Ubuntu
apr-util package

apr-util 1.2.12+dfsg-8ubuntu0.1 source package in Ubuntu

Changelog

apr-util (1.2.12+dfsg-8ubuntu0.1) jaunty-security; urgency=low

  * SECURITY UPDATE: Fix underflow in apr_strmatch_precompile
    - debian/patches/017_CVE-2009-0023.dpatch: adjust strmatch/apr_strmatch.c
      to properly evaluate strings as unsigned char rather than int
    - CVE-2009-0023
  * SECURITY UPDATE: Prevent "billion laughs" attack against expat
    - debian/patches/018_CVE-2009-1955.dpatch: adjust xml/apr_xml.c to disable
      internal entity expansion. Also add test case to the internal test
      suite
    - CVE-2009-1955
  * SECURITY UPDATE: Fix off by one overflow in apr_brigade_vprintf
    - debian/patches/019_CVE-2009-1956.dpatch: don't add null terminator to
      vd.vbuff.curpos in buckets/apr_brigade.c
    - CVE-2009-1956

 -- Jamie Strandboge <email address hidden>   Tue, 09 Jun 2009 11:17:47 -0500

Upload details

Uploaded by:
Jamie Strandboge
Uploaded to:
Jaunty
Original maintainer:
Ubuntu Development Team
Architectures:
any
Section:
libs
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
apr-util_1.2.12+dfsg.orig.tar.gz 643.2 KiB 0a8cf21eaada6ce138962dbcfe64bf49069f0ba4e8cfef3b169f4213844e5c7b
apr-util_1.2.12+dfsg-8ubuntu0.1.diff.gz 22.3 KiB cb87428cb4f3a7d1a96534da1eccc1593babd6ebc2fdb62885d667c74b20e8c6
apr-util_1.2.12+dfsg-8ubuntu0.1.dsc 1.6 KiB 8018d1d4991fae51f2a5d07a31c3ad16c531b02e3279dd1cb54739155bef489e

View changes file

Binary packages built by this source

libaprutil1: No summary available for libaprutil1 in ubuntu jaunty.

No description available for libaprutil1 in ubuntu jaunty.

libaprutil1-dbg: No summary available for libaprutil1-dbg in ubuntu jaunty.

No description available for libaprutil1-dbg in ubuntu jaunty.

libaprutil1-dev: No summary available for libaprutil1-dev in ubuntu jaunty.

No description available for libaprutil1-dev in ubuntu jaunty.