From a26a74de01de154303624885762a7a29e44d6619 Mon Sep 17 00:00:00 2001 From: Ruediger Pluem Date: Sun, 18 Dec 2005 11:37:24 +0000 Subject: [PATCH] * Resync with 2.0.x and 2.2.x CHANGES file git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@357458 13f79535-47bb-0310-9956-ffa450edef68 --- CHANGES | 39 +++++++++++++++++++++++++++++---------- 1 file changed, 29 insertions(+), 10 deletions(-) diff --git a/CHANGES b/CHANGES index 0bca33c35c..1c5865deb2 100644 --- a/CHANGES +++ b/CHANGES @@ -2,9 +2,6 @@ Changes with Apache 2.3.0 [Remove entries to the current 2.0 and 2.2 section below, when backported] - *) Chunk filter: Fix chunk filter to create correct chunks in the case that - a flush bucket is surrounded by data buckets. [Ruediger Pluem] - *) If a connection is aborted while waiting for a chunked line, flag the connection as errored out. [Justin Erenkrantz] @@ -17,9 +14,6 @@ Changes with Apache 2.3.0 ErrorDocument is configured, or if using "SSLEngine optional"). PR 37791. [Rüdiger Plüm, Joe Orton] - *) mod_proxy_balancer: Sticky session identifiers supplied in URL do not work. - PR37753. [Ruediger Pluem, Kazuhiro Osawa ] - *) mod_authz_dbd: SQL authz with Login/Session support [Nick Kew] *) Fix typo in ProxyStatus syntax error message. @@ -41,9 +35,6 @@ Changes with Apache 2.3.0 *) Added new connection states for handler and write completion [Brian Pane] - *) Preserve the Content-Length header for a proxied HEAD request. - PR 18757 [Greg Ames] - *) New module: mod_authn_dbd [Nick Kew] *) mod_cgid: Refuse to work on Solaris 10 due to OS bugs. PR 34264. @@ -54,7 +45,32 @@ Changes with Apache 2.3.0 access control, as in: SSLRequire "value" in OID("1.3.6.1.4.1.18060.1") [Martin Kraemer, David Reid] -Changes with Apache 2.1.10 +Changes with Apache 2.2.1 + + *) Chunk filter: Fix chunk filter to create correct chunks in the case that + a flush bucket is surrounded by data buckets. [Ruediger Pluem] + + *) SECURITY: CVE-2005-3352 (cve.mitre.org) + mod_imagemap: Escape untrusted referer header before outputting + in HTML to avoid potential cross-site scripting. Change also + made to ap_escape_html so we escape quotes. Reported by JPCERT. + [Mark Cox] + + *) Fix syntax error in httpd.h with strict compilers. PR 38740. + [Per Olausson ] + + *) Preserve the Content-Length header for a proxied HEAD response. + PR 18757. [Greg Ames] + + *) Fix recursive ErrorDocument handling. PR 36090. + [Chris Darroch ] + + *) Don't hang on error return from post_read_request. PR37790 [Nick Kew] + + *) Fix off-by-one error in proxy_balancer. PR37753 + [Kazuhiro Osawa ] + +Changes with Apache 2.2.0 *) mod_negotiation: Minor performance tweak by reusing already calculated strlen. @@ -981,6 +997,9 @@ Changes with Apache 2.1.1 Changes with Apache 2.0.56 + *) Chunk filter: Fix chunk filter to create correct chunks in the case that + a flush bucket is surrounded by data buckets. [Ruediger Pluem] + *) mod_cgi(d): Remove block on OPTIONS method so that scripts can respond to OPTIONS directly rather than via server default. [Roy Fielding] PR 15242 -- 2.49.0