Ubuntu
apr-util package

Change log for apr-util package in Ubuntu

175 of 90 results FirstPreviousLast
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
apr-util (1.6.3-1.1ubuntu7) noble; urgency=medium

  * No-change rebuild against libdb5.3t64

 -- Steve Langasek <email address hidden>  Sat, 06 Apr 2024 01:13:54 +0000
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
apr-util (1.6.3-1.1ubuntu6) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sun, 31 Mar 2024 07:27:29 +0000
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
apr-util (1.6.3-1.1ubuntu5) noble; urgency=medium

  * d/libaprutil1t64.symbols: fix library package name

 -- Zixing Liu <email address hidden>  Sat, 09 Mar 2024 22:04:59 -0700
Superseded in noble-proposed 
apr-util (1.6.3-1.1ubuntu4) noble; urgency=medium

  * Fix build-dep, was accidentally >> instead of >=

 -- Steve Langasek <email address hidden>  Fri, 08 Mar 2024 22:48:53 +0000
Superseded in noble-proposed 
apr-util (1.6.3-1.1ubuntu3) noble; urgency=medium

  * Build-depend on libapr1-dev (>= 1.7.2-3.1build1) for fixed symbols.

 -- Steve Langasek <email address hidden>  Fri, 08 Mar 2024 21:20:56 +0000
Superseded in noble-proposed 
apr-util (1.6.3-1.1ubuntu2) noble; urgency=medium

  * No-change rebuild for consistent binaries

 -- Steve Langasek <email address hidden>  Fri, 08 Mar 2024 07:27:02 +0000
Superseded in noble-proposed 
apr-util (1.6.3-1.1ubuntu1) noble; urgency=medium

  * Merge with Debian; remaining changes:
Superseded in noble-proposed 
apr-util (1.6.3-1ubuntu3) noble; urgency=medium

  * No-change rebuild against libssl3t64

 -- Steve Langasek <email address hidden>  Mon, 04 Mar 2024 17:22:12 +0000

Available diffs

Superseded in noble-proposed 
apr-util (1.6.3-1ubuntu2) noble; urgency=medium

  * No-change rebuild against libdb5.3t64

 -- Steve Langasek <email address hidden>  Sat, 02 Mar 2024 20:30:11 +0000

Available diffs

Published in lunar-updates
Published in lunar-security 
apr-util (1.6.3-1ubuntu1.1) lunar-security; urgency=medium

  * Fix compatibility with MySQL 8.0.34 (LP: #2031548)
    - debian/patches/fix-mysql-8034-compat.patch: don't set
      MYSQL_OPT_RECONNECT as it is deprecated and spews and error message.

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 31 Aug 2023 11:27:43 -0300
Published in jammy-updates
Published in jammy-security 
apr-util (1.6.1-5ubuntu4.22.04.2) jammy-security; urgency=medium

  * Fix compatibility with MySQL 8.0.34 (LP: #2031548)
    - debian/patches/fix-mysql-8034-compat.patch: don't set
      MYSQL_OPT_RECONNECT as it is deprecated and spews and error message.

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 31 Aug 2023 11:24:22 -0300
Published in focal-updates
Published in focal-security 
apr-util (1.6.1-4ubuntu2.2) focal-security; urgency=medium

  * Fix compatibility with MySQL 8.0.34 (LP: #2031548)
    - debian/patches/fix-mysql-8034-compat.patch: don't set
      MYSQL_OPT_RECONNECT as it is deprecated and spews and error message.

