SECURITY: CVE-2021-35940 (cve.mitre.org)

Restore fix for CVE-2017-12613 which was missing in 1.7.x branch, though was addressed in 1.6.x in 1.6.3 and later via r1807976. The fix was merged back to 1.7.x in r1891198. Since this was a regression in 1.7.0, a new CVE name has been assigned to track this, CVE-2021-35940. Thanks to Iveta Cesalova <icesalov redhat.com> for reporting this issue. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/branches/1.7.x@1892358 13f79535-47bb-0310-9956-ffa450edef68
author: jorton <jorton@13f79535-47bb-0310-9956-ffa450edef68> 2021-08-16 08:27:09 +0000
committer: jorton <jorton@13f79535-47bb-0310-9956-ffa450edef68> 2021-08-16 08:27:09 +0000
commit: 280e951c324770ea2d97a17414f3c4e531a1b8a9 (patch)
tree: 58d47e0c677308b3808392cf56298d5b8802fbc4
parent: 07a59887006ca6a88eea41531043888c4e02834c (diff)
download: libapr-280e951c324770ea2d97a17414f3c4e531a1b8a9.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index 6aac4c0d1..bce513489 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,11 @@
                                                      -*- coding: utf-8 -*-
 Changes for APR 1.7.1
 
+  *) SECURITY: CVE-2021-35940 (cve.mitre.org)
+     Restore fix for out-of-bounds array dereference in apr_time_exp*() functions.
+     (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and
+     later 1.6.x releases, but was missing in 1.7.0.)  [Stefan Sperling]
+
   *) Add error handling for lseek() failures in apr_file_write() and
      apr_file_writev().  [Joe Orton]
author	jorton <jorton@13f79535-47bb-0310-9956-ffa450edef68>	2021-08-16 08:27:09 +0000
committer	jorton <jorton@13f79535-47bb-0310-9956-ffa450edef68>	2021-08-16 08:27:09 +0000
commit	280e951c324770ea2d97a17414f3c4e531a1b8a9 (patch)
tree	58d47e0c677308b3808392cf56298d5b8802fbc4
parent	07a59887006ca6a88eea41531043888c4e02834c (diff)
download	libapr-280e951c324770ea2d97a17414f3c4e531a1b8a9.tar.gz