Change log for apr package in Debian
| 1 → 61 of 61 results | First • Previous • Next • Last |
apr (1.7.2-3.2) unstable; urgency=medium * Non-maintainer upload. * Fix symbols files which are in a non-standard location. -- Steve Langasek <email address hidden> Fri, 08 Mar 2024 19:11:28 +0000
apr (1.7.2-3.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1061894 -- Steve Langasek <email address hidden> Wed, 28 Feb 2024 01:17:18 +0000
| Deleted in experimental-release (Reason: None provided.) |
apr (1.7.2-3.1~exp2) experimental; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. * Fix uninstallable packages from the previous upload. -- Steve Langasek <email address hidden> Wed, 31 Jan 2024 06:04:49 +0000
| Superseded in experimental-release |
apr (1.7.2-3.1~exp1) experimental; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. -- Steve Langasek <email address hidden> Tue, 30 Jan 2024 00:57:26 +0000
| Published in bullseye-release |
apr (1.7.0-6+deb11u2) bullseye-security; urgency=high
* Non-maintainer upload by the Security Team.
* Address some warnings raised by MSVC-32/64
* apr_encode_base32: fix advertised output *len when called with dst == NULL
* apr_decode_base{64,32,16}: stop reading before (not including) NUL byte.
* encoding: Better check inputs of apr_{encode,decode}_* functions
(CVE-2022-24963)
-- Salvatore Bonaccorso <email address hidden> Wed, 01 Mar 2023 15:22:18 +0100
apr (1.7.2-3) unstable; urgency=medium
* Add more fixes for atomics from upstream, in particular for
32 bit archs with weak memory ordering.
-- Stefan Fritsch <email address hidden> Sun, 26 Feb 2023 21:51:24 +0100
Available diffs
- diff from 1.7.2-2 to 1.7.2-3 (2.0 KiB)
apr (1.7.2-2) unstable; urgency=medium * Fix 64bit atomics on powerpc and armel. * Bump standards version (no changes). -- Stefan Fritsch <email address hidden> Sat, 04 Feb 2023 12:08:53 +0100
Available diffs
apr (1.7.2-1) unstable; urgency=medium
[ Stefan Fritsch ]
* New upstream version
- CVE-2022-24963: Integer Overflow or Wraparound vulnerability
in apr_encode functions
* Include PrintPath in libapr1-dev.
[ Debian Janitor ]
* Bump debhelper from old 12 to 13.
* Re-export upstream signing key without extra signatures.
* Remove constraints unnecessary since buster:
+ Build-Depends: Drop versioned constraint on libtool.
[ Yadd ]
* Bump standards version
* Modernize debian/watch
* Add "Rules-Requires-Root: no"
-- Stefan Fritsch <email address hidden> Thu, 02 Feb 2023 23:55:35 +0100
| Superseded in bullseye-release |
apr (1.7.0-6+deb11u1) bullseye; urgency=medium
* Team upload
[ Salvatore Bonaccorso ]
* Out-of-bounds array dereference in apr_time_exp*() functions
(CVE-2021-35940) (Closes: #992789)
-- Yadd <email address hidden> Tue, 24 Aug 2021 09:18:26 +0200
apr (1.7.0-8) unstable; urgency=medium
* Team upload
[ Salvatore Bonaccorso ]
* build/apr_common.m4: avoid explicit inclusion of "confdefs.h"
(Closes: #978767)
-- Yadd <email address hidden> Tue, 24 Aug 2021 10:54:34 +0200
Available diffs
apr (1.7.0-7) unstable; urgency=medium
* Team upload
[ Helmut Grohne ]
* Annotate test dependencies netbase and net-tools <!nocheck>.
Closes: #981738
[ Salvatore Bonaccorso ]
* Out-of-bounds array dereference in apr_time_exp*() functions
(CVE-2021-35940) (Closes: #992789)
-- Yadd <email address hidden> Tue, 24 Aug 2021 08:59:10 +0200
apr (1.7.0-6) unstable; urgency=medium [ John Paul Adrian Glaubitz ] * Fix atomics for m68k, sh3 and sh4. Closes: #978018 -- Stefan Fritsch <email address hidden> Sun, 27 Dec 2020 17:28:47 +0100
Available diffs
- diff from 1.7.0-4 to 1.7.0-6 (1.2 KiB)
apr (1.7.0-4) unstable; urgency=low
[ Debian Janitor ]
* Trim trailing whitespace.
