- Update apr to 2.0.51

- Fix permissions on installed .h files

- ok'ed snj@, wiz@
- Thanks to epg@ for final check

This version of Apache is principally a bug fix release. Of particular note is
that 2.0.51 addresses five security vulnerabilities:

An input validation issue in IPv6 literal address parsing which can result in
a negative length parameter being passed to memcpy.
[CAN-2004-0786]

A buffer overflow in configuration file parsing could allow a local user to
gain the privileges of a httpd child if the server can be forced to parse a
carefully crafted .htaccess file.
[CAN-2004-0747]

A segfault in mod_ssl which can be triggered by a malicious remote server,
if proxying to SSL servers has been configured.
[CAN-2004-0751]

A potential infinite loop in mod_ssl which could be triggered given
particular timing of a connection abort.
[CAN-2004-0748]

A segfault in mod_dav_fs which can be remotely triggered by an indirect lock
refresh request.
[CAN-2004-0809]

For further details, see http://www.apache.org/dist/httpd/Announcement2.html
and http://apache.rmplc.co.uk/httpd/CHANGES_2.0.

0 files changed, 0 insertions, 0 deletions