diff options
author | trawick <trawick@13f79535-47bb-0310-9956-ffa450edef68> | 2015-04-25 11:52:03 +0000 |
---|---|---|
committer | trawick <trawick@13f79535-47bb-0310-9956-ffa450edef68> | 2015-04-25 11:52:03 +0000 |
commit | ad36ae9654ab914bbbcacf125472f2454513d410 (patch) | |
tree | a2fedb42b26bb67457c59f4d85b9ec119b97c35e | |
parent | 1fa5fa560bdf6cac3a4ee57f0673e2fadd4c0224 (diff) | |
download | libapr-ad36ae9654ab914bbbcacf125472f2454513d410.tar.gz |
Add missing changes for r1676015
git-svn-id: http://svn.apache.org/repos/asf/apr/apr/branches/1.5.x@1676016 13f79535-47bb-0310-9956-ffa450edef68
-rw-r--r-- | CHANGES | 7 |
1 files changed, 7 insertions, 0 deletions
@@ -1,6 +1,13 @@ -*- coding: utf-8 -*- Changes for APR 1.5.2 + *) SECURITY: CVE-2015-1829 (cve.mitre.org) + APR applications using APR named pipe support on Windows can be + vulnerable to a pipe squatting attack from a local process; the extent + of the vulnerability, when present, depends on the application. + Initial analysis and report was provided by John Hernandez of Casaba + Security via HP SSRT Security Alert. [Yann Ylavic] + *) apr_atomic: Fix errors when building on Visual Studio 2013 while maintaining the ability to build on Visual Studio 6 with Windows Server 2003 R2 SDK. PR 57191. [Gregg Smith] |