* Transition to automatic debug package (from: libapr1-dbg).
* Use secure URI in Homepage field.
* Bump debhelper from old 11 to 12.
* Set debhelper-compat version in Build-Depends.
[ Stefan Fritsch ]
* Fix apr libtool on unmerged /usr. Thanks to Vagrant Cascadian for
the patch. Closes: #916829
* Bump Standards-Version (no changes).
-- Stefan Fritsch <email address hidden> Sat, 21 Nov 2020 21:06:09 +0100
Available diffs
- diff from 1.7.0-3 to 1.7.0-4 (2.1 KiB)
apr (1.7.0-3) unstable; urgency=medium
* Bump Standards-Version (no changes).
* Fixes for 64bit atomics work-around:
- call the required initalization
- don't use on mips64el
- use on powerpc
-- Stefan Fritsch <email address hidden> Sun, 30 Aug 2020 21:15:21 +0200
Available diffs
apr (1.7.0-2) unstable; urgency=medium
* Use generic 64bit atomics on mipsel as gcc lacks the 64bit built-ins.
Fixes FTBFS on mipsel.
-- Stefan Fritsch <email address hidden> Sat, 29 Aug 2020 18:13:56 +0200
apr (1.7.0-1) unstable; urgency=medium
* New upstream release
* Switch build-depends to python3. Closes: #936128, #969065
Make apr1-dev depend on python3, so that apr-util does not have to.
See #936129
-- Stefan Fritsch <email address hidden> Sat, 29 Aug 2020 11:42:28 +0200
apr (1.6.5-1) unstable; urgency=medium * New upstream release * Bump Standards-Version (no changes). -- Stefan Fritsch <email address hidden> Mon, 19 Nov 2018 13:28:03 +0100
Available diffs
- diff from 1.6.3-3 to 1.6.5-1 (16.9 KiB)
apr (1.6.3-3) unstable; urgency=medium
* Backport fix for undefined behavior in teststr from upstream 1.7.
Fixes FTBFS with gcc 8. Closes: #897705
* Migrate from alioth to salsa
-- Stefan Fritsch <email address hidden> Tue, 17 Jul 2018 21:17:00 +0200
Available diffs
- diff from 1.6.3-2 to 1.6.3-3 (989 bytes)
apr (1.6.3-2) unstable; urgency=medium
* Avoid empty build target, fixes FTBFS. Thanks to Niels Thykier for the
patch. Closes: #888593
* Drop deprecated autotools-dev sequence. Thanks to Niels Thykier for the
patch.
* Switch to debhelper compat level 11 and use dh_autoreconf.
* Include NOTICE file in packages, as required by license.
* Bump Standards-Version (no changes).
-- Stefan Fritsch <email address hidden> Sun, 25 Feb 2018 16:35:41 +0100
Available diffs
- diff from 1.6.3-1 to 1.6.3-2 (1.4 KiB)
apr (1.6.3-1) unstable; urgency=medium
* New upstream version
- Fixes CVE-2017-12613: Out-of-bounds array deref in apr_time_exp*
functions. Closes: #879708
* Replace obsolete priority extra with optional.
-- Stefan Fritsch <email address hidden> Mon, 06 Nov 2017 20:07:42 +0100
Available diffs
- diff from 1.6.2-1 to 1.6.3-1 (10.0 KiB)
apr (1.6.2-1) unstable; urgency=medium
* New upstream version
* Remove Peter Samuelson from uploaders. Thanks for your work in the past.
