From: Ruediger Pluem <rpluem@apache.org>
Date: Sat, 29 Dec 2007 09:26:42 +0000 (+0000)
Subject: * Added missing CVE number
X-Git-Tag: 2.3.0~1084
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2b2ed2f5e03becd9d7616f8fa378060954e98488;p=apache

* Added missing CVE number


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@607403 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index c884cff2c6..748f438277 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,7 +7,8 @@ Changes with Apache 2.3.0
      a possible XSS attack caused by redirecting to other URLs. 
      Reported by SecurityReason.  [Mark Cox, Joe Orton]
 
-  *) mod_proxy_balancer: Correctly escape the worker route and the worker
+  *) SECURITY: CVE-2007-6421 (cve.mitre.org)
+     mod_proxy_balancer: Correctly escape the worker route and the worker
      redirect string in the HTML output of the balancer manager.
      Reported by SecurityReason. [Ruediger Pluem]