You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by rp...@apache.org on 2007/12/15 16:42:43 UTC

svn commit: r604441 - /httpd/httpd/branches/2.0.x/CHANGES

Author: rpluem
Date: Sat Dec 15 07:42:42 2007
New Revision: 604441

URL: http://svn.apache.org/viewvc?rev=604441&view=rev
Log:
* Wrong order, Security changes first.

Modified:
    httpd/httpd/branches/2.0.x/CHANGES

Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.0.x/CHANGES?rev=604441&r1=604440&r2=604441&view=diff
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.0.x/CHANGES [utf-8] Sat Dec 15 07:42:42 2007
@@ -1,6 +1,10 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.0.62
 
+  *) SECURITY: CVE-2007-5000 (cve.mitre.org)
+     mod_imagemap: Fix a cross-site scripting issue.  Reported by JPCERT.
+     [Joe Orton]
+
   *) http_protocol: Escape request method in 405 error reporting.
      This has no security impact since the browser cannot be tricked
      into sending arbitrary method strings.  [Jeff Trawick]
@@ -8,10 +12,6 @@
   *) http_protocol: Escape request method in 413 error reporting.
      Determined to be not generally exploitable, but a flaw in any case.
      PR 44014 [Victor Stinner <victor.stinner inl.fr>]
-
-  *) SECURITY: CVE-2007-5000 (cve.mitre.org)
-     mod_imagemap: Fix a cross-site scripting issue.  Reported by JPCERT.
-     [Joe Orton]  
 
 Changes with Apache 2.0.61