|Commit found by message id
Fri, 13 May 2011
[ 23:00:18 ohauer ] |
devel Apache Portability Library
- update apr1 to version 1.4.4 (security update CVE-2011-0419)
Changes: (trimmed non FreeBSD related to keep the list shorter)
Changes for APR 1.4.4
Changes for APR 1.4.3
*) Security: CVE-2011-0419
Reimplement apr_fnmatch() from scratch using a non-recursive
algorithm; now has improved compliance with the fnmatch() spec.
*) poll, pollset, pollcb on Windows: Handle calls with no file/socket
descriptors. PR 49882. [Stefan Ruppert <sr myarm.com>, Jeff Trawick]
*) Fix address handling when accepting an AF_INET socket from a socket
bound as AF_INET6. PR 49678. [Joe Orton]
*) Add new experimental configure option --enable-allocator-uses-mmap to
use mmap instead of malloc in apr_allocator_alloc(). This greatly reduces
memory fragmentation with malloc implementations (e.g. glibc) that
don't handle allocationss of a page-size-multiples in an efficient way.
It also makes apr_allocator_max_free_set() actually have some effect
on such platforms. [Stefan Fritsch]
*) configure: Make definition of apr_ino_t independent of
_FILE_OFFSET_BITS even on platforms where ino_t is 'unsigned int'.
*) apr_ring: Workaround for aliasing problem that causes gcc 4.5 to
miscompile some brigade related code. PR 50190. [Stefan Fritsch]
*) apr_file_flush_locked(): Handle short writes. [Stefan Fritsch]
*) apr_pollset_create_ex(): Trap errors from pollset providers.
PR 49094. [Sami Tolvanen <sami.tolvanen mywot.com>]
*) apr_pollset_create*(): Fix memory lifetime problem with the wakeup
pipe when the pollset was created with APR_POLLSET_NOCOPY.
[Neil Conway <nrc cs.berkeley.edu>]
*) Fix detection of some Linux variants when configure is built with
recent GNU tools. [Eric Covener]
*) Avoid a redundant fcntl() call in apr_file_open() where O_CLOEXEC
is supported. PR 46297. [Joe Orton]
*) Improve platform detection by updating config.guess and config.sub.
commit with apache@ hat
Submitted by: Tsurutani Naoki <turutani _at_ scphys.kyoto-u.ac.jp>
Number of ports [& non-ports] in this commit: 1
show all files
5 vulnerabilities affecting 12 ports have been reported in the past 14 days
* - modified, not new