[apache2] 04/05: note CVE-2016-4979 in changelog
Stefan Fritsch
sf at moszumanska.debian.org
Tue Jul 5 22:04:03 UTC 2016
This is an automated email from the git hooks/post-receive script.
sf pushed a commit to branch master
in repository apache2.
commit f93c9fe4244d5d9df67d4e8cc3c2524b677e06a0
Author: Stefan Fritsch <sf at sfritsch.de>
Date: Tue Jul 5 23:44:33 2016 +0200
note CVE-2016-4979 in changelog
---
debian/changelog | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/debian/changelog b/debian/changelog
index ff44627..6657c1d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,9 @@
-apache2 (2.4.20-3) UNRELEASED; urgency=low
+apache2 (2.4.23-1) UNRELEASED; urgency=high
+ * New upstream release
+ - Security: CVE-2016-4979: Fix bypass of TLS client certificate
+ verification in mod_http2.
+ - new modules mod_proxy_http2 (experimental) and mod_proxy_hcheck
* Re-introduce mod_imagemap and mod_cern_meta. Closes: #786657
* Set SHELL=/bin/bash during configure to get reproducible builds regardless
of where /bin/sh points to.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-apache/apache2.git
More information about the Pkg-apache-commits
mailing list