From 51067c23dddc43f2d0d6af03ee7b3bcda283b993 Mon Sep 17 00:00:00 2001
From: brenosilva <brenosilva@9017d574-64ec-4062-9424-5e00b32a252b>
Date: Thu, 14 Jun 2012 13:54:05 +0000
Subject: [PATCH] update CHANGES

---
 CHANGES | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/CHANGES b/CHANGES
index e9239d56..a181be40 100644
--- a/CHANGES
+++ b/CHANGES
@@ -91,9 +91,8 @@
 
  * Added build system support for KfreeBSD and HURD.
 
- * In 2009, Stefan Esser published an evasion technique that relies on the use of single quotes and PHP.
-   The trick was treating a request parameter as a file. A patch was applied into ModSecurity 2.5.11 by Brian Rectanus.
-   Ivan Ristic reported that the patch was imcomplete. We added extra checks for this evasion.
+ * Fixed a multipart bypass issue related to quote parsing
+   Credits to  Qualys Vulnerability & Malware Research Labs (VMRL).
 
 20 Mar 2012 - 2.6.5
 -------------------