You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by yl...@apache.org on 2019/02/08 10:05:48 UTC
svn commit: r1853203 - /httpd/httpd/branches/2.4.x/CHANGES
Author: ylavic
Date: Fri Feb 8 10:05:48 2019
New Revision: 1853203
URL: http://svn.apache.org/viewvc?rev=1853203&view=rev
Log:
Restore "Changes with Apache 2.4.38" header.
Modified:
httpd/httpd/branches/2.4.x/CHANGES
Modified: httpd/httpd/branches/2.4.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1853203&r1=1853202&r2=1853203&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Fri Feb 8 10:05:48 2019
@@ -5,6 +5,8 @@ Changes with Apache 2.4.39
configuration (SSLFIPS on) and not active by default in OpenSSL.
PR 63136. [Yann Ylavic]
+Changes with Apache 2.4.38
+
*) SECURITY: CVE-2018-17199 (cve.mitre.org)
mod_session: mod_session_cookie does not respect expiry time allowing
sessions to be reused. [Hank Ibell]