From ea12f346387c87887483cfc2022383dd86582132 Mon Sep 17 00:00:00 2001
From: Kalle Olavi Niemitalo <kon@iki.fi>
Date: Mon, 5 Nov 2007 01:14:47 +0200
Subject: [PATCH] NEWS: Bug 937 is CVE-2007-5034.

---
 NEWS | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index f1ec309b..a91aa404 100644
--- a/NEWS
+++ b/NEWS
@@ -72,8 +72,8 @@ Released on 2007-04-15.
 * major Gentoo bug 121247: fix segfaults in Ruby user scripting
 * major bug 908: don't write to freed memory when the user pushes a
   radio button
-* major bug 937: don't send the entire HTTPS request to a CONNECT
-  proxy
+* major bug 937, CVE-2007-5034: don't send the entire HTTPS request to
+  a CONNECT proxy
 * bug 899, Debian bug 403139: recognize >2GB files in FTP directory
   listing, if off_t is large enough
 * bug 942: encode/decode file names in FTP URLs, so they can contain