Ubuntu's only delta is a security patch, which was incorporated in the new
upstream release that debian just imported:
apr (1.7.5-1) unstable; urgency=medium
* New usptream version
- CVE-2023-49582: Unexpected lax shared memory permissions
Closes: #1080375
-- Stefan Fritsch <[email protected]> Sat, 07 Sep 2024 11:01:36 +0200
This debian upload, however, has many more changes, not disclosed in the
changelog:
$ git show -- debian/|diffstat
b/debian/changelog | 8 +++
b/debian/libapr1t64.lintian-overrides | 1
b/debian/patches/debug_testpoll_failure.patch | 6 +-
b/debian/patches/fix-atomics.patch | 34 ++++----------
b/debian/patches/fix_doxygen.patch | 6 +-
b/debian/patches/hurd_path_max.patch | 2
b/debian/patches/hurd_shm_flock.patch | 6 +-
b/debian/patches/series | 1
b/debian/upstream/signing-key.asc | 250
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
debian/patches/fix-atomics-some-more.patch | 190
-------------------------------------------------------------------------------
10 files changed, 278 insertions(+), 226 deletions(-)
In particular:
- d/p/fix-atomics.patch: changed
- d/p/fix-atomics-some-more.patch: removed
- d/upstream/signing-key.asc: updated
Other patches seem to have just been refreshed.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-49582
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2085215
Title:
Merge apr from Debian unstable for plucky
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apr/+bug/2085215/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