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 31 Aug 2023 14:57:06 -0300
Obsolete in kinetic-updates
Obsolete in kinetic-security 
apr-util (1.6.1-5ubuntu4.22.10.1) kinetic-security; urgency=medium

  * SECURITY UPDATE: integer overflow
     - debian/patches/CVE-2022-25147.patch: add assertions to check if
       a buffer length is bigger than a pre-determined value in
       multiple methods in encoding/apr_base64.c.
     - CVE-2022-25147

 -- Rodrigo Figueiredo Zaiden <email address hidden>  Mon, 13 Feb 2023 14:05:09 -0300
Published in bionic-updates
Published in bionic-security 
apr-util (1.6.1-2ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: integer overflow
     - debian/patches/CVE-2022-25147.patch: add assertions to check if
       a buffer length is bigger than a pre-determined value in
       multiple methods in encoding/apr_base64.c.
     - CVE-2022-25147

 -- Rodrigo Figueiredo Zaiden <email address hidden>  Mon, 13 Feb 2023 11:40:15 -0300
Superseded in jammy-updates
Superseded in jammy-security 
apr-util (1.6.1-5ubuntu4.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: integer overflow
     - debian/patches/CVE-2022-25147.patch: add assertions to check if
       a buffer length is bigger than a pre-determined value in
       multiple methods in encoding/apr_base64.c.
     - CVE-2022-25147

 -- Rodrigo Figueiredo Zaiden <email address hidden>  Mon, 13 Feb 2023 12:37:29 -0300
Superseded in focal-updates
Superseded in focal-security 
apr-util (1.6.1-4ubuntu2.1) focal-security; urgency=medium

  * SECURITY UPDATE: integer overflow
     - debian/patches/CVE-2022-25147.patch: add assertions to check if
       a buffer length is bigger than a pre-determined value in
       multiple methods in encoding/apr_base64.c.
     - CVE-2022-25147

 -- Rodrigo Figueiredo Zaiden <email address hidden>  Mon, 13 Feb 2023 11:51:37 -0300
Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Published in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
apr-util (1.6.3-1ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - d/p/mysql8_my_bool.patch: Reintroduce my_bool to fix build with
      MySQL 8. (LP: #1863026)
    - d/p/mysql8-my_init.patch: don't call my_init() since it's not
      exported anymore since MySQL 8.0.2 (LP: #1859773)

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
apr-util (1.6.1-5.2ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - d/p/mysql8_my_bool.patch: Reintroduce my_bool to fix build with
      MySQL 8. (LP: #1863026)
    - d/p/mysql8-my_init.patch: don't call my_init() since it's not
      exported anymore since MySQL 8.0.2 (LP: #1859773)

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
apr-util (1.6.1-5ubuntu5) lunar; urgency=medium

  * No-change rebuild against libldap-2

 -- Steve Langasek <email address hidden>  Thu, 15 Dec 2022 19:42:48 +0000
Superseded in lunar-release
Obsolete in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
apr-util (1.6.1-5ubuntu4) jammy; urgency=medium

  * No-change rebuild for ppc64el baseline bump.

 -- Łukasz 'sil2100' Zemczak <email address hidden>  Wed, 23 Mar 2022 10:40:50 +0100
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
apr-util (1.6.1-5ubuntu3) jammy; urgency=medium

  * No-change rebuild against openssl3

 -- Simon Chopin <email address hidden>  Fri, 03 Dec 2021 14:16:13 +0000

Available diffs

Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
apr-util (1.6.1-5ubuntu2) impish; urgency=medium

  * No-change rebuild due to OpenLDAP soname bump.

 -- Sergio Durigan Junior <email address hidden>  Mon, 21 Jun 2021 17:43:56 -0400

Available diffs

Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
apr-util (1.6.1-5ubuntu1) hirsute; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - d/p/mysql8_my_bool.patch: Reintroduce my_bool to fix build with
      MySQL 8. (LP: #1863026)
    - d/p/mysql8-my_init.patch: don't call my_init() since it's not
      exported anymore since MySQL 8.0.2 (LP: #1859773)

Available diffs

Obsolete in eoan-updates
Deleted in eoan-proposed (Reason: moved to -updates) 
apr-util (1.6.1-4ubuntu0.1) eoan; urgency=medium

  * d/p/mysql8-my_init.patch: don't call my_init() since it's not
    exported anymore since MySQL 8.0.2 (LP: #1859773)

