From cvs-return-68438-archive-asf-public=cust-asf.ponee.io@httpd.apache.org Thu Jun 3 16:56:26 2021 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mxout1-he-de.apache.org (mxout1-he-de.apache.org [95.216.194.37]) by mx-eu-01.ponee.io (Postfix) with ESMTPS id B0F8C180643 for ; Thu, 3 Jun 2021 18:56:26 +0200 (CEST) Received: from mail.apache.org (mailroute1-lw-us.apache.org [207.244.88.153]) by mxout1-he-de.apache.org (ASF Mail Server at mxout1-he-de.apache.org) with SMTP id 6BA6162092 for ; Thu, 3 Jun 2021 16:55:51 +0000 (UTC) Received: (qmail 42131 invoked by uid 500); 3 Jun 2021 16:55:50 -0000 Mailing-List: contact cvs-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: dev@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list cvs@httpd.apache.org Received: (qmail 42118 invoked by uid 99); 3 Jun 2021 16:55:50 -0000 Received: from Unknown (HELO svn01-us-east.apache.org) (13.90.137.153) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 03 Jun 2021 16:55:50 +0000 Received: from svn01-us-east.apache.org (svn01-us-east.apache.org [127.0.0.1]) by svn01-us-east.apache.org (ASF Mail Server at svn01-us-east.apache.org) with ESMTP id 7EB1D17E774 for ; Thu, 3 Jun 2021 16:55:50 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1890439 - /httpd/httpd/branches/2.4.x/CHANGES Date: Thu, 03 Jun 2021 16:55:50 -0000 To: cvs@httpd.apache.org From: covener@apache.org X-Mailer: svnmailer-1.0.9 Message-Id: <20210603165550.7EB1D17E774@svn01-us-east.apache.org> Author: covener Date: Thu Jun 3 16:55:50 2021 New Revision: 1890439 URL: http://svn.apache.org/viewvc?rev=1890439&view=rev Log: correct CVE year Modified: httpd/httpd/branches/2.4.x/CHANGES Modified: httpd/httpd/branches/2.4.x/CHANGES URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1890439&r1=1890438&r2=1890439&view=diff ============================================================================== --- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original) +++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Thu Jun 3 16:55:50 2021 @@ -146,12 +146,12 @@ Changes with Apache 2.4.47 mod_auth_digest: possible stack overflow by one nul byte while validating the Digest nonce. [Yann Ylavic] - *) SECURITY: CVE-2020-26691 (cve.mitre.org) + *) SECURITY: CVE-2021-26691 (cve.mitre.org) mod_session: Fix possible crash due to NULL pointer dereference, which could be used to cause a Denial of Service with a malicious backend server and SessionHeader. [Yann Ylavic] - *) SECURITY: CVE-2020-26690 (cve.mitre.org) + *) SECURITY: CVE-2021-26690 (cve.mitre.org) mod_session: Fix possible crash due to NULL pointer dereference, which could be used to cause a Denial of Service. [Yann Ylavic]