You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by ji...@apache.org on 2004/04/16 01:32:51 UTC
cvs commit: apache-1.3/src CHANGES
jim 2004/04/15 16:32:51
Modified: src CHANGES
Log:
Note revised directive
Revision Changes Path
1.1937 +4 -3 apache-1.3/src/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/apache-1.3/src/CHANGES,v
retrieving revision 1.1936
retrieving revision 1.1937
diff -u -r1.1936 -r1.1937
--- CHANGES 15 Apr 2004 15:51:51 -0000 1.1936
+++ CHANGES 15 Apr 2004 23:32:50 -0000 1.1937
@@ -2,9 +2,10 @@
*) SECURITY: CAN-2003-0987 (cve.mitre.org)
Verification as to whether the nonce returned in the client response
- is one we issued ourselves by means of a AuthNonce secret exposed as an
- md5(). See mod_digest documentation for more details. The experimental
- mod_auth_digest.c does not have this issue. [Dirk-Willem van Gulik]
+ is one we issued ourselves by means of a AuthDigestRealmSeed secret
+ exposed as an md5(). See mod_digest documentation for more details.
+ The experimental mod_auth_digest.c does not have this issue.
+ [Dirk-Willem van Gulik]
Changes with Apache 1.3.30