Closes: #852222
-- Stefan Fritsch <email address hidden> Fri, 04 Aug 2017 16:39:16 +0200
Available diffs
- diff from 1.5.2-5 to 1.6.2-1 (262.2 KiB)
apr (1.5.2-5) unstable; urgency=medium
[ Helmut Grohne ]
* Fix FTCBFS: (Closes: #840891)
+ Annotate Build-Depends: python with :any
+ cross.patch: Build gen_test_char with the build arch compiler
-- Stefan Fritsch <email address hidden> Sat, 10 Dec 2016 17:41:09 +0100
Available diffs
- diff from 1.5.2-4 to 1.5.2-5 (1.3 KiB)
apr (1.5.2-4) unstable; urgency=medium [ Jean-Michel Vourgère ] * Update Vcs-Browser: address. * d/watch: Check gpg signature of upstream source. [ Stefan Fritsch ] * Run buildconf with LC_ALL=C to fix some reproducible build issues. * Bump Standards-Version (no changes) -- Stefan Fritsch <email address hidden> Sun, 29 May 2016 15:44:28 +0200
Available diffs
- diff from 1.5.2-3 to 1.5.2-4 (195.8 KiB)
apr (1.5.2-3) unstable; urgency=medium
* Use flock for apr_file_lock()/_unlock(). This has the advantage that
the lock is per FD and not per process. On the other hand, locking over
NFS may not work any more for non-Linux kernels. Closes: #752872
* Add debug output for strange test failure on reproducible.debian.net.
-- Stefan Fritsch <email address hidden> Thu, 20 Aug 2015 13:47:59 +0200
Available diffs
- diff from 1.5.2-1 to 1.5.2-3 (1.8 KiB)
- diff from 1.5.2-2 to 1.5.2-3 (1.2 KiB)
apr (1.5.2-2) unstable; urgency=medium
* Remove the buildhost's hostname from libtool for reproducible builds.
* Fix ipv6 address comparison in apr_mcast_interface/apr_mcast_join.
Thanks to Andre Naujoks <nautsch2 gmail com> for the patch.
Closes: #759534
-- Stefan Fritsch <email address hidden> Mon, 17 Aug 2015 18:49:41 +0200
Available diffs
- diff from 1.5.2-1 to 1.5.2-2 (1.1 KiB)
apr (1.5.2-1) unstable; urgency=medium * New upstream version * Don't ship useless *.md5 doxygen files. * Bump Standards-Version (no changes) -- Stefan Fritsch <email address hidden> Sat, 15 Aug 2015 16:39:04 +0200
Available diffs
- diff from 1.5.1-3 to 1.5.2-1 (24.9 KiB)
apr (1.5.1-3) unstable; urgency=medium [Helmut Grohne] * Check for libtoolize rather than libtool. Closes: #761732 [ Stefan Fritsch ] * Update Vcs-Git URL in control file. -- Stefan Fritsch <email address hidden> Sat, 20 Sep 2014 22:21:24 +0200
Available diffs
- diff from 1.5.1-2 to 1.5.1-3 (1.2 KiB)
apr (1.5.1-2) unstable; urgency=medium
* Backport build fix from upstream SVN to avoid building some parts
twice. This should also fix the build failure on amd64.
* Fix build problem with new make.
-- Stefan Fritsch <email address hidden> Mon, 12 May 2014 23:21:06 +0200
Available diffs
- diff from 1.5.1-1 to 1.5.1-2 (1.1 KiB)
apr (1.5.1-1) unstable; urgency=low * New upstream version -- Stefan Fritsch <email address hidden> Thu, 01 May 2014 10:37:50 +0200
Available diffs
- diff from 1.5.0-1 to 1.5.1-1 (28.3 KiB)
apr (1.5.0-1) unstable; urgency=low
* New upstream version
* Pull changes from upstream 1.5.x branch up to r1552863 to fix problems
on the FreeBSD 10 kernel with accept4() and non-blocking sockets.
-- Stefan Fritsch <email address hidden> Mon, 30 Dec 2013 16:37:54 +0100
Available diffs
- diff from 1.4.8-3 to 1.5.0-1 (115.8 KiB)
apr (1.4.8-3) unstable; urgency=low
* Re-add the logic to force use of bash for configure/libtool. Otherwise,
if the package is build with /bin/sh -> /bin/bash, the shipped libtool
won't work on systems with /bin/sh -> /bin/dash. This got lost in
1.4.8-2. Closes: #730196
-- Stefan Fritsch <email address hidden> Sat, 23 Nov 2013 00:57:30 +0100
Available diffs
- diff from 1.4.8-2 to 1.4.8-3 (1.1 KiB)
apr (1.4.8-2) unstable; urgency=low
* Merge some changes from Ubuntu's 1.4.8-1ubuntu1:
- Fix the confusion between HOST and BUILD variables in rules.
