Ubuntu
apr-util package

lp:ubuntu/hardy-updates/apr-util

Hardy (8.04)
hardy-updates

Created by James Westby on 2011-01-17 and last modified on 2011-01-17

Get this branch:: bzr branch lp:ubuntu/hardy-updates/apr-util

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

12. By Marc Deslauriers on 2010-11-18: * SECURITY UPDATE: denial of service via memory leak in
  apr_brigade_split_line function.
  - debian/patches/021_CVE-2010-1623.dpatch: properly destroy bucket in
    buckets/apr_brigade.c.
  - CVE-2010-1623
11. By Jamie Strandboge on 2009-08-07: * SECURITY UPDATE: fix integer overflow in libaprutil
  - debian/patches/020_CVE-2009-2412.patch: adjust apr_rmm_malloc,
    apr_rmm_calloc, apr_rmm_realloc to check for overflow after aligning
    size
  - http://www.apache.org/dist/apr/patches/apr-util-1.x-CVE-2009-2412.patch
  - CVE-2009-2412
10. By Jamie Strandboge on 2009-06-09: * SECURITY UPDATE: Fix underflow in apr_strmatch_precompile
  - debian/patches/017_CVE-2009-0023.dpatch: adjust strmatch/apr_strmatch.c
    to properly evaluate strings as unsigned char rather than int
  - CVE-2009-0023
* SECURITY UPDATE: Prevent "billion laughs" attack against expat
  - debian/patches/018_CVE-2009-1955.dpatch: adjust xml/apr_xml.c to disable
    internal entity expansion. Also add test case to the internal test
    suite
  - CVE-2009-1955
* SECURITY UPDATE: Fix off by one overflow in apr_brigade_vprintf
  - debian/patches/019_CVE-2009-1956.dpatch: don't add null terminator to
    vd.vbuff.curpos in buckets/apr_brigade.c
  - CVE-2009-1956
9. By Stefan Fritsch on 2008-02-29: * Fix integer overflow in apr_brigade_partition on 32bit systems. Urgency
  medium because this made apache segfault when resuming a file larger than
  4GB.
* Point VCS tags in debian control to trunk, to make them useful with
  debcheckout.
8. By Steve Langasek on 2008-01-23: No-change rebuild against libldap-2.4-2.
7. By Stefan Fritsch on 2008-01-12: * Build-Depend on libdb4.6-dev instead of libdb-dev >= 4.6, as the latter
causes problems with sbuild.
* Change server in watch file since www.eu.apache.org is unreliable.
6. By Martin Pitt on 2008-01-02: * debian/control: libdb 4.4 -> 4.6. (Debian #422465)
* Modify Maintainer value to match the DebianMaintainerField
specification.
5. By Martin Pitt on 2007-01-09: No-change upload for the libpq4->libpq5 transition.
4. By Tollef Fog Heen <email address hidden> on 2006-08-18: Fix stupid code duplication in apr_md[45].c resulting from C&P.
Thanks to Peter Samuelson for notifying me. This makes md[45] work
correctly.
3. By Tollef Fog Heen <email address hidden> on 2006-05-01: * Fix override disparity.
* Compile without gdbm.
* Get rid of all the evil libtool hacks and adjust build-depends
accordingly.
* Remove --includedir parameter and adjust config.layout instead. This
works around damage in newer autoconfs.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/natty/apr-util

This branch contains Public information

Everyone can see this information.

Subscribers

Ubuntu branches

Ubuntuapr-util package