From fc1f8ad57ef746d7af2f88ed1739be3f14891dd1 Mon Sep 17 00:00:00 2001
From: james <james@e7ae566f-a301-0410-adde-c780ea21d3b5>
Date: Wed, 12 Apr 2006 09:25:14 +0000
Subject: [PATCH] Added credit and CVE number to security vulnerability fix in
 2.0.6.

git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@1001 e7ae566f-a301-0410-adde-c780ea21d3b5
---
 ChangeLog | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index aca3c3f1..585a9034 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -19,7 +19,8 @@ $Id$
   the attacker, and (e) the attacker has at least some level of
   pre-existing control over files on the client (this might be
   accomplished by having the server respond to a client web request
-  with a specially crafted file).
+  with a specially crafted file).  Credit: Hendrik Weimer.
+  CVE-2006-1629.
 
   The fix is to disallow "setenv" to be pushed to clients from
   the server, and to add a new directive "setenv-safe" which is