httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From minf...@apache.org
Subject svn commit: r818288 - /httpd/httpd/branches/2.2.x/CHANGES
Date Wed, 23 Sep 2009 22:24:00 GMT
Author: minfrin
Date: Wed Sep 23 22:24:00 2009
New Revision: 818288

URL: http://svn.apache.org/viewvc?rev=818288&view=rev
Log:
Add reference to the security issue fixed now that APR v1.3.9 is
available.

Modified:
    httpd/httpd/branches/2.2.x/CHANGES

Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=818288&r1=818287&r2=818288&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Wed Sep 23 22:24:00 2009
@@ -1,6 +1,11 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.2.14
 
+  *) SECURITY: CVE-2009-2699 (cve.mitre.org)
+     Fixed in APR 1.3.9.  Faulty error handling in the Solaris pollset support
+     (Event Port backend) which could trigger hangs in the prefork and event
+     MPMs on that platform.  PR 47645.  [Jeff Trawick]
+
   *) SECURITY: CVE-2009-3095 (cve.mitre.org)
      mod_proxy_ftp: sanity check authn credentials.
      [Stefan Fritsch <sf fritsch.de>, Joe Orton]



Mime
View raw message