 -- Andreas Hasenack <email address hidden>  Wed, 04 Mar 2020 17:00:31 -0300
Superseded in hirsute-release
Obsolete in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
apr-util (1.6.1-4ubuntu2) focal; urgency=medium

  * d/p/mysql8-my_init.patch: don't call my_init() since it's not
    exported anymore since MySQL 8.0.2 (LP: #1859773)

 -- Andreas Hasenack <email address hidden>  Wed, 04 Mar 2020 16:51:27 -0300

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
apr-util (1.6.1-4ubuntu1) focal; urgency=medium

  * Adjust Build-Depends to unambiguously require Python 2.
  * d/p/mysql8_my_bool.patch: Reintroduce my_bool to fix build with MySQL 8.
    (LP: #1863026)

 -- Robie Basak <email address hidden>  Tue, 18 Feb 2020 14:53:49 +0000

Available diffs

Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
apr-util (1.6.1-4build1) eoan; urgency=medium

  * No change rebuild for libmysqlclient21.

 -- Robie Basak <email address hidden>  Mon, 12 Aug 2019 01:59:30 +0000
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
apr-util (1.6.1-4) unstable; urgency=medium

  * Fix libaprutil1-dbd-mysql with mariadb 10.3. Closes: #926400

 -- Stefan Fritsch <email address hidden>  Sun, 21 Apr 2019 09:39:02 +0200
Deleted in disco-proposed (Reason: Defer the mysql-8.0 transition, not ready to happen yet f...) 
apr-util (1.6.1-3build2) disco; urgency=medium

  * No-change rebuild against libmysqlclient21

 -- Steve Langasek <email address hidden>  Fri, 01 Feb 2019 16:52:21 +0000

Available diffs

Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
apr-util (1.6.1-3build1) disco; urgency=medium

  * Rebuild against new libgdbm6.

 -- Gianfranco Costamagna <email address hidden>  Sat, 03 Nov 2018 15:00:07 +0100
Superseded in disco-release
Obsolete in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
apr-util (1.6.1-3) unstable; urgency=medium

  [ Stefan Fritsch ]
  * Migrate from alioth to salsa

  [ Matthias Klose ]
  * Drop build dependency on libpcre3-dev. Closes: #909077. LP: #1792544.

 -- Stefan Fritsch <email address hidden>  Tue, 18 Sep 2018 21:14:24 +0200
Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
apr-util (1.6.1-2ubuntu1) cosmic; urgency=medium

  * Drop build dependency on libpcre3-dev. Closes: #909077. LP: #1792544.

 -- Matthias Klose <email address hidden>  Tue, 18 Sep 2018 13:05:27 +0200
Superseded in cosmic-release
Published in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
apr-util (1.6.1-2) unstable; urgency=medium

  * Avoid empty build target, fixes FTBFS. Thanks to Niels Thykier for the
    patch. Closes: #890108
  * Fix handling of gdbm_errno in gdbm driver. Closes: #889170
  * Bump debhelper compat level to 11 and drop deprecated autotools-dev
    sequence. Thanks to Niels Thykier for the patch.
  * Bump Standards-Version (no changes)
  * Fix mysql/mariadb header detection, broken since 1.5.3-3.
  * Include NOTICE file in packages, as required by license.

 -- Stefan Fritsch <email address hidden>  Sun, 25 Feb 2018 12:40:36 +0100
Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
apr-util (1.6.1-1ubuntu2) bionic; urgency=medium

  * Drop .PHONY target.

 -- Matthias Klose <email address hidden>  Tue, 06 Feb 2018 22:32:23 +0100
Superseded in bionic-proposed 
apr-util (1.6.1-1ubuntu1) bionic; urgency=medium

  * Drop build dependency libgdbm-dev for now, ftbfs.

