:21:16 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r553551 - /httpd/httpd/branches/1.3.x/src/CHANGES Date: Thu, 05 Jul 2007 16:21:15 -0000 To: cvs@httpd.apache.org From: jim@apache.org X-Mailer: svnmailer-1.1.0 Message-Id: <20070705162116.9BEC11A981A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: jim Date: Thu Jul 5 09:21:14 2007 New Revision: 553551 URL: http://svn.apache.org/viewvc?view=rev&rev=553551 Log: Note pid table changes: SECURITY: CVE-2007-3304 (cve.mitre.org) Modified: httpd/httpd/branches/1.3.x/src/CHANGES Modified: httpd/httpd/branches/1.3.x/src/CHANGES URL: http://svn.apache.org/viewvc/httpd/httpd/branches/1.3.x/src/CHANGES?view=diff&rev=553551&r1=553550&r2=553551 ============================================================================== --- httpd/httpd/branches/1.3.x/src/CHANGES (original) +++ httpd/httpd/branches/1.3.x/src/CHANGES Thu Jul 5 09:21:14 2007 @@ -1,6 +1,9 @@ Changes with Apache 1.3.38 - + *) SECURITY: CVE-2007-3304 (cve.mitre.org) + Ensure that the parent process cannot be forced to kill non-child + processes by checking scoreboard PID data with parent process + privately stored PID data. [Jim Jagielski] Changes with Apache 1.3.37