- Add a set of autoconf preseeds that are only used when cross-building.
* Change cross-building preseeds to only apply on linux.
* Cherry-pick fix for O_NONBLOCK configure check from upstream 1.4.x
branch.
* Switch build system to dh
- No longer hard-codes -fstack-protector on unsupported platforms.
Closes: #717231
- Bump Standards-Version (no additional changes).
* Support multi-arch.
* Enable sctp support on Linux.
* Change apr_rules.mk to not force CFLAGS, etc. to the values used during
apr's compilation.
* Fix accept4() configure test to work on Hurd. Closes: #715028
-- Stefan Fritsch <email address hidden> Wed, 06 Nov 2013 19:37:05 +0100
Available diffs
| Published in wheezy-release |
apr (1.4.6-3+deb7u1) stable; urgency=low
* Don't override CFLAGS and LDFLAGS during build. This fixes the debug
information being useless. Closes: #703466
-- Stefan Fritsch <email address hidden> Wed, 03 Jul 2013 11:33:06 +0200
apr (1.4.8-1) unstable; urgency=low
* New upstream release
* Remove the test debug output added in 1.4.6-3. The bug was #673711 in
eglibc and has been fixed some time ago.
-- Stefan Fritsch <email address hidden> Thu, 04 Jul 2013 23:25:10 +0200
apr (1.4.6-4) unstable; urgency=low
* Make the /dev/shm sanity check during build work if it is a symbolic link.
* Remove the ancient ino_t configure sanity test that causes a FTBFS on x32.
Closes: #701193
* Don't override CFLAGS and LDFLAGS during build. This fixes the debug
information being useless. Closes: #703466
-- Stefan Fritsch <email address hidden> Sat, 11 May 2013 15:06:24 +0200
apr (1.4.6-3) unstable; urgency=low
* Fix some issues with resolving loopback addresses of a protocol family
that is not otherwise configured on a host. Many thanks to Jean-Michel
Vourgère and Aurelien Jarno for debugging this.
Closes: #500558, #629899 LP: #397393
* Pull updates from upstream branch 1.4.x up to r1343251
* Add some debug output in order to debug test failures on kfreebsd-i386.
-- Stefan Fritsch <email address hidden> Mon, 28 May 2012 16:02:12 +0200
Available diffs
- diff from 1.4.6-2 to 1.4.6-3 (6.5 KiB)
apr (1.4.6-2) unstable; urgency=low
* Enable use of some new APIs. The minimal required linux kernel version is
now 2.6.28.
* Improvements for Hurd (closes: #656880):
- Re-enable test suite
- Update build hints, disable non-working shm and flock methods. Thanks to
Pino Toscano for the patches.
* Switch VCS to git.
* Switch to source format 3.0, debhelper 9. Thanks to Jari Aalto for the
patch. Closes: #664299
* Remove sendfile LFS patch that was only necessary for 2.4 kernels.
* Fix some lintian warnings (dh_prep, build-indep/build-arch targets).
* Bump Standards-Version (no changes).
-- Stefan Fritsch <email address hidden> Sun, 20 May 2012 21:39:17 +0200
Available diffs
- diff from 1.4.6-1 to 1.4.6-2 (7.9 KiB)
| Published in squeeze-release |
apr (1.4.2-6+squeeze4) stable; urgency=low
* Fix apr_file_trunc() bug which could lead to subversion repository
corruption in some rare cases. Closes: #664451
-- Stefan Fritsch <email address hidden> Sun, 01 Apr 2012 00:50:32 +0200
apr (1.4.6-1) unstable; urgency=low
* New upstream release:
- Fixes apr_file_trunc() bug which could lead to subversion repository
corruption. Closes: #664451
- Adds randomization to hashes. CVE-2012-0840 (but not known to be
exploitable in httpd or svn). Closes: #655435
* Remove Tollef Fog Heen and Ryan Niebur from uploaders. Thanks for your
work in the past.
