summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Lehnardt <jan@apache.org>2010-03-31 19:29:32 +0000
committerJan Lehnardt <jan@apache.org>2010-03-31 19:29:32 +0000
commita355c4f2652bbab2ed3993e4ab1f88588850356c (patch)
treef17ada8f3754f641218e395f6b1f69ef1ff8a9d6
parent8b3d9453dfb1c8e81c499281c7151c75ab5b7939 (diff)
add CVE 2010-0009 to CHANGES and NEWS
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@929675 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r--CHANGES1
-rw-r--r--NEWS1
2 files changed, 2 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 291a0f0e..0f8af030 100644
--- a/CHANGES
+++ b/CHANGES
@@ -11,6 +11,7 @@ Version 0.11.0
Security:
+ * Fixed CVE-2010-0009: Apache CouchDB Timing Attack Vulnerability.
* Added default cookie-authentication and users database.
* Added Futon user interface for user signup and login.
* Added per-database reader access control lists.
diff --git a/NEWS b/NEWS
index 8e369909..14934a1d 100644
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,7 @@ Version 0.11.0
This version is a feature-freeze release candidate for Apache CouchDB 1.0.
+ * Fixed CVE-2010-0009: Apache CouchDB Timing Attack Vulnerability.
* Added support for building a Windows installer as part of 'make dist'.
* Added optional 'raw' binary collation for faster view builds where Unicode
collation is not important.