apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject svn commit: r801435 - in /apr/site/trunk: dist/Announcement1.3.html dist/Announcement1.3.txt dist/HEADER.html dist/README.html doap.rdf
Date Wed, 05 Aug 2009 22:04:54 GMT
Author: wrowe
Date: Wed Aug  5 22:04:53 2009
New Revision: 801435

URL: http://svn.apache.org/viewvc?rev=801435&view=rev
Log:
prepare for release and announce

Modified:
    apr/site/trunk/dist/Announcement1.3.html
    apr/site/trunk/dist/Announcement1.3.txt
    apr/site/trunk/dist/HEADER.html
    apr/site/trunk/dist/README.html
    apr/site/trunk/doap.rdf

Modified: apr/site/trunk/dist/Announcement1.3.html
URL: http://svn.apache.org/viewvc/apr/site/trunk/dist/Announcement1.3.html?rev=801435&r1=801434&r2=801435&view=diff
==============================================================================
--- apr/site/trunk/dist/Announcement1.3.html (original)
+++ apr/site/trunk/dist/Announcement1.3.html Wed Aug  5 22:04:53 2009
@@ -8,33 +8,57 @@
  <body bgcolor="#ffffff" text="#000000" link="#525D76">
 <p><a href="http://apr.apache.org/"><img src="http://apr.apache.org/images/apr_logo_wide.png"
alt="The Apache Portable Runtime Project" border="0"/></a></p>
 
-<h1>Apache Portable Runtime 1.3.7 Released</h1>
+<h1>
+   Apache Portable Runtime 1.3.8 and APR-Utility 1.3.9 Released
+</h1>
 
-<p>The Apache Software Foundation and the Apache Portable Runtime
+<p>
+   The Apache Software Foundation and the Apache Portable Runtime
    Project are proud to announce the General Availability of
-   version 1.3.7 of the APR Apache Portable Runtime library.</p>
+   version 1.3.8 of the APR Apache Portable Runtime library, and
+   version 1.3.9 of the companion APR-util Apache Portable Utility
+   library.
 
-<p>The corresponding version 1.3.8 of the companion APR-util Apache Portable Utility
-   library as well as version 1.2.1 of the companion APR-iconv library,
+<p>
+   The corresponding version 1.2.1 of the companion APR-iconv library,
    an alternative portable implementation of the 'iconv' library,
-   remains current.</p>
+   remains current.
+</p>
 
-<p>APR is available for download from:</p>
+<p>
+   APR is available for download from:
+</p>
 
 <dl>
   <dd><a href="http://apr.apache.org/download.cgi"
     >http://apr.apache.org/download.cgi</a></dd>
 </dl>
 
-<p>This version of APR is primarily a bug fix release, including
+<p>
+   This version of APR is a security and bug fix release, including
    fixes for specific platforms' configuration, feature detection,
    and run time behavior.  Most developers and users are encouraged
    to adopt the latest APR 1.x version to ensure the most comprehensive 
-   support and access to the latest features and enhancements.</p>
+   support and access to the latest features and enhancements.
+</p>
 
-<p>Note that the APR-util library release 1.3.7 introduced security fixes,
-   users of prior versions are strongly cautioned to upgrade to a later
-   release.</p>
+<p>
+   Note that the APR library release 1.3.8 and APR-util library 
+   release 1.3.9 introduce security fixes, users of prior versions 
+   are strongly encouraged to upgrade to this release.  The flaws
+   addressed include;
+</p>
+
+<dl>
+  <dt>
+     SECURITY: CVE-2009-2412 (cve.mitre.org)
+  </dt>
+  <dd>
+     Fixes overflow in pools and rmm, due to size alignment.  The
+     APR project thanks Matt Lewis for his diligent reporting,
+     analysis, and submitted patch.
+  </DD>
+</dl>
 
 <p>The mission of the Apache Portable Runtime Project is to create
    and maintain software libraries that provide a predictable and

Modified: apr/site/trunk/dist/Announcement1.3.txt
URL: http://svn.apache.org/viewvc/apr/site/trunk/dist/Announcement1.3.txt?rev=801435&r1=801434&r2=801435&view=diff
==============================================================================
--- apr/site/trunk/dist/Announcement1.3.txt (original)
+++ apr/site/trunk/dist/Announcement1.3.txt Wed Aug  5 22:04:53 2009
@@ -1,27 +1,33 @@
-   Apache Portable Runtime 1.3.7 Released
+   Apache Portable Runtime 1.3.8 and APR-Utility 1.3.9 Released
 
    The Apache Software Foundation and the Apache Portable Runtime
    Project are proud to announce the General Availability of
-   version 1.3.7 of the APR Apache Portable Runtime library.
-
-   The corresponding version 1.3.8 of the companion APR-util Apache
-   Portable Utility library as well as version 1.2.1 of the companion
-   APR-iconv library, an alternative portable implementation of the 'iconv'
-   library, remains current.
+   version 1.3.8 of the APR Apache Portable Runtime library, and
+   version 1.3.9 of the companion APR-util Apache Portable Utility
+   library.
+
+   The corresponding version 1.2.1 of the companion APR-iconv library,
+   an alternative portable implementation of the 'iconv' library,
+   remains current.
 
    APR is available for download from:
 
      http://apr.apache.org/download.cgi
 
-   This version of APR is a primarily a bug fix release, including
+   This version of APR is a security and bug fix release, including
    fixes for specific platforms' configuration, feature detection,
    and run time behavior.  Most developers and users are encouraged
    to adopt the latest APR 1.x version to ensure the most comprehensive 
    support and access to the latest features and enhancements.
 
