You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by tr...@apache.org on 2010/03/03 12:48:35 UTC

svn commit: r80 - /dev/httpd/CHANGES_2.2

Author: trawick
Date: Wed Mar  3 06:48:34 2010
New Revision: 80

Log:
reflect assignment of CVE-2010-0434

Modified:
    dev/httpd/CHANGES_2.2

Modified: dev/httpd/CHANGES_2.2
==============================================================================
--- dev/httpd/CHANGES_2.2 (original)
+++ dev/httpd/CHANGES_2.2 Wed Mar  3 06:48:34 2010
@@ -19,7 +19,8 @@
      processing is completed, avoiding orphaned callback pointers.
      [Brett Gervasoni <brettg senseofsecurity.com>, Jeff Trawick]
 
-  *) Ensure each subrequest has a shallow copy of headers_in so that the
+  *) SECURITY: CVE-2010-0434 (cve.mitre.org)
+     Ensure each subrequest has a shallow copy of headers_in so that the
      parent request headers are not corrupted.  Elimiates a problematic
      optimization in the case of no request body.  PR 48359
      [Jake Scott, William Rowe, Ruediger Pluem]