]> granicus.if.org Git - apache/commitdiff
projects / apache / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0b64dfa)
Log CVE for change
authorJim Jagielski <jim@apache.org>
Tue, 11 Mar 2014 16:12:58 +0000 (16:12 +0000)
committerJim Jagielski <jim@apache.org>
Tue, 11 Mar 2014 16:12:58 +0000 (16:12 +0000)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576403 13f79535-47bb-0310-9956-ffa450edef68

CHANGES patch | blob | history

diff --git a/CHANGES b/CHANGES
index 470af87ef67b901c19960957c1f8db65f581f95b..c5e39b0f95bc31355d9d3eedb9dbd795a8298a11 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,8 +2,10 @@
 
 Changes with Apache 2.4.8
 
-  *) Clean up cookie logging with fewer redundant string parsing passes.
-     Log only cookies with a value assignment.
+  *) SECURITY: CVE-2014-0098 (cve.mitre.org)
+     Clean up cookie logging with fewer redundant string parsing passes.
+     Log only cookies with a value assignment. Prevents degfaults when
+     logging truncated cookies.
      [William Rowe, Ruediger Pluem, Jim Jagielski]
 
   *) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding
Unnamed repository; edit this file 'description' to name the repository.