 -- Matthias Klose <email address hidden>  Tue, 06 Feb 2018 22:23:56 +0100

Available diffs

Superseded in bionic-proposed 
apr-util (1.6.1-1build1) bionic; urgency=medium

  * Rebuild against new libgdbm5.

 -- Gianfranco Costamagna <email address hidden>  Fri, 02 Feb 2018 15:22:19 +0100
Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release) 
apr-util (1.6.1-1) unstable; urgency=medium

  * New upstream release
    - Fixes CVE-2017-12618: Out-of-bounds access in corrupted SDBM database.
      Closes: #879996

 -- Stefan Fritsch <email address hidden>  Mon, 06 Nov 2017 19:48:34 +0100

Available diffs

Superseded in bionic-release
Obsolete in artful-release
Deleted in artful-proposed (Reason: moved to release) 
apr-util (1.6.0-2) unstable; urgency=medium

  * Switch off FULL_PATH_NAMES in doxygen to make builds reproducible.
  * Bump Standards-Version:
    - remove "Priority: extra" in control

 -- Stefan Fritsch <email address hidden>  Fri, 11 Aug 2017 17:49:25 +0200

Available diffs

Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release) 
apr-util (1.6.0-1) unstable; urgency=medium

  * New upstream release
  * Remove Peter Samuelson from uploaders. Thanks for your work in the past.
    Closes: #852221

 -- Stefan Fritsch <email address hidden>  Fri, 04 Aug 2017 21:37:03 +0200

Available diffs

Superseded in artful-release
Obsolete in zesty-release
Deleted in zesty-proposed (Reason: moved to release) 
apr-util (1.5.4-3) unstable; urgency=medium

  [ Helmut Grohne ]
  * Fix unsatisfiable cross Build-Depends: (Closes: #840892)
    + Drop binutils from Build-Depends as it is build-essential.
    + Annotate Build-Depends: python with :any.

  [ Stefan Fritsch ]
  * Enable support for gdbm. Closes: #843206
  * Switch build-depends to default-libmysqlclient-dev. Closes: #845823

 -- Stefan Fritsch <email address hidden>  Fri, 09 Dec 2016 18:19:55 +0100

Available diffs

Superseded in zesty-release
Obsolete in yakkety-release
Deleted in yakkety-proposed (Reason: moved to release) 
apr-util (1.5.4-2) unstable; urgency=medium

  [ Jean-Michel Vourgère ]
  * d/watch: Check gpg signature of upstream source.
  * Update Vcs-Browser: address.

  [ Stefan Fritsch ]
  * Bump standards version. No changes needed.
  * Backport support for openssl 1.1 from upstream 1.5.x branch.
    Closes: #828237

 -- Stefan Fritsch <email address hidden>  Thu, 14 Jul 2016 12:00:56 +0200
Superseded in yakkety-release
Published in xenial-release
Deleted in xenial-proposed (Reason: moved to release) 
apr-util (1.5.4-1build1) xenial; urgency=medium

  * Rebuild against libmysqlclient20.

 -- Robie Basak <email address hidden>  Tue, 05 Apr 2016 12:13:31 +0000
Superseded in xenial-release
Obsolete in wily-release
Obsolete in vivid-release
Deleted in vivid-proposed (Reason: moved to release) 
apr-util (1.5.4-1) unstable; urgency=medium


  * New upstream release
  * Remove dependencies on libpcre3-dev, libsqlite3-dev, libpq-dev,
    and libmysqlclient-dev in libaprutil1-dev. They are no longer
    necessary. Closes: #757140
  * Bump standards version. No changes needed.

 -- Stefan Fritsch <email address hidden>  Sat, 04 Oct 2014 14:19:46 +0200

Available diffs

Superseded in vivid-release
Obsolete in utopic-release
Deleted in utopic-proposed (Reason: moved to release) 
apr-util (1.5.3-2) unstable; urgency=medium


  * Fix FTBFS with make 4.0. Closes: #748369

 -- Stefan Fritsch <email address hidden>  Thu, 29 May 2014 16:52:08 +0200

Available diffs

Superseded in utopic-release
Published in trusty-release
Deleted in trusty-proposed (Reason: moved to release) 
apr-util (1.5.3-1) unstable; urgency=low


  * New upstream version.
  * When querying the berkley db version, strip the epoch from the
    version number.

