Reflect user-visible behavior change

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1167156 13f79535-47bb-0310-9956-ffa450edef68
author: William A. Rowe Jr <wrowe@apache.org> 2011-09-09 15:29:18 +0200
committer: William A. Rowe Jr <wrowe@apache.org> 2011-09-09 15:29:18 +0200
commit: 4de9afa583d52728e15a99aaf9b3e7e5c74740b3 (patch)
tree: 720d5bd62864542bced20988e31156753d95294d /CHANGES
parent: Non-releases don't have user-visible regressions; now a contributor to the fix (diff)
download: apache2-4de9afa583d52728e15a99aaf9b3e7e5c74740b3.tar.xz
apache2-4de9afa583d52728e15a99aaf9b3e7e5c74740b3.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/CHANGES b/CHANGES
index 5c5d06a7e2..646304d80f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
-                                                         -*- coding: utf-8 -*-
+                                                         -*- coding: utf-8 -*-
 Changes with Apache 2.3.15
 
+  *) SECURITY: CVE-2011-3348 (cve.mitre.org)
+     mod_proxy_ajp: Respond with HTTP_NOT_IMPLEMENTED when the method is not
+     recognized.  [Jean-Frederic Clere]
+
   *) SECURITY: CVE-2011-3192 (cve.mitre.org)
      core: Fix handling of byte-range requests to use less memory, to avoid
      denial of service. If the sum of all ranges in a request is larger than
author	William A. Rowe Jr <wrowe@apache.org>	2011-09-09 15:29:18 +0200
committer	William A. Rowe Jr <wrowe@apache.org>	2011-09-09 15:29:18 +0200
commit	4de9afa583d52728e15a99aaf9b3e7e5c74740b3 (patch)
tree	720d5bd62864542bced20988e31156753d95294d /CHANGES
parent	Non-releases don't have user-visible regressions; now a contributor to the fix (diff)
download	apache2-4de9afa583d52728e15a99aaf9b3e7e5c74740b3.tar.xz apache2-4de9afa583d52728e15a99aaf9b3e7e5c74740b3.zip