From e1601424eb96729f39d967e9654dca6b3b0db942 Mon Sep 17 00:00:00 2001
From: Jim Jagielski <jim@apache.org>
Date: Tue, 11 Mar 2014 16:12:58 +0000
Subject: [PATCH] Log CVE for change

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1576403 13f79535-47bb-0310-9956-ffa450edef68
---
 CHANGES | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/CHANGES b/CHANGES
index 470af87ef6..c5e39b0f95 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,8 +2,10 @@
 
 Changes with Apache 2.4.8
 
-  *) Clean up cookie logging with fewer redundant string parsing passes.
-     Log only cookies with a value assignment.
+  *) SECURITY: CVE-2014-0098 (cve.mitre.org)
+     Clean up cookie logging with fewer redundant string parsing passes.
+     Log only cookies with a value assignment. Prevents degfaults when
+     logging truncated cookies.
      [William Rowe, Ruediger Pluem, Jim Jagielski]
 
   *) core: draft-ietf-httpbis-p1-messaging-23 corrections regarding
-- 
2.50.1