Path to this page:
Subject: CVS commit: [pkgsrc-2010Q2] pkgsrc/devel/apr-util
From: S.P.Zeidler
Date: 2010-10-15 09:06:49
Message id: 20101015070649.C2C5D175DD@cvs.netbsd.org
Log Message:
Pullup ticket 3243 - requested by tron
security update
Revisions pulled up:
- pkgsrc/devel/apr-util/Makefile 1.17
- pkgsrc/devel/apr-util/distinfo 1.9
- pkgsrc/devel/apr-util/patches/patch-aa 1.3
Files removed:
- pkgsrc/devel/apr-util/patches/patch-ab
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: tron
Date: Wed Oct 13 19:21:16 UTC 2010
Modified Files:
pkgsrc/devel/apr-util: Makefile distinfo
pkgsrc/devel/apr-util/patches: patch-aa
Removed Files:
pkgsrc/devel/apr-util/patches: patch-ab
Log Message:
Update "apr-util" package to version 1.3.10. Changes since 1.3.9:
- SECURITY: CVE-2010-1623 (cve.mitre.org)
Fix a denial of service attack against apr_brigade_split_line().
[Stefan Fritsch]
- SECURITY: CVE-2009-3560, CVE-2009-3720 (cve.mitre.org)
Fix two buffer over-read flaws in the bundled copy of expat which
could cause applications to crash while parsing specially-crafted
XML documents. [Joe Orton]
- Upgrade bundled copy of expat library to 1.95.7. [Joe Orton]
- apr_thread_pool: Fix some potential deadlock situations. Bug 49709.
[Joe Mudd <Joe.Mudd sas.com>]
- apr_thread_pool_create: Fix pool corruption caused by multithreaded
use of the pool when multiple initial threads are created. Bug 47843.
[Alex Korobka <akorobka fxcm.com>]
- apr_thread_pool_create(): Only set the output thread pool handle on
success. [Paul Querna]
- DBD ODBC support: Fix memory corruption using apr_dbd_datum_get() with
several different data types, including APR_DBD_TYPE_TIME. Bug 49645.
[<kappa psilambda.com>]
- Add support for Berkeley DB 4.8 and 5.0. Bug 49866, Bug 49179.
[Bernhard Rosenkraenzer <br blankpage.ch>,
Arfrever Frehtes Taifersar Arahesis <arfrever.fta gmail.com>]
- Make bundled expat compatible with libtool 2.x. Bug 49053.
[Rainer Jung]
- Prefer libtool 1.x when searching for libtool in
bundled expat release process. [Rainer Jung, Jim Jagielski]
- Improve platform detection for bundled expat by updating
config.guess and config.sub. [Rainer Jung]
Patch supplied by Mihai Chelaru, approved by Alistair Crooks.
To generate a diff of this commit:
cvs rdiff -u -r1.16 -r1.17 pkgsrc/devel/apr-util/Makefile
cvs rdiff -u -r1.8 -r1.9 pkgsrc/devel/apr-util/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/devel/apr-util/patches/patch-aa
cvs rdiff -u -r1.2 -r0 pkgsrc/devel/apr-util/patches/patch-ab
Files: