diff --git a/CHANGES b/CHANGES
index 19855158..a366b30e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,10 @@
 05 Mar 2009 - 2.5.9
 -------------------
 
+ * Fixed parsing multipart content with a missing part header name which
+   would crash Apache.  Discovered by "Internet Security Auditors"
+   (isecauditors.com).
+
  * Added ability to specify the config script directly using --with-apr
    and --with-apu.
 
diff --git a/doc/modsecurity2-apache-reference.xml b/doc/modsecurity2-apache-reference.xml
index e69c7a60..4bd61ccf 100644
--- a/doc/modsecurity2-apache-reference.xml
+++ b/doc/modsecurity2-apache-reference.xml
@@ -5927,15 +5927,6 @@ SecRule REQUEST_METHOD "!<emphasis>@within %{tx.allowed_methods}</emphasis>" t:l
       being persisted. This keeps counter data consistent even if the counter
       was modified and persisted by another thread/process during the
       transaction.</para>
-
-      <para>Please note that ModSecurity does not implement atomic updates of
-      persistent variables at this time. Variables are read from storage
-      whenever <literal>initcol</literal> is encountered in the rules and
-      persisted at the end of request processing. On busy servers requests
-      often run in parallel, leading to situations where one request
-      overwrites the changes made by another request. We anticipate
-      implementing atomic updates of counter values in a future
-      version.</para>
     </note>
 
     <note>