Added information related to CVE-2016-3092. git-svn-id: https://svn.apache.org/repos/asf/commons/proper/fileupload/trunk@1749636 13f79535-47bb-0310-9956-ffa450edef68

commit: a092f186f4fe482517858f1fc954cf787c88703d [log] [tgz]
author: Jochen Wiedmann <jochen@apache.org> Wed Jun 22 06:33:47 2016 +0000
committer: Jochen Wiedmann <jochen@apache.org> Wed Jun 22 06:33:47 2016 +0000
tree: c1fb350b537e15c93d7368b0e596bb43940329a3
parent: aa9061772aed18572588f8b907861c0d0bd653c5 [diff]
diff --git a/src/changes/changes.xml b/src/changes/changes.xml
index 7c51c16..e9afa1b 100644
--- a/src/changes/changes.xml
+++ b/src/changes/changes.xml

@@ -65,6 +65,15 @@
       </action>
     </release>
 
+    <release version="1.3.2" description=
+"This is a security and maintenance release that includes an important security 
+fix as well. Compared to 1.3.1, no other changes have been made." date="2014-02-07">
+	  <action dev="jochen" type="fix">
+	    SECURITY - CVE-2016-3092. Specially crafted input can trigger a DoS, if the
+	    size of the MIME boundard is close to the size of the buffer in MultipartStream.
+	    (Similar to CVE-2014-0050.)
+	  </action>
+    </release>
     <release version="1.3.1" description=
 "This is a security and maintenance release that includes an important security 
 fix as well as a small number of bugfixes." date="2014-02-07">
commit	a092f186f4fe482517858f1fc954cf787c88703d	[log] [tgz]
author	Jochen Wiedmann <jochen@apache.org>	Wed Jun 22 06:33:47 2016 +0000
committer	Jochen Wiedmann <jochen@apache.org>	Wed Jun 22 06:33:47 2016 +0000
tree	c1fb350b537e15c93d7368b0e596bb43940329a3
parent	aa9061772aed18572588f8b907861c0d0bd653c5 [diff]