You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by wr...@apache.org on 2017/11/07 15:04:27 UTC
svn commit: r22998 - in /release/apr: Announcement1.x.html
Announcement1.x.txt
Author: wrowe
Date: Tue Nov 7 15:04:27 2017
New Revision: 22998
Log:
These are type ordered not api fn name ordered
Modified:
release/apr/Announcement1.x.html
release/apr/Announcement1.x.txt
Modified: release/apr/Announcement1.x.html
==============================================================================
--- release/apr/Announcement1.x.html (original)
+++ release/apr/Announcement1.x.html Tue Nov 7 15:04:27 2017
@@ -27,7 +27,7 @@
<ul>
<li>CVE-2017-12613; Out-of-bounds array deref in apr_time_exp*() functions
<br />
- When apr_exp_time*() or apr_os_exp_time*() functions are invoked
+ When apr_time_exp_t or apr_os_exp_time_t arguments are passed
with an invalid month field value in APR 1.6.2 and prior, out of
bounds memory may be accessed in converting this value to an
apr_time_exp_t value, potentially revealing the contents of a
Modified: release/apr/Announcement1.x.txt
==============================================================================
--- release/apr/Announcement1.x.txt (original)
+++ release/apr/Announcement1.x.txt Tue Nov 7 15:04:27 2017
@@ -11,7 +11,7 @@
CVE-2017-12613; Out-of-bounds array deref in apr_time_exp*() functions
- When apr_exp_time*() or apr_os_exp_time*() functions are invoked
+ When apr_time_exp_t or apr_os_exp_time_t arguments are passed
with an invalid month field value in APR 1.6.2 and prior, out of
bounds memory may be accessed in converting this value to an
apr_time_exp_t value, potentially revealing the contents of a