 -- Stefan Fritsch <email address hidden>  Sun, 24 Nov 2013 14:21:14 +0100
Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release) 
apr-util (1.5.2-2ubuntu1) trusty; urgency=low

  * Strip off any garbage before the first part of the DB version, so
    we don't FTBFS when libdb-dev has an epoch, as it currently does.
 -- Adam Conrad <email address hidden>   Thu, 07 Nov 2013 03:15:02 -0700
Superseded in trusty-proposed 
apr-util (1.5.2-2) unstable; urgency=low


  * Remove dbd-freetds driver because it has security issues.
  * Switch build system to dh.
  * Bump Standards-Version (no additional changes).
  * Support multi-arch.
  * Adjust dependencies to a multi-arch enabled apr.
  * Speed up build by not searching for lots of berkley db versions that
    are not installed. Closes: #717327

 -- Stefan Fritsch <email address hidden>  Wed, 06 Nov 2013 22:27:45 +0100
Superseded in trusty-release
Deleted in trusty-proposed (Reason: moved to release) 
apr-util (1.5.2-1build1) trusty; urgency=low

  * No change rebuild against db 5.3.
 -- Dmitrijs Ledkovs <email address hidden>   Fri, 01 Nov 2013 23:07:02 +0000
Superseded in trusty-release
Obsolete in saucy-release
Deleted in saucy-proposed (Reason: moved to release) 
apr-util (1.5.2-1) unstable; urgency=low


  * New upstream release.
  * Ship find_apu.m4 in libaprutil1-dev. Closes: #699327

 -- Stefan Fritsch <email address hidden>  Sun, 05 May 2013 15:43:34 +0200

Available diffs

Superseded in saucy-release
Obsolete in raring-release
Obsolete in quantal-release 
apr-util (1.4.1-3) unstable; urgency=low


  * Fix apr_password_validate() to work with sha512-crypt hashes.
    Closes: #684268

 -- Stefan Fritsch <email address hidden>  Wed, 15 Aug 2012 20:10:55 +0200

Available diffs

Superseded in quantal-release 
apr-util (1.4.1-2) unstable; urgency=low


  * Remove obsolete version on binutils dependency. Closes: #666260
  * Re-enable test suite on hurd. Closes: #657043
  * Switch VCS to git
  * Switch to packaging format "3.0 quilt", remove dpatch. Thanks to Jari
    Aalto for the patch. Closes: #664307
  * Update to Standards-Version to 3.9.3 (no changes)
  * Bump to debhelper 9.
  * Remove obsolete workaround for #651147, ldap detection is fixed in 1.4.x
  * Fix lintian warnings
    - use dh_prep
    - omit driver libraries from symbol files
    - add build-arch and build-indep targets

 -- Stefan Fritsch <email address hidden>  Sun, 20 May 2012 22:14:38 +0200

Available diffs

Superseded in quantal-release 
apr-util (1.4.1-1) unstable; urgency=low


  * New upstream release
  * Build new apr_crypto API (using openssl).
  * Stop repacking the source tarball to remove the MD4/MD5 implementations
    derived from RSA's code. RSA has released a statement that revised the
    conditions of use for this code. Debian uses the code according to the
    conditions from this statement, which is now included in the copyright
    file of the Debian package.

