Please support VectorLinux!

Author Topic: 20090623 apr-util-1.3.7 [VL6.0]  (Read 658 times)

toothandnail

  • Moderator
  • Vectorian
  • *****
  • Posts: 2527
20090623 apr-util-1.3.7 [VL6.0]
« on: June 23, 2009, 10:29:08 am »
rbistolfi has built a new Apr-util package for VectorLinux 6.0.
   
      
   
Code: [Select]
apr-util: apr-util (Apache Portable Runtime utilities)
apr-util:
apr-util: The mission of the Apache Portable Runtime (APR) is to provide a
apr-util: free library of C data structures and routines, forming a system
apr-util: portability layer to as many operating systems as possible.
apr-util:
apr-util: This package contains additional utility interfaces for APR;
apr-util: including support for XML, LDAP, database interfaces, URI parsing,
apr-util: and more.
apr-util:
apr-util:
   
   After testing this package please stop back here and let us know how it works for you.
   

Joe1962

  • Administrator
  • Vectorian
  • *****
  • Posts: 2499
    • Joe1962's Website
Re: 20090623 apr-util-1.3.7 [VL6.0]
« Reply #1 on: June 23, 2009, 11:03:22 am »
Version numbers for apr and apr-util are supposed to match, aren't they? Yet the apr package announced today is 1.3.5?
O'Neill (RE the Asgard): "Usually they ask nicely before they ignore us and do what they damn well please."
http://joe1962.bigbox.info
Running: VL 7 Std 64 + self-cooked XFCE-4.10

rbistolfi

  • Packager
  • Vectorian
  • ****
  • Posts: 2299
Re: 20090623 apr-util-1.3.7 [VL6.0]
« Reply #2 on: June 23, 2009, 12:02:59 pm »
I thought the same, but we are following Salackware in these packages and they released them with this version numbers. As they seem to work for me (I just launched httpd) I didn't worry too much.
The sw packages are in patches and here is the changelog:

Quote
+--------------------------+
Mon Jun 15 22:14:45 CDT 2009
patches/packages/apr-1.3.5-i486-1_slack12.1.tgz:  Upgraded.
patches/packages/apr-util-1.3.7-i486-1_slack12.1.tgz:  Upgraded.
  Fix underflow in apr_strmatch_precompile.
  Fix a denial of service attack against the apr_xml_* interface
  using the "billion laughs" entity expansion technique.
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
  (* Security fix *)
+--------------------------+

I will investigate a bit more and report back if I find something.
"There is a concept which corrupts and upsets all others. I refer not to Evil, whose limited realm is that of ethics; I refer to the infinite."
Jorge Luis Borges, Avatars of the Tortoise.

--
Jumalauta!!