apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From traw...@apache.org
Subject svn commit: r1003214 - /apr/apr-util/branches/1.3.x/CHANGES
Date Thu, 30 Sep 2010 19:36:51 GMT
Author: trawick
Date: Thu Sep 30 19:36:50 2010
New Revision: 1003214

URL: http://svn.apache.org/viewvc?rev=1003214&view=rev
Log:
reflect expat updates in r1002632

Submitted by: jorton

Modified:
    apr/apr-util/branches/1.3.x/CHANGES

Modified: apr/apr-util/branches/1.3.x/CHANGES
URL: http://svn.apache.org/viewvc/apr/apr-util/branches/1.3.x/CHANGES?rev=1003214&r1=1003213&r2=1003214&view=diff
==============================================================================
--- apr/apr-util/branches/1.3.x/CHANGES [utf-8] (original)
+++ apr/apr-util/branches/1.3.x/CHANGES [utf-8] Thu Sep 30 19:36:50 2010
@@ -1,6 +1,13 @@
                                                      -*- coding: utf-8 -*-
 Changes with APR-util 1.3.10
 
+  *) SECURITY: CVE-2009-3560, CVE-2009-3720 (cve.mitre.org)
+     Fix two buffer over-read flaws in the bundled copy of expat which
+     could cause applications to crash while parsing specially-crafted
+     XML documents.  [Joe Orton]
+
+  *) Upgrade bundled copy of expat library to 1.95.7.  [Joe Orton]
+
   *) apr_thread_pool: Fix some potential deadlock situations.  PR 49709.
      [Joe Mudd <Joe.Mudd sas.com>]
 



Mime
View raw message