Synch with 2.0 branch.

author Joe Orton <jorton@apache.org>

Mon, 7 Jun 2004 11:02:52 +0000 (11:02 +0000)

committer Joe Orton <jorton@apache.org>

Mon, 7 Jun 2004 11:02:52 +0000 (11:02 +0000)
author Joe Orton <jorton@apache.org>
Mon, 7 Jun 2004 11:02:52 +0000 (11:02 +0000)
committer Joe Orton <jorton@apache.org>
Mon, 7 Jun 2004 11:02:52 +0000 (11:02 +0000)
diff --git a/CHANGES b/CHANGES

index 2c15c4589f82773f629fb7eb8a021b19dd2bdcfd..7c6ea61a69b442da4fb7c4274fc25c6e413c4e0f 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -378,6 +378,21 @@ Changes with Apache 2.1.0-dev
  
  Changes with Apache 2.0.50
  
+  *) SECURITY: CAN-2004-0488 (cve.mitre.org)
+     mod_ssl: Fix a buffer overflow in the FakeBasicAuth code for a
+     (trusted) client certificate subject DN which exceeds 6K in length.
+     [Joe Orton]
+
+  *) mod_dav_fs: Fix MKCOL response for missing parent collections, which 
+     caused issues for the Eclipse WebDAV extension.
+     PR 29034.  [Joe Orton]
+
+  *) mod_deflate: Fix memory consumption (which was proportional to the
+     response size).  PR 29318.  [Joe Orton]
+
+  *) mod_ssl: Log the errors returned on failure to load or initialize
+     a crypto accelerator engine.  [Joe Orton]
+
    *) Allow RequestHeader directives to be conditional. PR 27951.
       [Vincent Deffontaines <vincent gryzor.com>, André Malo]
author	Joe Orton <jorton@apache.org>
	Mon, 7 Jun 2004 11:02:52 +0000 (11:02 +0000)
committer	Joe Orton <jorton@apache.org>
	Mon, 7 Jun 2004 11:02:52 +0000 (11:02 +0000)