From 4de9afa583d52728e15a99aaf9b3e7e5c74740b3 Mon Sep 17 00:00:00 2001 From: "William A. Rowe Jr" Date: Fri, 9 Sep 2011 13:29:18 +0000 Subject: [PATCH] Reflect user-visible behavior change git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1167156 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/CHANGES b/CHANGES index 5c5d06a7e2..646304d80f 100644 --- a/CHANGES +++ b/CHANGES @@ -1,6 +1,10 @@ - -*- coding: utf-8 -*- + -*- coding: utf-8 -*- Changes with Apache 2.3.15 + *) SECURITY: CVE-2011-3348 (cve.mitre.org) + mod_proxy_ajp: Respond with HTTP_NOT_IMPLEMENTED when the method is not + recognized. [Jean-Frederic Clere] + *) SECURITY: CVE-2011-3192 (cve.mitre.org) core: Fix handling of byte-range requests to use less memory, to avoid denial of service. If the sum of all ranges in a request is larger than -- 2.40.0