]> granicus.if.org Git - apache/commitdiff
projects / apache / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bb4cc03)
Expand -0117 text a bit and credit Eric who wrote the
authorJoe Orton <jorton@apache.org>
Tue, 15 Jul 2014 16:12:46 +0000 (16:12 +0000)
committerJoe Orton <jorton@apache.org>
Tue, 15 Jul 2014 16:12:46 +0000 (16:12 +0000)
one-liner down first ;)

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1610738 13f79535-47bb-0310-9956-ffa450edef68

CHANGES patch | blob | history

diff --git a/CHANGES b/CHANGES
index 597094f976aab51efb843f68a8c033af365936e3..d6a8539540908bcba84f38db73ca78fc5477e00d 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,7 +3,9 @@
 Changes with Apache 2.4.10
 
   *) SECURITY: CVE-2014-0117 (cve.mitre.org)
-     Fix crashing with mod_proxy Connection handling.
+     mod_proxy: Fix crash in Connection header handling which 
+     allowed a denial of service attack against a reverse proxy
+     with a threaded MPM.  [Eric Covener]
 
   *) SECURITY: CVE-2014-3523 (cve.mitre.org)
      Fix a memory consumption denial of service in the WinNT MPM (used in all Windows
Unnamed repository; edit this file 'description' to name the repository.