- CVE references

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@1777 152afb58-edef-0310-8abb-c4023f1b3aa9
2007-04-17 05:56:22 +00:00 · 2007-04-17 05:56:22 +00:00 · 0f8836c082
parent 2fcc885f3a
commit 0f8836c082
1 changed files with 2 additions and 2 deletions
--- a/4
+++ b/4
@ -19,7 +19,7 @@ NEWS
  * fix http 500 errors (colin.stephen/at/o2.com) #1041 [1663]
  * prevent wrong pidfile unlinking on graceful restart (Chris Webb) [1656]
  * ignore empty packets from STDERR stream. #998
-  * fix a crash for files with an mtime of 0 reported by cubiq on irc [1519]
+  * fix a crash for files with an mtime of 0 reported by cubiq on irc [1519] CVE-2007-1870
    CVE-2007-1870
  * allow empty passwords with ldap (Jörg Sonnenberger) [1516]
  * mod_scgi.c segfault fix #964 [1501]
@ -55,7 +55,7 @@ NEWS
  * added apr1 support htpasswd in mod-auth (#870)
  * added lighty.stat() to mod_magnet
  * fixed segfault in splitted CRLF CRLF sequences 
-    (introduced in 1.4.12) (#876)
+    (introduced in 1.4.12) (#876) CVE-2007-1869
  * fixed compilation of LOCK support in mod-webdav
  * fixed fragments in request-URLs (#869)
  * fixed pkg-config check for lua5.1 on debian