You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mi...@apache.org on 2009/09/14 22:55:40 UTC
svn commit: r814850 - /httpd/httpd/trunk/CHANGES
Author: minfrin
Date: Mon Sep 14 20:55:40 2009
New Revision: 814850
URL: http://svn.apache.org/viewvc?rev=814850&view=rev
Log:
Add attribution and CVE notices.
Modified:
httpd/httpd/trunk/CHANGES
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=814850&r1=814849&r2=814850&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Mon Sep 14 20:55:40 2009
@@ -2,6 +2,12 @@
Changes with Apache 2.3.3
+ *) CVE-2009-3095: mod_proxy_ftp sanity check authn credentials.
+ [Stefan Fritsch <sf fritsch.de>, Joe Orton]
+
+ *) CVE-2009-3094: mod_proxy_ftp NULL pointer dereference on error paths.
+ [Stefan Fritsch <sf fritsch.de>, Joe Orton]
+
*) mod_dav: Allow other modules to add things to the DAV or Allow headers
of an OPTIONS request. [Brian France <brian brianfrance.com>]