374d0fa343
Security: http://www.vuxml.org/freebsd/dd943fbb-d0fe-11df-95a8-00219b0fc4d8.html With Hat: apache@ <ChangeLog> *) SECURITY: CVE-2010-1623 (cve.mitre.org) Fix a denial of service attack against apr_brigade_split_line(). [Stefan Fritsch] *) SECURITY: CVE-2009-3560, CVE-2009-3720 (cve.mitre.org) Fix two buffer over-read flaws in the bundled copy of expat which could cause applications to crash while parsing specially-crafted XML documents. [Joe Orton] *) Upgrade bundled copy of expat library to 1.95.7. [Joe Orton] *) apr_thread_pool: Fix some potential deadlock situations. PR 49709. [Joe Mudd <Joe.Mudd sas.com>] *) apr_thread_pool_create: Fix pool corruption caused by multithreaded use of the pool when multiple initial threads are created. PR 47843. [Alex Korobka <akorobka fxcm.com>] *) apr_thread_pool_create(): Only set the output thread pool handle on success. [Paul Querna] *) DBD ODBC support: Fix memory corruption using apr_dbd_datum_get() with several different data types, including APR_DBD_TYPE_TIME. PR 49645. [<kappa psilambda.com>] *) Add support for Berkeley DB 4.8 and 5.0. PR 49866, PR 49179. [Bernhard Rosenkraenzer <br blankpage.ch>, Arfrever Frehtes Taifersar Arahesis <arfrever.fta gmail.com>] *) Make bundled expat compatible with libtool 2.x. PR 49053. [Rainer Jung] *) Prefer libtool 1.x when searching for libtool in bundled expat release process. [Rainer Jung, Jim Jagielski] *) Improve platform detection for bundled expat by updating config.guess and config.sub. [Rainer Jung] </ChangeLog> |
||
|---|---|---|
| .. | ||
| files | ||
| distinfo | ||
| Makefile | ||
| pkg-descr | ||
| pkg-plist | ||