-- Stefan Fritsch <email address hidden> Sun, 18 Mar 2012 23:22:59 +0100
Available diffs
| Published in lenny-release |
apr (1.2.12-5+lenny5) oldstable; urgency=low
* Disable robust pthread mutexes on alpha, arm, and armel. This fixes build
problems on buildds running newer Linux kernels.
-- Stefan Fritsch <email address hidden> Mon, 16 Jan 2012 15:45:55 +0100
apr (1.4.5-1.1) unstable; urgency=low
* Non-maintainer upload.
* Disable robust pthread mutexes on armhf causes testprocmutex to hang on
non-SMP cores. (Closes: #650350)
-- Hector Oron <email address hidden> Thu, 01 Dec 2011 00:04:08 +0000
| Superseded in squeeze-release |
apr (1.4.2-6+squeeze3) stable; urgency=low * Fix apr_ino_t changing size depending on -D_FILE_OFFSET_BITS on kfreebsd-*. Closes: #616323 -- Stefan Fritsch <email address hidden> Mon, 13 Jun 2011 12:15:22 +0200
apr (1.4.5-1) unstable; urgency=high * New upstream version: - Fix regression introduced by fix for CVE-2011-0419: apr_fnmatch may consume 100% CPU. CVE-2011-1928. Closes: #627182 * Fix allocator using mmap crashing on non-4k-page platforms. Thanks to Lifeng Sun for the patch. Closes: #627532 -- Stefan Fritsch <email address hidden> Sat, 21 May 2011 20:49:17 +0200
apr (1.4.4-1) unstable; urgency=low * New upstream release. - Fix potential DoS in apr_fnmatch (CVE-2011-0419) * Enable experimental allocator using mmap instead of malloc. This makes Apache HTTPD's MaxMemFree directive actually work and hopefully reduces memory fragmentation. * Bump standards-version (no changes). * Reword some short descriptions to make lintian happy. -- Stefan Fritsch <email address hidden> Thu, 12 May 2011 22:43:36 +0200
apr (1.4.2-8) unstable; urgency=low * Fix apr_ino_t changing size depending on -D_FILE_OFFSET_BITS on kfreebsd-*. Closes: #616323 -- Stefan Fritsch <email address hidden> Sat, 05 Mar 2011 21:14:02 +0100
apr (1.4.2-7) unstable; urgency=low * Add a workaround for a problem related to strict aliasing that causes gcc 4.5 to create incorrect code in some cases. Closes: #609163 LP: #697105 * Bump standards version to 3.9.1: - empty dependency_libs section in libapr-1.la -- Stefan Fritsch <email address hidden> Sat, 05 Feb 2011 18:22:58 +0100
apr (1.4.2-6) unstable; urgency=low
* Also disable robust pthread mutexes on alpha, to fix hang in the test
suite on Linux 2.6.32.
-- Stefan Fritsch <email address hidden> Mon, 30 Aug 2010 23:42:23 +0200
apr (1.4.2-5) unstable; urgency=medium
* Fix FTBFS on armel: Disable robust pthread mutexes on armel, as they
cause a hang in the test suite on Linux 2.6.32.
-- Stefan Fritsch <email address hidden> Sun, 29 Aug 2010 22:00:11 +0200
apr (1.4.2-4) unstable; urgency=low
* Fix building with libtool 1.x. Closes: #575380
* Fix pool life-time issue with apr_socket_addr_get(), resulting in a memory
leak in Apache mod_proxy.
* Under Linux, if configure does not detect POSIX semaphores due to /dev/shm
not being mounted, abort the build. Closes: #591286
-- Stefan Fritsch <email address hidden> Tue, 17 Aug 2010 23:16:56 +0200
| Superseded in lenny-release |
apr (1.2.12-5+lenny2) stable; urgency=low
* Set FD_CLOEXEC flag on file descriptors. Not doing so caused Apache httpd
modules which do not use the apr API for executing other processes to leak
file descriptors to the called processes. In some setups, this could cause
security issues and/or problems with Apache failing to restart. This issue
affected mod_php (but not mod_cgi). Closes: #366124
-- Stefan Fritsch <email address hidden> Tue, 01 Jun 2010 23:11:19 +0200
apr (1.4.2-3) unstable; urgency=low * Upload to unstable. -- Stefan Fritsch <email address hidden> Sun, 31 Jan 2010 10:56:45 +0100
| Deleted in experimental-release (Reason: None provided.) |
apr (1.4.2-2) experimental; urgency=low
* Fix FTBFS on kfreebsd: Create os specific symbols file: With *_epoll on
linux, with *_kqueue on kfreebsd, with neither on hurd.
