You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by pq...@apache.org on 2005/08/20 20:39:48 UTC
svn commit: r234109 - /httpd/httpd/trunk/CHANGES
Author: pquerna
Date: Sat Aug 20 11:39:46 2005
New Revision: 234109
URL: http://svn.apache.org/viewcvs?rev=234109&view=rev
Log:
OID Support has been dropped from 2.2.x
Modified:
httpd/httpd/trunk/CHANGES
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/trunk/CHANGES?rev=234109&r1=234108&r2=234109&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Sat Aug 20 11:39:46 2005
@@ -2,6 +2,11 @@
Changes with Apache 2.3.0
[Remove entries to the current 2.0 and 2.2 section below, when backported]
+ *) Teach mod_ssl to use arbitraty OIDs in an SSLRequire directive,
+ allowing string-valued client certificate attributes to be used for
+ access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
+ [Martin Kraemer, David Reid]
+
Changes with Apache 2.1.7
*) SECURITY: CAN-2005-2491 (cve.mitre.org):
Fix integer overflows in PCRE in quantifier parsing which could
@@ -33,11 +38,6 @@
*) Remove the base href tag from mod_proxy_ftp, as it breaks relative
links for clients not using an Authorization header. [Graham Leggett,
Jon Snow <jsnow27 gatesec.net>]
-
- *) Teach mod_ssl to use arbitraty OIDs in an SSLRequire directive,
- allowing string-valued client certificate attributes to be used for
- access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1")
- [Martin Kraemer, David Reid]
*) mod_cache: Restore the HTTP status of cached responses.
[Hansjoerg Pehofer <hansjoerg.pehofer uibk.ac.at>]