 -- Stefan Fritsch <email address hidden>  Sun, 08 Jan 2012 20:44:17 +0100
Superseded in quantal-release
Published in precise-release 
apr-util (1.3.12+dfsg-3) unstable; urgency=low

  * Add workaround for ldap detection problem, to fix FTBFS with gcc 4.6.
    Closes: #651147
  * Remove Tollef Fog Heen and Ryan Niebur from uploaders. Thanks for your
    work in the past.
 -- Ubuntu Archive Auto-Sync <email address hidden>   Sun,  18 Dec 2011 22:33:05 +0000
Superseded in precise-release 
apr-util (1.3.12+dfsg-2build1) precise; urgency=low

  * Rebuild for libmysqlclient transition
 -- Clint Byrum <email address hidden>   Wed, 23 Nov 2011 07:53:59 -0800
Superseded in precise-release
Obsolete in oneiric-release 
apr-util (1.3.12+dfsg-2) unstable; urgency=low

  * Fix unsafe pool usage in apr_thread_pool. This hopefully fixes the
    occasional testreslist failures.
Superseded in oneiric-release 
apr-util (1.3.10+dfsg-2ubuntu1) oneiric; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Build with -O2 on ppc64.
  * Dropped changes, superseded in Debian:
    - empty out dependency_libs from the .la files, per policy 10.2.
Superseded in oneiric-release
Obsolete in natty-release 
apr-util (1.3.9+dfsg-5ubuntu3) natty; urgency=low

  * debian/rules: fix the sed call so that the package actually builds.
 -- Steve Langasek <email address hidden>   Mon, 21 Mar 2011 14:02:34 -0700
Superseded in natty-release 
apr-util (1.3.9+dfsg-5ubuntu2) natty; urgency=low

  * debian/rules: empty out dependency_libs from the .la files, per policy
    10.2.
 -- Steve Langasek <email address hidden>   Mon, 21 Mar 2011 13:07:39 -0700
Superseded in natty-release 
apr-util (1.3.9+dfsg-5ubuntu1) natty; urgency=low

  * Build with -O2 on ppc64.
 -- Matthias Klose <email address hidden>   Wed, 16 Mar 2011 15:40:01 +0100

Available diffs

Obsolete in hardy-updates
Obsolete in hardy-security 
apr-util (1.2.12+dfsg-3ubuntu0.3) hardy-security; urgency=low

  * SECURITY UPDATE: denial of service via memory leak in
    apr_brigade_split_line function.
    - debian/patches/021_CVE-2010-1623.dpatch: properly destroy bucket in
      buckets/apr_brigade.c.
    - CVE-2010-1623
 -- Marc Deslauriers <email address hidden>   Thu, 18 Nov 2010 09:48:13 -0500
Obsolete in karmic-updates
Obsolete in karmic-security 
apr-util (1.3.9+dfsg-1ubuntu1.1) karmic-security; urgency=low

  * SECURITY UPDATE: denial of service via memory leak in
    apr_brigade_split_line function.
    - debian/patches/016_CVE-2010-1623.dpatch: properly destroy bucket in
      buckets/apr_brigade.c.
    - CVE-2010-1623
 -- Marc Deslauriers <email address hidden>   Thu, 18 Nov 2010 09:46:01 -0500
Obsolete in lucid-updates
Obsolete in lucid-security 
apr-util (1.3.9+dfsg-3ubuntu0.10.04.1) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service via memory leak in
    apr_brigade_split_line function.
    - debian/patches/016_CVE-2010-1623.dpatch: properly destroy bucket in
      buckets/apr_brigade.c.
    - CVE-2010-1623
 -- Marc Deslauriers <email address hidden>   Thu, 18 Nov 2010 09:39:05 -0500
Obsolete in maverick-updates
Obsolete in maverick-security 
apr-util (1.3.9+dfsg-3ubuntu0.10.10.1) maverick-security; urgency=low

  * SECURITY UPDATE: denial of service via memory leak in
    apr_brigade_split_line function.
    - debian/patches/016_CVE-2010-1623.dpatch: properly destroy bucket in
      buckets/apr_brigade.c.
    - CVE-2010-1623
 -- Marc Deslauriers <email address hidden>   Thu, 18 Nov 2010 09:39:05 -0500
Superseded in natty-release 
apr-util (1.3.9+dfsg-5) unstable; urgency=low

