httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From j..@apache.org
Subject svn commit: r1576403 - /httpd/httpd/branches/2.4.x/CHANGES
Date Tue, 11 Mar 2014 16:12:58 GMT
Author: jim
Date: Tue Mar 11 16:12:58 2014
New Revision: 1576403

URL: http://svn.apache.org/r1576403
Log:
Log CVE for change

Modified:
    httpd/httpd/branches/2.4.x/CHANGES

Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1576403&r1=1576402&r2=1576403&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue Mar 11 16:12:58 2014
@@ -2,8 +2,10 @@
 
 Changes with Apache 2.4.8
 
-  *) Clean up cookie logging with fewer redundant string parsing passes.
-     Log only cookies with a value assignment.
+  *) SECURITY: CVE-2014-0098 (cve.mitre.org)
+     Clean up cookie logging with fewer redundant string parsing passes.
+     Log only cookies with a value assignment. Prevents degfaults when
+     logging truncated cookies.
      [William Rowe, Ruediger Pluem, Jim Jagielski]
 
   *) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding



Mime
View raw message