inadvertent -- thanks for the catch. On Wed, Apr 15, 2015 at 2:54 PM, Rainer Jung <rainer.j...@kippdata.de> wrote: > Am 15.04.2015 um 21:49 schrieb cove...@apache.org: >> >> Author: covener >> Date: Wed Apr 15 19:49:31 2015 >> New Revision: 1673940 >> >> URL: http://svn.apache.org/r1673940 >> Log: >> Merge r1666297 from trunk: >> >> ssl_util: Fix possible crash (free => OPENSSL_free) and error path leaks >> when >> checking the server certificate constraints (SSL_X509_getBC()). >> >> >> Modified: >> httpd/httpd/branches/2.4.x/ (props changed) >> httpd/httpd/branches/2.4.x/CHANGES >> httpd/httpd/branches/2.4.x/STATUS >> httpd/httpd/branches/2.4.x/modules/ssl/ssl_util_ssl.c >> > >> Modified: httpd/httpd/branches/2.4.x/CHANGES >> URL: >> http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/CHANGES?rev=1673940&r1=1673939&r2=1673940&view=diff >> >> ============================================================================== >> --- httpd/httpd/branches/2.4.x/CHANGES [utf-8] (original) >> +++ httpd/httpd/branches/2.4.x/CHANGES [utf-8] Wed Apr 15 19:49:31 2015 >> @@ -12,6 +12,13 @@ Changes with Apache 2.4.13 >> calls r:wsupgrade() can cause a child process crash. >> [Edward Lu <Chaosed0 gmail.com>] >> >> + *) mod_ssl: Fix possible crash when loading server certificate >> constraints. >> + PR 57694. [Paul Spangler <paul.spangler ni com>, Yann Ylavic] >> + >> + *) core, modules: Avoid error response/document handling by the core if >> some >> + handler or input filter already did it while reading the request >> (causing >> + a double response body). [Yann Ylavic] >> + >> *) build: Don't load mod_cgi and mod_cgid in the default configuration >> if they're both built. [olli hauer <ohauer gmx.de>] > > > Is the second (core) entry intentional or a merge error? > > Regards, > > Rainer
-- Eric Covener cove...@gmail.com
