Merge apr from Debian unstable for 22.04
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apr (Ubuntu) |
Fix Released
|
Undecided
|
Bryce Harrington | ||
Bug Description
Upstream: 1.7.0
Debian: 1.7.0-8
Ubuntu: 1.7.0-6ubuntu1
### New Debian Changes ###
apr (1.7.0-8) unstable; urgency=medium
* Team upload
[ Salvatore Bonaccorso ]
* build/apr_
(Closes: #978767)
-- Yadd <email address hidden> Tue, 24 Aug 2021 10:54:34 +0200
apr (1.7.0-7) unstable; urgency=medium
* Team upload
[ Helmut Grohne ]
* Annotate test dependencies netbase and net-tools <!nocheck>.
Closes: #981738
[ Salvatore Bonaccorso ]
* Out-of-bounds array dereference in apr_time_exp*() functions
(CVE-
-- Yadd <email address hidden> Tue, 24 Aug 2021 08:59:10 +0200
apr (1.7.0-6) unstable; urgency=medium
[ John Paul Adrian Glaubitz ]
* Fix atomics for m68k, sh3 and sh4. Closes: #978018
-- Stefan Fritsch <email address hidden> Sun, 27 Dec 2020 17:28:47 +0100
apr (1.7.0-4) unstable; urgency=low
[ Debian Janitor ]
* Trim trailing whitespace.
* Transition to automatic debug package (from: libapr1-dbg).
* Use secure URI in Homepage field.
* Bump debhelper from old 11 to 12.
* Set debhelper-compat version in Build-Depends.
[ Stefan Fritsch ]
* Fix apr libtool on unmerged /usr. Thanks to Vagrant Cascadian for
the patch. Closes: #916829
* Bump Standards-Version (no changes).
-- Stefan Fritsch <email address hidden> Sat, 21 Nov 2020 21:06:09 +0100
apr (1.7.0-3) unstable; urgency=medium
* Bump Standards-Version (no changes).
* Fixes for 64bit atomics work-around:
- call the required initialization
- don't use on mips64el
- use on powerpc
-- Stefan Fritsch <email address hidden> Sun, 30 Aug 2020 21:15:21 +0200
apr (1.7.0-2) unstable; urgency=medium
* Use generic 64bit atomics on mipsel as gcc lacks the 64bit built-ins.
Fixes FTBFS on mipsel.
-- Stefan Fritsch <email address hidden> Sat, 29 Aug 2020 18:13:56 +0200
apr (1.7.0-1) unstable; urgency=medium
* New upstream release.
The minimal required linux kernel version is now 3.17.
* Switch build-depends to python3. Closes: #936128, #969065
Make apr1-dev depend on python3, so that apr-util does not have to.
See #936129
-- Stefan Fritsch <email address hidden> Sat, 29 Aug 2020 11:42:28 +0200
apr (1.6.5-1) unstable; urgency=medium
* New upstream release
* Bump Standards-Version (no changes).
-- Stefan Fritsch <email address hidden> Mon, 19 Nov 2018 13:28:03 +0100
apr (1.6.3-3) unstable; urgency=medium
* Backport fix for undefined behavior in teststr from upstream 1.7.
Fixes FTBFS with gcc 8. Closes: #897705
* Migrate from alioth to salsa
-- Stefan Fritsch <email address hidden> Tue, 17 Jul 2018 21:17:00 +0200
apr (1.6.3-2) unstable; urgency=medium
* Avoid empty build target, fixes FTBFS. Thanks to Niels Thykier for the
patch. Closes: #888593
* Drop deprecated autotools-dev sequence. Thanks to Niels Thykier for the
patch.
* Switch to debhelper compat level 11 and use dh_autoreconf.
* Include NOTICE file in packages, as required by license.
* Bump Standards-Version (no changes).
-- Stefan Fritsch <email address hidden> Sun, 25 Feb 2018 16:35:41 +0100
### Old Ubuntu Delta ###
apr (1.7.0-6ubuntu1) impish; urgency=medium
* SECURITY UPDATE: Out-of-bounds array ready
- debian/
months bounds in time/win32/time.c, time/unix/time.c.
- CVE-2021-35940
-- Leonidas Da Silva Barbosa <email address hidden> Fri, 27 Aug 2021 11:35:08 -0300
CVE References
| Changed in apr (Ubuntu): | |
| assignee: | nobody → Bryce Harrington (bryce) |
| description: | updated |
| Changed in apr (Ubuntu): | |
| milestone: | none → ubuntu-21.11 |
| description: | updated |
| Changed in apr (Ubuntu): | |
| milestone: | ubuntu-21.11 → ubuntu-21.12 |
| Bryce Harrington (bryce) wrote | #1 |
| Changed in apr (Ubuntu): | |
| status: | New → In Progress |
| status: | In Progress → Fix Released |
| Bryce Harrington (bryce) wrote | #2 |
The only ubuntu delta here is a CVE which is now included with 1.7.0-7