  * Backports from 1.3.10:
    - apr_thread_pool: Fix some potential deadlock situations.  PR 49709.
    - apr_thread_pool_create: Fix pool corruption caused by multithreaded
      use of the pool when multiple initial threads are created.  PR 47843.
    - apr_thread_pool_create: Only set the output variable on success.
Superseded in natty-release
Obsolete in maverick-release
Obsolete in lucid-release 
apr-util (1.3.9+dfsg-3build1) lucid; urgency=low

  * No-change rebuild to remove reference to non-existent libuuid.la
    from libaprutil-1.la (LP: #525629).
 -- Ilya Barygin <email address hidden>   Mon, 22 Feb 2010 11:17:48 +0300

Available diffs

Superseded in lucid-release 
apr-util (1.3.9+dfsg-3) unstable; urgency=low

  * Update to db4.8 (closes: #550443)
  * Bump standards-version:
    - Use DEB_*_ARCH_* where applicable
Superseded in lucid-release
Obsolete in karmic-release 
apr-util (1.3.9+dfsg-1ubuntu1) karmic; urgency=low

  * Remove obsolete libmysqlclient15off dependency. Update libaprutil1-dev
    dependency to libmysqlclient-dev.

 -- Mathias Gug <email address hidden>   Mon, 17 Aug 2009 17:00:58 -0400

Available diffs

Superseded in karmic-release 
apr-util (1.3.9+dfsg-1) unstable; urgency=high

  [ Stefan Fritsch ]
  * Enable -fstack-protector for arm/armel. A workaround has been added to
    gcc.
  * Remove obsolete libmysqlclient15off dependency. Update build-dep to
    libmysqlclient-dev.

  [ Peter Samuelson ]
  * New upstream security release.
    - Fix CVE-2009-2412, overflow in RMM allocations due to alignment.
  * Add myself to Uploaders.

Available diffs

Obsolete in jaunty-updates
Obsolete in jaunty-security 
apr-util (1.2.12+dfsg-8ubuntu0.3) jaunty-security; urgency=low

  * SECURITY UPDATE: fix integer overflow in libaprutil
    - debian/patches/020_CVE-2009-2412.patch: adjust apr_rmm_malloc,
      apr_rmm_calloc, apr_rmm_realloc to check for overflow after aligning
      size
    - http://www.apache.org/dist/apr/patches/apr-util-1.x-CVE-2009-2412.patch
    - CVE-2009-2412

 -- Jamie Strandboge <email address hidden>   Fri, 07 Aug 2009 12:42:06 -0500
Obsolete in intrepid-updates
Obsolete in intrepid-security 
apr-util (1.2.12+dfsg-7ubuntu0.3) intrepid-security; urgency=low

  * SECURITY UPDATE: fix integer overflow in libaprutil
    - debian/patches/020_CVE-2009-2412.patch: adjust apr_rmm_malloc,
      apr_rmm_calloc, apr_rmm_realloc to check for overflow after aligning
      size
    - http://www.apache.org/dist/apr/patches/apr-util-1.x-CVE-2009-2412.patch
    - CVE-2009-2412

 -- Jamie Strandboge <email address hidden>   Fri, 07 Aug 2009 12:49:53 -0500
Superseded in hardy-updates
Superseded in hardy-security 
apr-util (1.2.12+dfsg-3ubuntu0.2) hardy-security; urgency=low

  * SECURITY UPDATE: fix integer overflow in libaprutil
    - debian/patches/020_CVE-2009-2412.patch: adjust apr_rmm_malloc,
      apr_rmm_calloc, apr_rmm_realloc to check for overflow after aligning
      size
    - http://www.apache.org/dist/apr/patches/apr-util-1.x-CVE-2009-2412.patch
    - CVE-2009-2412

