[Pkg-apache-commits] r987 - in /trunk/apr-util: changelog control patches/011_avoid_ldap_by_defaut.dpatch

sf at alioth.debian.org sf at alioth.debian.org
Sat Jul 25 18:00:41 UTC 2009 

Author: sf
Date: Sat Jul 25 18:00:36 2009
New Revision: 987

URL: http://svn.debian.org/wsvn/pkg-apache/?sc=1&rev=987
Log:
new upstream

Modified:
    trunk/apr-util/changelog
    trunk/apr-util/control
    trunk/apr-util/patches/011_avoid_ldap_by_defaut.dpatch

Modified: trunk/apr-util/changelog
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apr-util/changelog?rev=987&op=diff
==============================================================================
--- trunk/apr-util/changelog (original)
+++ trunk/apr-util/changelog Sat Jul 25 18:00:36 2009
@@ -1,10 +1,19 @@
+apr-util (1.3.8+dfsg-1) UNRELEASED; urgency=low
+
+  * New upstream version.
+  * Add two CVE ids to 1.3.7+dfsg-1 changelog entry.
+  * Bump standards version (no changes).
+
+ -- Stefan Fritsch <sf at debian.org>  Sat, 25 Jul 2009 00:17:04 +0200
+
 apr-util (1.3.7+dfsg-1) unstable; urgency=high
 
   * New upstream version:
     - CVE-2009-0023: Fix underflow in apr_strmatch_precompile() which causes
       remotely exploitable DoS vulnerabilities in mod_dav_svn and libapreq2.
-    - Fix DoS vulnerability (memory consumption) in handling of internal xml
-      entities.
+    - CVE-2009-1955: Fix DoS vulnerability (memory consumption) in handling of
+      internal xml entities.
+    - CVE-2009-1956: Fix off by one overflow in apr_brigade_vprintf.
   * Disable test suite on hurd for now (closes: #530287).
   * Override lintian warning about soname.
 

Modified: trunk/apr-util/control
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apr-util/control?rev=987&op=diff
==============================================================================
--- trunk/apr-util/control (original)
+++ trunk/apr-util/control Sat Jul 25 18:00:36 2009
@@ -4,7 +4,7 @@
 Maintainer: Debian Apache Maintainers <debian-apache at lists.debian.org>
 Uploaders: Tollef Fog Heen <tfheen at debian.org>, Stefan Fritsch <sf at debian.org>, Ryan Niebur <ryanryan52 at gmail.com>
 Build-Depends: debhelper (>> 6.0.7~), autoconf, autotools-dev, mawk, libldap2-dev, libexpat1-dev, libdb4.7-dev, libpcre3-dev, dpatch (>= 1.11), binutils (>= 2.14.90.0.7), libapr1-dev (>= 1.3.2), libsqlite3-dev, libpq-dev, python, libmysqlclient15-dev, freetds-dev, unixodbc-dev
-Standards-Version: 3.8.1
+Standards-Version: 3.8.2
 Vcs-Browser: http://svn.debian.org/wsvn/pkg-apache/trunk/apr-util
 Vcs-svn: svn://svn.debian.org/pkg-apache/trunk/apr-util
 Homepage: http://apr.apache.org/

Modified: trunk/apr-util/patches/011_avoid_ldap_by_defaut.dpatch
URL: http://svn.debian.org/wsvn/pkg-apache/trunk/apr-util/patches/011_avoid_ldap_by_defaut.dpatch?rev=987&op=diff
==============================================================================
--- trunk/apr-util/patches/011_avoid_ldap_by_defaut.dpatch (original)
+++ trunk/apr-util/patches/011_avoid_ldap_by_defaut.dpatch Sat Jul 25 18:00:36 2009
@@ -16,9 +16,9 @@
 -LDAP_LIBS="@LDADD_ldap@"
 +ORIG_LDAP_LIBS="@LDADD_ldap@"
 +LDAP_LIBS=""
+ DBM_LIBS="@LDADD_dbm_db@ @LDADD_dbm_gdbm@ @LDADD_dbm_ndbm@"
  
  APRUTIL_LIBNAME="@APRUTIL_LIBNAME@"
- 
 @@ -54,7 +55,7 @@
    --includedir      print location where headers are installed
    --ldflags         print linker flags

More information about the Pkg-apache-commits mailing list