Update "apr-util" package to version 1.3.7. Changes since version 1.3.4:

- SECURITY:
  Fix a denial of service attack against the apr_xml_* interface
  using the "billion laughs" entity expansion technique.
- SECURITY: CVE-2009-0023 (cve.mitre.org)
  Fix underflow in apr_strmatch_precompile.
- Minor build and bug fixes.
- SECURITY: CVE-2009-0023 (cve.mitre.org)
  Fix underflow in apr_strmatch_precompile.
- Fix off by one overflow in apr_brigade_vprintf.
- APR_LDAP_SIZELIMIT should prefer LDAP_DEFAULT_LIMIT/-1 when the
  SDK supports it, but in the absence of LDAP_DEFAULT_LIMIT (and
  LDAP_NO_LIMIT/0) it is not safe to use a literal -1.
  Bug 23356
- Clean up ODBC types. Warnings seen when compiling packages for
  Fedora 11.
- Use of my_init() requires my_global.h and my_sys.h.
- Fix apr_memcache_multgetp memory corruption and incorrect error
  handling. Bug 46588
- Fix memcache memory leak with persistent connections.
  Bug 46482
- Add Oracle 11 support.
- apr_dbd_freetds: Avoid segfault when process is NULL.
  Do no print diagnostics to stderr. Never allow driver to exit
  process.
- apr_dbd_freetds: The sybdb.h header file might be freetds/sybdb.h
  or sybdb.h.
- LDAP detection improvements: --with-ldap now supports library names
  containing non-alphanumeric characters, such as libldap-2.4.so.  New
  option --with-lber can be used to override the default liblber name.
  Fix a problem reporting the lber library from apu-N-config.
- Suppress pgsql column-out-of-range warning.
- Fix a buffer overrun and password matching for SHA passwords.
- Introduce DSO handling of the db, gdbm and ndbm drivers, so these are
  loaded as .so's on first demand, unless --disable-util-dso is configured.
- Fix a segfault in the DBD testcase when the DBD modules were not present.

0 files changed, 0 insertions, 0 deletions