Publishing details

Published on 2011-09-15
Copied from ubuntu natty in Private PPA for Ubuntu Security Team

Changelog

apr (1.4.2-7ubuntu2.1) natty-security; urgency=low

  * SECURITY UPDATE: denial of service in apr_fnmatch exploitable via
    apache's mod_index
    - debian/patches/029_fnmatch_CVE-2011-0419.dpatch: rewrite
      apr_fnmatch to have a better time bounds on execution.
    - CVE-2011-0419
    - debian/patches/030_fnmatch_CVE-2011-1928.dpatch: fix possible
      DoS introduced by patch for CVE-2011-0419.
    - CVE-2011-1928
 -- Steve Beattie <email address hidden>   Thu, 19 May 2011 17:28:01 -0700

Available diffs

diff from 1.4.2-7ubuntu2 (in Ubuntu) to 1.4.2-7ubuntu2.1 (8.8 KiB)

Builds

Built packages

libapr1 The Apache Portable Runtime Library

libapr1-dbg The Apache Portable Runtime Library - Debugging Symbols

libapr1-dev The Apache Portable Runtime Library - Development Headers

Package files

apr_1.4.2-7ubuntu2.1.diff.gz (26.8 KiB)
apr_1.4.2-7ubuntu2.1.dsc (2.1 KiB)
apr_1.4.2.orig.tar.gz (927.7 KiB)
libapr1-dbg_1.4.2-7ubuntu2.1_i386.deb (18.6 KiB)
libapr1-dev_1.4.2-7ubuntu2.1_i386.deb (954.9 KiB)
libapr1_1.4.2-7ubuntu2.1_i386.deb (77.8 KiB)