* Bump Standards-Version:
- In the rules file, use the DEB_*_ARCH* instead of the DEB_*_GNU*
variables, where applicable.
-- Stefan Fritsch <email address hidden> Thu, 28 Jan 2010 20:28:07 +0100
| Superseded in experimental-release |
apr (1.4.2-1) experimental; urgency=low
[ Stefan Fritsch ]
* New upstream release
* Enable use of O_CLOEXEC. This raises the minimum required kernel version
to 2.6.23. Disable the other new APIs (which would require 2.6.27 or
2.6.28) by using configure flags instead of patching the source.
[ Peter Samuelson ]
* Apply patch from Nobuhiro Iwamatsu to disable some pthread
functionality on SH4. (Closes: #549153)
-- Stefan Fritsch <email address hidden> Thu, 28 Jan 2010 07:33:48 +0100
| Superseded in lenny-release |
apr (1.2.12-5+lenny1) stable-security; urgency=high
* Fix CVE-2009-2412: overflow in pool allocations, where size alignment
was taking place.
-- Peter Samuelson <email address hidden> Thu, 06 Aug 2009 09:22:28 -0500
apr (1.3.8-1) unstable; urgency=high
[ Stefan Fritsch ]
* Enable -fstack-protector for arm/armel. A workaround has been added to
gcc.
[ Peter Samuelson ]
* New upstream security release.
- Fix CVE-2009-2412, overflow in pool allocations, where size
alignment was taking place.
-- Peter Samuelson <email address hidden> Thu, 06 Aug 2009 13:00:03 -0500
apr (1.3.7-1) unstable; urgency=low * New upstream release. -- Stefan Fritsch <email address hidden> Fri, 24 Jul 2009 11:12:20 +0200
apr (1.3.5-2) unstable; urgency=low
* Mark non-inheritable file descriptors with FD_CLOEXEC, to prevent leaking
them to processes exec'ed by applications that fail to use the apr API
correctly (i.e. mod_php). Closes: #366124
* Bump standards-version (no changes).
* Override soname lintian warning (too late to change that).
-- Stefan Fritsch <email address hidden> Tue, 23 Jun 2009 22:15:02 +0200
apr (1.3.3-4) unstable; urgency=low
[ Ryan Niebur ]
* change the -dbg package's section to debug
* Fix building with newer libtool, thanks to John Wright for the patch
(Closes: #526346)
* use a symbols file without apr_socket_sendfile on kfreebsd based
architectures, fixing FTBFS (Closes: #520857)
* support nocheck in DEB_BUILD_OPTIONS
* Debian Policy 3.8.1
[ Stefan Fritsch ]
* Force use of bash in the embedded libtool
-- Stefan Fritsch <email address hidden> Sun, 10 May 2009 10:14:43 +0200
apr (1.3.3-3) unstable; urgency=low
* Reduce stack size for the 'testatomic' test since it may otherwise run out
of virtual memory on some buildds. This sometimes caused FTBFS on hppa.
-- Stefan Fritsch <email address hidden> Fri, 27 Feb 2009 14:58:02 +0100
apr (1.3.3-2) unstable; urgency=low
[ Ryan Niebur ]
* added support for parallel in DEB_BUILD_OPTIONS
* add me to Uploaders
[ Stefan Fritsch ]
* Correct description for libapr1-dbg (closes: #508144).
* Work around flock bug on hppa. This fixes the last remaining test failure,
testprocmutex (closes: #492295).
* Upload to unstable.
-- Stefan Fritsch <email address hidden> Mon, 23 Feb 2009 22:44:07 +0100
apr (1.2.12-5) unstable; urgency=low
* Actually switch to /dev/urandom instead of only adding a non-functional
patch. Closes: #501497
-- Stefan Fritsch <email address hidden> Wed, 08 Oct 2008 00:06:56 +0200
| 1 → 61 of 61 results | First • Previous • Next • Last |
