Hi, is the commit message incorrect or the CHANGES file concerning CVE-2015-3183?
The commit message at https://github.com/apache/httpd/commit/cd2b7a26c776b0754fb98426a67804fd48118708 uses CVE-2015-3183 for the "Replacement of ap_some_auth_required", while the CHANGES uses it for "Remove apr_brigade_flatten()" I'm have no idea if that would qualify the CVE to get REJECTED. regards, rainer
