httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jor...@apache.org
Subject svn commit: r791459 - /httpd/httpd/branches/2.2.x/CHANGES
Date Mon, 06 Jul 2009 12:29:18 GMT
Author: jorton
Date: Mon Jul  6 12:29:18 2009
New Revision: 791459

URL: http://svn.apache.org/viewvc?rev=791459&view=rev
Log:
Note that PR 39605 is fixed by the CVE-2009-1891 patches.
(thanks Jeff)

Modified:
    httpd/httpd/branches/2.2.x/CHANGES

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=791459&r1=791458&r2=791459&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Mon Jul  6 12:29:18 2009
@@ -4,7 +4,8 @@
   *) SECURITY: CVE-2009-1891 (cve.mitre.org)
      Fix a potential Denial-of-Service attack against mod_deflate or other 
      modules, by forcing the server to consume CPU time in compressing a 
-     large file after a client disconnects.  [Joe Orton, Ruediger Pluem]
+     large file after a client disconnects.  PR 39605.
+     [Joe Orton, Ruediger Pluem]
 
   *) SECURITY: CVE-2009-1195 (cve.mitre.org)
      Prevent the "Includes" Option from being enabled in an .htaccess 



Mime
View raw message