httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jor...@apache.org
Subject svn commit: r1610738 - /httpd/httpd/branches/2.4.x/CHANGES
Date Tue, 15 Jul 2014 16:12:46 GMT
Author: jorton
Date: Tue Jul 15 16:12:46 2014
New Revision: 1610738

URL: http://svn.apache.org/r1610738
Log:
Expand -0117 text a bit and credit Eric who wrote the
one-liner down first ;)

Modified:
    httpd/httpd/branches/2.4.x/CHANGES

Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1610738&r1=1610737&r2=1610738&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue Jul 15 16:12:46 2014
@@ -3,7 +3,9 @@
 Changes with Apache 2.4.10
 
   *) SECURITY: CVE-2014-0117 (cve.mitre.org)
-     Fix crashing with mod_proxy Connection handling.
+     mod_proxy: Fix crash in Connection header handling which 
+     allowed a denial of service attack against a reverse proxy
+     with a threaded MPM.  [Eric Covener]
 
   *) SECURITY: CVE-2014-3523 (cve.mitre.org)
      Fix a memory consumption denial of service in the WinNT MPM (used in all Windows



Mime
View raw message