httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cove...@apache.org
Subject svn commit: r1357274 - /httpd/httpd/trunk/CHANGES
Date Wed, 04 Jul 2012 14:14:30 GMT
Author: covener
Date: Wed Jul  4 14:14:30 2012
New Revision: 1357274

URL: http://svn.apache.org/viewvc?rev=1357274&view=rev
Log:
zap recent backports

Modified:
    httpd/httpd/trunk/CHANGES

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1357274&r1=1357273&r2=1357274&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Wed Jul  4 14:14:30 2012
@@ -1,11 +1,6 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
-  *) SECURITY: CVE-2012-2687 (cve.mitre.org)
-     mod_negotiation: Escape filenames in variant list to prevent an
-     possible XSS for a site where untrusted users can upload files to
-     a location with MultiViews enabled. [Niels Heinen <heinenn google.com>]
-
   *) mod_rewrite: Add "AllowAnyURI" option. PR 52774. [Joe Orton]
 
   *) mod_ssl: Add RFC 5878 support. [Ben Laurie]
@@ -37,9 +32,6 @@ Changes with Apache 2.5.0
      for TLS, RFC 5054). PR 51075. [Quinn Slack <sqs cs stanford edu>,
      Christophe Renou, Peter Sylvester]
 
-  *) htdbm, htpasswd: Don't crash if crypt() fails (e.g. with FIPS enabled). 
-     [Paul Wouters <pwouters redhat.com>, Joe Orton]
-
   *) mod_ssl: Add new directive SSLCompression to disable TLS-level
      compression. PR 53219. [Björn Jacke <bjoern j3e de>, Stefan Fritsch]
 
@@ -63,10 +55,6 @@ Changes with Apache 2.5.0
   *) mod_proxy_ajp: Reduce memory usage in case of many keep-alive requests on
      one connection. PR 52275. [Naohiro Ooiwa <naohiro ooiwa miraclelinux com>]
 
-  *) mod_proxy: Use the the same hostname for SNI as for the HTTP request when
-     forwarding to SSL backends. PR 53134.
-     [Michael Weiser <michael weiser.dinsnail.net>, Ruediger Pluem]
-
   *) mod_ssl: Add support for TLS Next Protocol Negotiation.  PR 52210.
      [Matthew Steele <mdsteele google.com>]
 
@@ -86,10 +74,6 @@ Changes with Apache 2.5.0
   *) mod_authz_core: Fix parsing of Require arguments in <AuthzProviderAlias>.
      PR 53048. [Stefan Fritsch]
 
-  *) core: Fix error handling in ap_scan_script_header_err_brigade() if there
-     is no EOS bucket in the brigade. Fixes segfault with mod_proxy_fcgi.
-     PR 48272. [Stefan Fritsch]
-
   *) mod_proxy_fcgi: If there is an error reading the headers from the
      backend, send an error to the client. PR 52879. [Stefan Fritsch]
 



Mime
View raw message