You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by mi...@apache.org on 2009/09/14 22:55:40 UTC

svn commit: r814850 - /httpd/httpd/trunk/CHANGES

Author: minfrin
Date: Mon Sep 14 20:55:40 2009
New Revision: 814850

URL: http://svn.apache.org/viewvc?rev=814850&view=rev
Log:
Add attribution and CVE notices.

Modified:
    httpd/httpd/trunk/CHANGES

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=814850&r1=814849&r2=814850&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Mon Sep 14 20:55:40 2009
@@ -2,6 +2,12 @@
 
 Changes with Apache 2.3.3
 
+  *) CVE-2009-3095: mod_proxy_ftp sanity check authn credentials.
+     [Stefan Fritsch <sf fritsch.de>, Joe Orton]
+
+  *) CVE-2009-3094: mod_proxy_ftp NULL pointer dereference on error paths.
+     [Stefan Fritsch <sf fritsch.de>, Joe Orton]
+
   *) mod_dav: Allow other modules to add things to the DAV or Allow headers
      of an OPTIONS request. [Brian France <brian brianfrance.com>]