Commit 141ed0f6 authored by Yann Ylavic's avatar Yann Ylavic
Browse files

Add the CHANGES' security entry for 2.2.34. 

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x@1802128 13f79535-47bb-0310-9956-ffa450edef68
parent 08cc13b8

CHANGES

+6 −0
Original line number Diff line number Diff line 
                                                         -*- coding: utf-8 -*-

Changes with Apache 2.2.34 (final)



  *) SECURITY: CVE-2017-9788 (cve.mitre.org)

     mod_auth_digest: Uninitialized memory reflection.  The value placeholder

     in [Proxy-]Authorization headers type 'Digest' was not initialized or

     reset before or between successive key=value assignments.

     [William Rowe]



  *) Allow single-char field names inadvertantly disallowed in 2.2.32.

     PR 61220. [Yann Ylavic]