 -- Jamie Strandboge <email address hidden>   Fri, 07 Aug 2009 12:28:25 -0500
Superseded in hardy-updates
Superseded in hardy-security 
apr-util (1.2.12+dfsg-3ubuntu0.1) hardy-security; urgency=low

  * SECURITY UPDATE: Fix underflow in apr_strmatch_precompile
    - debian/patches/017_CVE-2009-0023.dpatch: adjust strmatch/apr_strmatch.c
      to properly evaluate strings as unsigned char rather than int
    - CVE-2009-0023
  * SECURITY UPDATE: Prevent "billion laughs" attack against expat
    - debian/patches/018_CVE-2009-1955.dpatch: adjust xml/apr_xml.c to disable
      internal entity expansion. Also add test case to the internal test
      suite
    - CVE-2009-1955
  * SECURITY UPDATE: Fix off by one overflow in apr_brigade_vprintf
    - debian/patches/019_CVE-2009-1956.dpatch: don't add null terminator to
      vd.vbuff.curpos in buckets/apr_brigade.c
    - CVE-2009-1956

 -- Jamie Strandboge <email address hidden>   Tue, 09 Jun 2009 11:47:52 -0500
Superseded in intrepid-updates
Superseded in intrepid-security 
apr-util (1.2.12+dfsg-7ubuntu0.1) intrepid-security; urgency=low

  * SECURITY UPDATE: Fix underflow in apr_strmatch_precompile
    - debian/patches/017_CVE-2009-0023.dpatch: adjust strmatch/apr_strmatch.c
      to properly evaluate strings as unsigned char rather than int
    - CVE-2009-0023
  * SECURITY UPDATE: Prevent "billion laughs" attack against expat
    - debian/patches/018_CVE-2009-1955.dpatch: adjust xml/apr_xml.c to disable
      internal entity expansion. Also add test case to the internal test
      suite
    - CVE-2009-1955
  * SECURITY UPDATE: Fix off by one overflow in apr_brigade_vprintf
    - debian/patches/019_CVE-2009-1956.dpatch: don't add null terminator to
      vd.vbuff.curpos in buckets/apr_brigade.c
    - CVE-2009-1956

 -- Jamie Strandboge <email address hidden>   Tue, 09 Jun 2009 11:45:43 -0500
Superseded in jaunty-updates
Superseded in jaunty-security 
apr-util (1.2.12+dfsg-8ubuntu0.1) jaunty-security; urgency=low

  * SECURITY UPDATE: Fix underflow in apr_strmatch_precompile
    - debian/patches/017_CVE-2009-0023.dpatch: adjust strmatch/apr_strmatch.c
      to properly evaluate strings as unsigned char rather than int
    - CVE-2009-0023
  * SECURITY UPDATE: Prevent "billion laughs" attack against expat
    - debian/patches/018_CVE-2009-1955.dpatch: adjust xml/apr_xml.c to disable
      internal entity expansion. Also add test case to the internal test
      suite
    - CVE-2009-1955
  * SECURITY UPDATE: Fix off by one overflow in apr_brigade_vprintf
    - debian/patches/019_CVE-2009-1956.dpatch: don't add null terminator to
      vd.vbuff.curpos in buckets/apr_brigade.c
    - CVE-2009-1956

 -- Jamie Strandboge <email address hidden>   Tue, 09 Jun 2009 11:17:47 -0500
Superseded in karmic-release 
apr-util (1.3.7+dfsg-1) unstable; urgency=high

  * New upstream version:
    - CVE-2009-0023: Fix underflow in apr_strmatch_precompile() which causes
      remotely exploitable DoS vulnerabilities in mod_dav_svn and libapreq2.
    - Fix DoS vulnerability (memory consumption) in handling of internal xml
      entities.
  * Disable test suite on hurd for now (closes: #530287).
  * Override lintian warning about soname.

 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  08 Jun 2009 10:59:23 +0100

Available diffs

175 of 90 results FirstPreviousLast