You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by co...@apache.org on 2016/12/06 13:54:05 UTC

svn commit: r1772895 - /httpd/httpd/branches/2.4.x/CHANGES

Author: covener
Date: Tue Dec  6 13:54:05 2016
New Revision: 1772895

URL: http://svn.apache.org/viewvc?rev=1772895&view=rev
Log:
format CVE entries


Modified:
    httpd/httpd/branches/2.4.x/CHANGES

Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1772895&r1=1772894&r2=1772895&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Tue Dec  6 13:54:05 2016
@@ -2,12 +2,15 @@
 
 Changes with Apache 2.4.24
 
-  *) mod_http2: CVE-2016-8740: Mitigate DoS memory exhaustion via endless
+
+  *) SECURITY: CVE-2016-8740 (cve.mitre.org)
+     mod_http2: Mitigate DoS memory exhaustion via endless
      CONTINUATION frames.
      [Naveen Tiwari <na...@asu.edu> and CDF/SEFCOM at Arizona State
      University, Stefan Eissing]
 
-  *) core: CVE-2016-5387: Mitigate [f]cgi "httpoxy" issues.
+  *) SECURITY: CVE-2016-5387 (cve.mitre.org)
+     core: Mitigate [f]cgi "httpoxy" issues.
      [Dominic Scheirlinck <dominic vendhq.com>, Yann Ylavic]
 
   *) Enforce http request grammer corresponding to RFC7230 for request lines