httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Canavan <>
Subject Re: [VOTE] Release Apache httpd 2.4.14 as GA
Date Thu, 11 Jun 2015 16:50:29 GMT

is the commit message incorrect or the CHANGES file concerning CVE-2015-3183?

The commit message at
uses CVE-2015-3183 for the "Replacement of ap_some_auth_required",
while the CHANGES uses it for "Remove apr_brigade_flatten()"

I'm have no idea if that would qualify the CVE to get REJECTED.



View raw message