SECURITY: CAN-2004-0811 officially part of 2.0.52

author Geoffrey Young <geoff@apache.org>

Tue, 21 Sep 2004 13:23:47 +0000 (13:23 +0000)

committer Geoffrey Young <geoff@apache.org>

Tue, 21 Sep 2004 13:23:47 +0000 (13:23 +0000)
author Geoffrey Young <geoff@apache.org>
Tue, 21 Sep 2004 13:23:47 +0000 (13:23 +0000)
committer Geoffrey Young <geoff@apache.org>
Tue, 21 Sep 2004 13:23:47 +0000 (13:23 +0000)
diff --git a/CHANGES b/CHANGES

index ed6faf0e167725a31dc870566aeded170c4ea218..8d5f8c50c4dcc32f662ba8db195b4d3bb2fc131b 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,11 +2,6 @@ Changes with Apache 2.1.0-dev
  
    [Remove entries to the current 2.0 section below, when backported]
  
-  *) SECURITY: CAN-2004-0811 (cve.mitre.org)
-     Fix merging of the Satisfy directive, which was applied to 
-     the surrounding context and could allow access despite configured
-     authentication.  PR 31315.  [Rici Lake <rici ricilake.net>]
-
    *) Fix the global mutex crash when the global mutex is never allocated due
       to disabled/empty caches. [Jess Holle <jessh ptc.com>]
  
@@ -419,6 +414,11 @@ Changes with Apache 2.1.0-dev
  
  Changes with Apache 2.0.52
  
+  *) SECURITY: CAN-2004-0811 (cve.mitre.org)
+     Fix merging of the Satisfy directive, which was applied to
+     the surrounding context and could allow access despite configured
+     authentication.  PR 31315.  [Rici Lake <rici ricilake.net>]
+
    *) Fix the handling of URIs containing %2F when AllowEncodedSlashes
       is enabled.  Previously, such urls would still be rejected.
       [Jeff Trawick, Bill Stoddard]
author	Geoffrey Young <geoff@apache.org>
	Tue, 21 Sep 2004 13:23:47 +0000 (13:23 +0000)
committer	Geoffrey Young <geoff@apache.org>
	Tue, 21 Sep 2004 13:23:47 +0000 (13:23 +0000)