Pullup ticket 2791 - requested by tron Security update Revisions pulled up: - pkgsrc/devel/apr-util/Makefile 1.10 - pkgsrc/devel/apr-util/distinfo 1.6 Module Name: pkgsrc Committed By: tron Date: Mon Jun 8 13:19:20 UTC 2009 Modified Files: pkgsrc/devel/apr-util: Makefile distinfo Log Message: Update "apr-util" package to version 1.3.7. Changes since version 1.3.4: - SECURITY: Fix a denial of service attack against the apr_xml_* interface using the "billion laughs" entity expansion technique. - SECURITY: CVE-2009-0023 (cve.mitre.org) Fix underflow in apr_strmatch_precompile. - Minor build and bug fixes. - SECURITY: CVE-2009-0023 (cve.mitre.org) Fix underflow in apr_strmatch_precompile. - Fix off by one overflow in apr_brigade_vprintf. - APR_LDAP_SIZELIMIT should prefer LDAP_DEFAULT_LIMIT/-1 when the SDK supports it, but in the absence of LDAP_DEFAULT_LIMIT (and LDAP_NO_LIMIT/0) it is not safe to use a literal -1. Bug 23356 - Clean up ODBC types. Warnings seen when compiling packages for Fedora 11. - Use of my_init() requires my_global.h and my_sys.h. - Fix apr_memcache_multgetp memory corruption and incorrect error handling. Bug 46588 - Fix memcache memory leak with persistent connections. Bug 46482 - Add Oracle 11 support. - apr_dbd_freetds: Avoid segfault when process is NULL. Do no print diagnostics to stderr. Never allow driver to exit process. - apr_dbd_freetds: The sybdb.h header file might be freetds/sybdb.h or sybdb.h. - LDAP detection improvements: --with-ldap now supports library names containing non-alphanumeric characters, such as libldap-2.4.so. New option --with-lber can be used to override the default liblber name. Fix a problem reporting the lber library from apu-N-config. - Suppress pgsql column-out-of-range warning. - Fix a buffer overrun and password matching for SHA passwords. - Introduce DSO handling of the db, gdbm and ndbm drivers, so these are loaded as .so's on first demand, unless --disable-util-dso is configured. - Fix a segfault in the DBD testcase when the DBD modules were not present. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 pkgsrc/devel/apr-util/Makefile cvs rdiff -u -r1.5 -r1.6 pkgsrc/devel/apr-util/distinfodiff -r1.9 -r1.9.4.1 pkgsrc/devel/apr-util/Makefile
(spz)
@@ -1,17 +1,16 @@ | @@ -1,17 +1,16 @@ | |||
1 | # $NetBSD: Makefile,v 1.9 2008/11/02 15:05:11 cube Exp $ | 1 | # $NetBSD: Makefile,v 1.9.4.1 2009/06/08 20:27:49 spz Exp $ | |
2 | 2 | |||
3 | DISTNAME= apr-util-1.3.4 | 3 | DISTNAME= apr-util-1.3.7 | |
4 | PKGREVISION= 1 | |||
5 | CATEGORIES= devel | 4 | CATEGORIES= devel | |
6 | MASTER_SITES= ${MASTER_SITE_APACHE:=apr/} | 5 | MASTER_SITES= ${MASTER_SITE_APACHE:=apr/} | |
7 | 6 | |||
8 | MAINTAINER= pkgsrc-users@NetBSD.org | 7 | MAINTAINER= pkgsrc-users@NetBSD.org | |
9 | HOMEPAGE= http://apr.apache.org/ | 8 | HOMEPAGE= http://apr.apache.org/ | |
10 | COMMENT= Apache Portable Runtime utilities | 9 | COMMENT= Apache Portable Runtime utilities | |
11 | 10 | |||
12 | PKG_DESTDIR_SUPPORT= user-destdir | 11 | PKG_DESTDIR_SUPPORT= user-destdir | |
13 | 12 | |||
14 | PKG_INSTALLATION_TYPES= overwrite pkgviews | 13 | PKG_INSTALLATION_TYPES= overwrite pkgviews | |
15 | 14 | |||
16 | USE_LIBTOOL= yes | 15 | USE_LIBTOOL= yes | |
17 | USE_TOOLS+= pkg-config | 16 | USE_TOOLS+= pkg-config |
@@ -1,7 +1,7 @@ | @@ -1,7 +1,7 @@ | |||
1 | $NetBSD: distinfo,v 1.5 2008/11/02 15:05:11 cube Exp $ | 1 | $NetBSD: distinfo,v 1.5.4.1 2009/06/08 20:27:49 spz Exp $ | |
2 | 2 | |||
3 | SHA1 (apr-util-1.3.4.tar.gz) = c538c566447cf38b849288a40cf81e5267d9117f | 3 | SHA1 (apr-util-1.3.7.tar.gz) = 1ddb686c1ae573a67784c24d51c6f3ba44cbe32b | |
4 | RMD160 (apr-util-1.3.4.tar.gz) = 741b9b8e9449ce3cae565aeac57deaeb688071d3 | 4 | RMD160 (apr-util-1.3.7.tar.gz) = 9e41d6c79fe601129c10c95e782c7e34f6058e11 | |
5 | Size (apr-util-1.3.4.tar.gz) = 778902 bytes | 5 | Size (apr-util-1.3.7.tar.gz) = 788206 bytes | |
6 | SHA1 (patch-aa) = 8266136e6211c3c98a1f2dee8a33cd2bac50fbce | 6 | SHA1 (patch-aa) = 8266136e6211c3c98a1f2dee8a33cd2bac50fbce | |
7 | SHA1 (patch-ab) = 2eb58e941a54dc5f4531476b1017ac4f6ee1b4a6 | 7 | SHA1 (patch-ab) = 2eb58e941a54dc5f4531476b1017ac4f6ee1b4a6 |