From 50c811c210ae9ac2ea06a38877c17dc4bc292241 Mon Sep 17 00:00:00 2001
From: Andrei Zmievski <andrei@php.net>
Date: Sat, 21 Dec 2002 20:11:05 +0000
Subject: [PATCH] *** empty log message ***

---
 NEWS | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 9290fe2641..9b6b0f457a 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
 PHP 4                                                                      NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ? ? ??? 2002, Version 4.3.0
+- Make PHP_AUTH_* variables not available in safe mode under Apache when an
+  external basic auth mechanism is used. (Philip)
 - Aliased dba_popen() to dba_open() until 4.3.1 when persistent STDIO streams
   are introduced. (Andrei)
 - Fixed a security bug in the bundled MySQL library. (Georg, Stefan)
@@ -376,8 +378,6 @@ PHP 4                                                                      NEWS
 - Added preliminary SAX-Input support. It's now possible to build a DomDocument
   with SAX-Events. (chregu)
 - Bundled GD library 2.0.1 with php (ext/gd/libgd) (Rasmus, Jani, Markus, Edin)
-- Fixed bug with Apache which let PHP_AUTH_* variables to be set when
-  external basic auth mechanism was used. (Jani)
 - Fixed bzopen() crash in thread-safe mode. (Andrei)
 - Added better error-messages (3rd parameter) and validating of DTDs (2nd
   parameter) to domxml_open_mem() and domxml_open_file(). (Christian)
-- 
2.50.1