-
apr-util (1.2.12+dfsg-8+lenny5) stable-security; urgency=high
* CVE-2010-1623: Fix denial of service vulnerability through memory consumption in apr_brigade_split_line() -- Stefan Fritsch <email address hidden> Thu, 30 Sep 2010 17:09:37 +0200
-
apr-util (1.2.12+dfsg-8+lenny4) stable-security; urgency=high
* CVE-2009-2412: Fix overflow in RMM allocations due to alignment.
-- Peter Samuelson <email address hidden> Thu, 06 Aug 2009 09:27:58 -0500
-
apr-util (1.2.12+dfsg-8+lenny3) stable; urgency=low
* CVE-2009-1956: Fix potential information disclosure bug on big-endian
architectures. On little-endian systems, this is not security relevant
but may still cause data corruption.
* Add CVE reference to previous changelog entry.
-- Stefan Fritsch <email address hidden> Tue, 09 Jun 2009 21:51:09 +0200
-
apr-util (1.2.12+dfsg-8) unstable; urgency=low
[ Ryan Niebur ]
* Upgraded to policy version 3.8.0
- Reference the copyright in common-licenses instead of including it
- support for noopt in DEB_BUILD_OPTIONS
- Added a README.source
- added support for parallel in DEB_BUILD_OPTIONS
* Dropped the XS- prefix for the Vcs fields in debian/control
* Made the watch file notice 1.3.x
[ Stefan Fritsch ]
* Bump libmysqlclient dependency to 5.0.51a since 5.0.32 from etch has some
bugs that can make apache2 hang (closes: #490859).
* Add 'Provides' for the modules that are still included in libaprutil1, but
will be moved to separate packages with apr-util 1.3.x. This will make
back-porting packages from lenny+1 to lenny easier.
-- Stefan Fritsch <email address hidden> Wed, 20 Aug 2008 22:29:26 +0200