note CVE-2016-4979 in changelog

author: Stefan Fritsch <sf@sfritsch.de> 2016-07-05 23:44:33 +0200
committer: Stefan Fritsch <sf@sfritsch.de> 2016-07-05 23:57:07 +0200
commit: f93c9fe4244d5d9df67d4e8cc3c2524b677e06a0 (patch)
tree: a4974f8f79f8960fae41a935d920845f99c65a07
parent: d9bc500cb4cac0378c5c3d2c4e41405f918f201f (diff)
download: apache2-f93c9fe4244d5d9df67d4e8cc3c2524b677e06a0.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog
index ff446274..6657c1d3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,9 @@
-apache2 (2.4.20-3) UNRELEASED; urgency=low
+apache2 (2.4.23-1) UNRELEASED; urgency=high
 
+  * New upstream release
+    - Security: CVE-2016-4979: Fix bypass of TLS client certificate
+      verification in mod_http2.
+    - new modules mod_proxy_http2 (experimental) and mod_proxy_hcheck
   * Re-introduce mod_imagemap and mod_cern_meta. Closes: #786657
   * Set SHELL=/bin/bash during configure to get reproducible builds regardless
     of where /bin/sh points to.
author	Stefan Fritsch <sf@sfritsch.de>	2016-07-05 23:44:33 +0200
committer	Stefan Fritsch <sf@sfritsch.de>	2016-07-05 23:57:07 +0200
commit	f93c9fe4244d5d9df67d4e8cc3c2524b677e06a0 (patch)
tree	a4974f8f79f8960fae41a935d920845f99c65a07
parent	d9bc500cb4cac0378c5c3d2c4e41405f918f201f (diff)
download	apache2-f93c9fe4244d5d9df67d4e8cc3c2524b677e06a0.tar.gz