You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@apr.apache.org by co...@apache.org on 2023/01/31 15:26:26 UTC

svn commit: r1907156 - /apr/apr-util/branches/1.6.x/CHANGES

Author: covener
Date: Tue Jan 31 15:26:25 2023
New Revision: 1907156

URL: http://svn.apache.org/viewvc?rev=1907156&view=rev
Log:
released

Modified:
    apr/apr-util/branches/1.6.x/CHANGES

Modified: apr/apr-util/branches/1.6.x/CHANGES
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.6.x/CHANGES?rev=1907156&r1=1907155&r2=1907156&view=diff
==============================================================================
--- apr/apr-util/branches/1.6.x/CHANGES [utf-8] (original)
+++ apr/apr-util/branches/1.6.x/CHANGES [utf-8] Tue Jan 31 15:26:25 2023
@@ -1,6 +1,11 @@
                                                      -*- coding: utf-8 -*-
 Changes with APR-util 1.6.2
 
+  *) SECURITY: CVE-2022-25147 (cve.mitre.org)
+     Integer Overflow or Wraparound vulnerability in apr_base64 functions 
+     of Apache Portable Runtime Utility (APR-util) allows an attacker to 
+     write beyond bounds of a buffer.
+     
   *) Teach configure how to find and build against MariaDB 10.2. PR 61517
      [Kris Karas <bugs-a17 moonlit-rail.com>]