From 861b5e608b1df43099c3e41d797f0ce06608fff6 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Thu, 3 Mar 2005 13:13:21 +0000
Subject: mention buffer overflows fixed

---
 CHANGES | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'CHANGES')

diff --git a/CHANGES b/CHANGES
index 55a4a72db..b00a20208 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,6 +7,14 @@
                                   Changelog
 
 
+Daniel (22 February 2005)
+- NTLM and ftp-krb4 buffer overflow fixed, as reported here:
+  http://www.securityfocus.com/archive/1/391042 and the CAN report here:
+  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0490
+
+  If these security guys were serious, we'd been notified in advance and we
+  could've saved a few of you a little surprise, but now we weren't.
+
 Daniel (19 February 2005)
 - Ralph Mitchell reported a flaw when you used a proxy with auth, and you
   requested data from a host and then followed a redirect to another
-- 
cgit v1.2.3