-   Note that the APR-util library release 1.3.7 introduced security fixes,
-   users of prior versions are strongly cautioned to upgrade to a later
-   release.
+   Note that the APR library release 1.3.8 and APR-util library 
+   release 1.3.9 introduce security fixes, users of prior versions 
+   are strongly encouraged to upgrade to this release.
+
+     SECURITY: CVE-2009-2412 (cve.mitre.org)
+     Fixes overflow in pools and rmm, due to size alignment.  The
+     APR project thanks Matt Lewis for his diligent reporting,
+     analysis, and submitted patch.
 
    The mission of the Apache Portable Runtime Project is to create
    and maintain software libraries that provide a predictable and

Modified: apr/site/trunk/dist/HEADER.html
URL: http://svn.apache.org/viewvc/apr/site/trunk/dist/HEADER.html?rev=801435&r1=801434&r2=801435&view=diff
==============================================================================
--- apr/site/trunk/dist/HEADER.html (original)
+++ apr/site/trunk/dist/HEADER.html Wed Aug  5 22:04:53 2009
@@ -12,8 +12,8 @@
 
 <ul>
 <li><a href="#mirrors">Download from your nearest mirror site!</a></li>
-<li><a href="#apr">APR 1.3.7 is the latest available version</a></li>
-<li><a href="#aprutil">APR-util 1.3.8 is the latest available version</a></li>
+<li><a href="#apr">APR 1.3.8 is the latest available version</a></li>
+<li><a href="#aprutil">APR-util 1.3.9 is the latest available version</a></li>
 <li><a href="#apriconv">APR-iconv 1.2.1 is the latest available version</a></li>
 <li><a href="#apr09">APR 0.9.18 is also available</a></li>
 <li><a href="#aprutil09">APR-util 0.9.17 is also available</a></li>

Modified: apr/site/trunk/dist/README.html
URL: http://svn.apache.org/viewvc/apr/site/trunk/dist/README.html?rev=801435&r1=801434&r2=801435&view=diff
==============================================================================
--- apr/site/trunk/dist/README.html (original)
+++ apr/site/trunk/dist/README.html Wed Aug  5 22:04:53 2009
@@ -8,23 +8,25 @@
       here to find your nearest mirror.</a>
 </p>
 
-
-<h2><a name="apr">APR 1.3.7 is the latest available version</a></h2>
+<h2><a name="apr">APR 1.3.8 is the latest available version</a></h2>
 
 <p>
-    APR 1.3.7 has been released, and should be considered
+    APR 1.3.8 has been released, and should be considered
     "general availability".
 </p>
+<p>
+    Note that APR 1.3.8 corrected a potential security issue,
+    users of all previous versions are cautioned to upgrade.
+</p>
 
-<h2><a name="aprutil">APR-util 1.3.8 is the latest available version</a></h2>
+<h2><a name="aprutil">APR-util 1.3.9 is the latest available version</a></h2>
 
 <p>
-    APR-util 1.3.8 has been released, and should be considered 
+    APR-util 1.3.9 has been released, and should be considered 
     "general availability".
 </p>
-
 <p>
-    Note that APR-util 1.3.7 corrected a number of potential security issues,
+    Note that APR-util 1.3.9 corrected a potential security issues,
     users of all previous versions are cautioned to upgrade.
 </p>
 
@@ -42,6 +44,11 @@
     a bug-fix release for users requiring API or binary compatibility
     with previous APR 0.9 releases.
 </p>
+<p>
+    Note that patches against potential security issues can be found
+    at <a href="http://www.apache.org/dist/apr/patches/"
+    >http://www.apache.org/dist/apr/patches/</a>.
+</p>
 
 <h2><a name="aprutil09">APR-util 0.9.17 is also available</a></h2>
 
@@ -55,6 +62,11 @@
     users of all previous versions are cautioned to upgrade to this release,
     or version 1.3.7 or later.
 </p>
+<p>
+    Note that patches against potential security issues can be found
+    at <a href="http://www.apache.org/dist/apr/patches/"
+    >http://www.apache.org/dist/apr/patches/</a>.
+</p>
 
 <h2><a name="apriconv09">APR-iconv 0.9.7 is also available</a></h2>
 

Modified: apr/site/trunk/doap.rdf
URL: http://svn.apache.org/viewvc/apr/site/trunk/doap.rdf?rev=801435&r1=801434&r2=801435&view=diff
==============================================================================
--- apr/site/trunk/doap.rdf (original)
+++ apr/site/trunk/doap.rdf Wed Aug  5 22:04:53 2009
@@ -43,16 +43,16 @@
 
     <release>
       <Version>
-        <name>APR current release 1.3.7</name>
-        <created>2009-07-23</created>
-        <revision>1.3.7</revision>
+        <name>APR current release 1.3.8</name>
+        <created>2009-08-04</created>
+        <revision>1.3.8</revision>
       </Version>
     </release>
     <release>
       <Version>
-        <name>APR-util current release 1.3.8</name>
-        <created>2009-07-06</created>
-        <revision>1.3.8</revision>
+        <name>APR-util current release 1.3.9</name>
+        <created>2009-08-04</created>
+        <revision>1.3.9</revision>
       </Version>
     </release>
     <release>



Mime
View raw message