← Back to branch summary

~ubuntu-branches/ubuntu/saucy/apr-util/saucy-proposed

~ubuntu-branches/ubuntu/saucy/apr-util/saucy-proposed

« back to all changes in this revision

Viewing changes to CHANGES

Committer: Bazaar Package Importer
Author(s): Stefan Fritsch
Date: 2009-07-25 20:08:37 UTC
mfrom: (1.2.1 upstream)
Revision ID: james.westby@ubuntu.com-20090725200837-ek378576pnuzhgza

Tags: 1.3.8+dfsg-1

http://bugs.debian.org/536466

* New upstream version.
* Add two CVE ids to 1.3.7+dfsg-1 changelog entry.
* Bump standards version (no changes).
* Make libaprutil1-dbd-sqlite3 the default dbd driver, to reduce the size
of dependencies pulled in by apache2.2-bin by default (closes: #536466)

Show diffs side-by-side

added added

removed removed

1

1

-*- coding: utf-8 -*-

2

Changes with APR-util 1.3.8

3

4

*) Use locally scoped variables in PostgreSQL driver to avoid stomping

5

on return codes. PR 47431

6

[Wayne Jensen <wayne_jensen trendmicro.com>]

7

8

*) Fix race conditions in initialisation of DBD, DBM and DSO.

9

[Bojan Smojver]

10

11

*) Expose DBM libs in apu-1-config by default. To avoid that, use

12

apu-1-config --avoid-dbm --libs. To get just DBM libs, use

13

apu-1-config --dbm-libs.

14

[Bojan Smojver]

15

16

*) Make sure --without-ldap works.

17

[Arfrever Frehtes Taifersar Arahesis <arfrever.fta gmail.com>]

18

2

19

Changes with APR-util 1.3.7

3

20

4

*) SECURITY:

21

*) SECURITY: CVE-2009-1955 (cve.mitre.org)

5

22

Fix a denial of service attack against the apr_xml_* interface

6

23

using the "billion laughs" entity expansion technique.

7

24

[Joe Orton]

16

33

Fix underflow in apr_strmatch_precompile.

17

34

[Matthew Palmer <mpalmer debian.org>]

18

35

19

*) Fix off by one overflow in apr_brigade_vprintf.

36

*) SECURITY: CVE-2009-1956 (cve.mitre.org)

37

Fix off by one overflow in apr_brigade_vprintf.

20

38

[C. Michael Pilato <cmpilato collab.net>]

21

39

22

40

*) APR_LDAP_SIZELIMIT should prefer LDAP_DEFAULT_LIMIT/-1 when the

Older »