You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@apr.apache.org by jo...@apache.org on 2009/06/03 17:29:39 UTC

svn commit: r781433 - /apr/apr-util/branches/1.3.x/CHANGES

Author: jorton
Date: Wed Jun  3 15:29:39 2009
New Revision: 781433

URL: http://svn.apache.org/viewvc?rev=781433&view=rev
Log:
Document billion laughs fix -- CVE name has been requested but may take a while.

Modified:
    apr/apr-util/branches/1.3.x/CHANGES

Modified: apr/apr-util/branches/1.3.x/CHANGES
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/CHANGES?rev=781433&r1=781432&r2=781433&view=diff
==============================================================================
--- apr/apr-util/branches/1.3.x/CHANGES [utf-8] (original)
+++ apr/apr-util/branches/1.3.x/CHANGES [utf-8] Wed Jun  3 15:29:39 2009
@@ -1,7 +1,9 @@
                                                      -*- coding: utf-8 -*-
 Changes with APR-util 1.3.7
 
-
+  *) SECURITY:        
+     Prevent the "billion laughs" attack against expat by default.
+     [Joe Orton]
 
 Changes with APR-util 1.3.6