You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by tr...@apache.org on 2009/10/02 15:02:37 UTC
svn commit: r821002 - /apr/apr-util/branches/1.4.x/CHANGES
Author: trawick
Date: Fri Oct 2 13:02:37 2009
New Revision: 821002
URL: http://svn.apache.org/viewvc?rev=821002&view=rev
Log:
don't list fixes/features that were in apr-util 1.3.x
Modified:
apr/apr-util/branches/1.4.x/CHANGES
Modified: apr/apr-util/branches/1.4.x/CHANGES
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.4.x/CHANGES?rev=821002&r1=821001&r2=821002&view=diff
==============================================================================
--- apr/apr-util/branches/1.4.x/CHANGES [utf-8] (original)
+++ apr/apr-util/branches/1.4.x/CHANGES [utf-8] Fri Oct 2 13:02:37 2009
@@ -1,72 +1,6 @@
-*- coding: utf-8 -*-
Changes with APR-util 1.4.0
- *) SECURITY: CVE-2009-2412 (cve.mitre.org)
- Fix overflow in rmm, where size alignment was taking place.
- [Matt Lewis <ma...@google.com>, Sander Striker]
-
- *) Add support for Berkeley DB 4.8. [Arfrever Frehtes Taifersar Arahesis
- <arfrever.fta gmail.com>]
-
- *) Make sure that "make check" is used in the RPM spec file, so that
- the crypto, dbd and dbm tests pass. [Graham Leggett]
-
- *) Make sure the mysql version of dbd_mysql_get_entry() respects the
- rule that if the column number exceeds the number of columns, we
- return NULL. [Graham Leggett]
-
- *) Clarify the error messages within the dbd tests. [Graham Leggett]
-
- *) Use locally scoped variables in PostgreSQL driver to avoid stomping
- on return codes. PR 47431
- [Wayne Jensen <wayne_jensen trendmicro.com>]
-
- *) SECURITY:
- Fix a denial of service attack against the apr_xml_* interface
- using the "billion laughs" entity expansion technique.
- [Joe Orton]
-
- *) Fix race conditions in initialisation of DBD, DBM and DSO.
- [Bojan Smojver]
-
- *) Expose DBM libs in apu-1-config by default. To avoid that, use
- apu-1-config --avoid-dbm --libs. To get just DBM libs, use
- apu-1-config --dbm-libs.
- [Bojan Smojver]
-
- *) Make sure --without-ldap works.
- [Arfrever Frehtes Taifersar Arahesis <arfrever.fta gmail.com>]
-
- *) SECURITY: CVE-2009-0023 (cve.mitre.org)
- Fix underflow in apr_strmatch_precompile.
- [Matthew Palmer <mpalmer debian.org>]
-
- *) Fix off by one overflow in apr_brigade_vprintf.
- [C. Michael Pilato <cmpilato collab.net>]
-
- *) APR_LDAP_SIZELIMIT should prefer LDAP_DEFAULT_LIMIT/-1 when the
- SDK supports it, but in the absence of LDAP_DEFAULT_LIMIT (and
- LDAP_NO_LIMIT/0) it is not safe to use a literal -1.
- PR23356 [Eric Covener]
-
- *) Clean up ODBC types. Warnings seen when compiling packages for
- Fedora 11. [Bojan Smojver]
-
- *) Use of my_init() requires my_global.h and my_sys.h.
- [Bojan Smojver]
-
- *) Fix apr_memcache_multgetp memory corruption and incorrect error
- handling. PR 46588 [Sami Tolvanen <sami.tolvanen mywot.com>]
-
- *) Fix memcache memory leak with persistent connections.
- PR 46482 [Sami Tolvanen <sami.tolvanen mywot.com>]
-
- *) Add Oracle 11 support. [Bojan Smojver]
-
- *) apr_dbd_freetds: Avoid segfault when process is NULL.
- Do no print diagnostics to stderr. Never allow driver to exit
- process. [Bojan Smojver]
-
*) Do not include apr.h and apr_errno.h from system search path in
apu_errno.h. PR 46487 [Rainer Jung <rainer.jung kippdata.de>]
@@ -117,12 +51,9 @@
*) Add DTrace Probes to Hooks, making it easier to inspect APR Hook based
applications with DTrace. [Theo Schlossnagle <jesus omniti.com>]
- *) Add ODBC DBD driver [Tom Donovan]
-
*) Implement resource list when threads are unavailable. PR 24325
[Bojan Smojver]
-
Changes for APR-util 1.3.x and later:
*) http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/CHANGES?view=markup