lp://staging/ubuntu/jaunty-updates/apr-util
- Get this branch:
- bzr branch lp://staging/ubuntu/jaunty-updates/apr-util
Branch merges
Branch information
Recent revisions
- 16. By Jamie Strandboge
-
* SECURITY UPDATE: fix integer overflow in libaprutil
- debian/patches/ 020_CVE- 2009-2412. patch: adjust apr_rmm_malloc,
apr_rmm_calloc, apr_rmm_realloc to check for overflow after aligning
size
- http://www.apache. org/dist/ apr/patches/ apr-util- 1.x-CVE- 2009-2412. patch
- CVE-2009-2412 - 15. By Jamie Strandboge
-
* SECURITY UPDATE: Fix underflow in apr_strmatch_
precompile
- debian/patches/ 017_CVE- 2009-0023. dpatch: adjust strmatch/ apr_strmatch. c
to properly evaluate strings as unsigned char rather than int
- CVE-2009-0023
* SECURITY UPDATE: Prevent "billion laughs" attack against expat
- debian/patches/ 018_CVE- 2009-1955. dpatch: adjust xml/apr_xml.c to disable
internal entity expansion. Also add test case to the internal test
suite
- CVE-2009-1955
* SECURITY UPDATE: Fix off by one overflow in apr_brigade_vprintf
- debian/patches/ 019_CVE- 2009-1956. dpatch: don't add null terminator to
vd.vbuff.curpos in buckets/apr_brigade. c
- CVE-2009-1956 - 14. By Stefan Fritsch
-
[ Ryan Niebur ]
* Upgraded to policy version 3.8.0
- Reference the copyright in common-licenses instead of including it
- support for noopt in DEB_BUILD_OPTIONS
- Added a README.source
- added support for parallel in DEB_BUILD_OPTIONS
* Dropped the XS- prefix for the Vcs fields in debian/control
* Made the watch file notice 1.3.x[ Stefan Fritsch ]
* Bump libmysqlclient dependency to 5.0.51a since 5.0.32 from etch has some
bugs that can make apache2 hang (closes: #490859).
* Add 'Provides' for the modules that are still included in libaprutil1, but
will be moved to separate packages with apr-util 1.3.x. This will make
back-porting packages from lenny+1 to lenny easier. - 12. By Stefan Fritsch
-
Make libaprutil1-dev depend on libmysqlclient1
5-dev. Libtool needs it for
linking (really closes: #482270). - 11. By Stefan Fritsch
-
Don't output "-lmysqlclient_r" in "apu-config --ldflags". It is enough if
libaprutil links to mysql, applications don't need to do it, too.
(Closes: #482270) - 10. By Stefan Fritsch
-
* Activate mysql support (closes: #395959). This is made possible by php5
now linking against the threadsafe version of libmysqlclient. Therefore
add a conflict with older versions of php5-mysql and with php4-mysql.
* Rebuild against apr with hardening options: CFLAGS are taken from apr, set
LDFLAGS=-Wl,-z, relro explicitly.
* Conflict with apache2 << 2.2.8-1, which used an older version of libldap
and now segfaults with current libaprutil1+libldap.
* Remove Thom May, Fabio M. Di Nitto, Daniel Stone, and Adam Conrad from the
uploaders field (thanks for your work). - 9. By Stefan Fritsch
-
* Fix integer overflow in apr_brigade_
partition on 32bit systems. Urgency
medium because this made apache segfault when resuming a file larger than
4GB.
* Point VCS tags in debian control to trunk, to make them useful with
debcheckout. - 7. By Stefan Fritsch
-
* Build-Depend on libdb4.6-dev instead of libdb-dev >= 4.6, as the latter
causes problems with sbuild.
* Change server in watch file since www.eu.apache.org is unreliable.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp://staging/ubuntu/natty/apr-util