Viewing all changes in revision 14.
- Committer: Bazaar Package Importer
- Date: 2009-06-10 22:01:23 UTC
- Revision ID: james.westby@ubuntu.com-20090610220123-v48896k90jy4q1jk
* SECURITY UPDATE: Fix underflow in apr_strmatch_precompile
- debian/patches/110_CVE-2009-0023.dpatch: adjust
srclib/apr-util/strmatch/apr_strmatch.c to properly evaluate strings as
unsigned char rather than int
- CVE-2009-0023
* SECURITY UPDATE: Prevent "billion laughs" attack against expat
- debian/patches/111_CVE-2009-1955.dpatch: adjust
srclib/apr-util/xml/apr_xml.c to disable internal entity expansion
- CVE-2009-1955
* SECURITY UPDATE: Fix off by one overflow in apr_brigade_vprintf
- debian/patches/112_CVE-2009-1956.dpatch: don't add null terminator to
vd.vbuff.curpos in srclib/apr-util/buckets/apr_brigade.c
- CVE-2009-1956
- debian/patches/110_CVE-2009-0023.dpatch: adjust
srclib/apr-util/strmatch/apr_strmatch.c to properly evaluate strings as
unsigned char rather than int
- CVE-2009-0023
* SECURITY UPDATE: Prevent "billion laughs" attack against expat
- debian/patches/111_CVE-2009-1955.dpatch: adjust
srclib/apr-util/xml/apr_xml.c to disable internal entity expansion
- CVE-2009-1955
* SECURITY UPDATE: Fix off by one overflow in apr_brigade_vprintf
- debian/patches/112_CVE-2009-1956.dpatch: don't add null terminator to
vd.vbuff.curpos in srclib/apr-util/buckets/apr_brigade.c
- CVE-2009-1956
expand all
collapse all
added
removed
