You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by jo...@apache.org on 2005/03/21 15:27:57 UTC

svn commit: r158453 - httpd/httpd/branches/2.0.x/CHANGES

Author: jorton
Date: Mon Mar 21 06:27:55 2005
New Revision: 158453

URL: http://svn.apache.org/viewcvs?view=rev&rev=158453
Log:
Add some missing CVE/CERT references.

Modified:
    httpd/httpd/branches/2.0.x/CHANGES

Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/CHANGES?view=diff&r1=158452&r2=158453
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES (original)
+++ httpd/httpd/branches/2.0.x/CHANGES Mon Mar 21 06:27:55 2005
@@ -1678,7 +1678,8 @@
 
 Changes with Apache 2.0.42
 
-  *) mod_dav: Check for versioning hooks before using them.
+  *) SECURITY: CVE-2002-1593 (cve.mitre.org) [CERT VU#406121]
+     mod_dav: Check for versioning hooks before using them.
      [Greg Stein]
 
 Changes with Apache 2.0.41
@@ -2405,7 +2406,8 @@
 
   *) Fix AcceptPathInfo. PR 8234  [Cliff Woolley]
 
-  *) SECURITY: Added the APLOG_TOCLIENT flag to ap_log_rerror() to
+  *) SECURITY: CAN-2002-1592 (cve.mitre.org) [CERT VU#165803]
+     Added the APLOG_TOCLIENT flag to ap_log_rerror() to
      explicitly tell the server that warning messages should be sent 
      to the client in addition to being recorded in the error log. 
      Prior to this change, ap_log_rerror() always sent warning