diff options
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 229 |
1 files changed, 93 insertions, 136 deletions
@@ -1,179 +1,136 @@ -*- coding: utf-8 -*- -Changes for APR 1.5.2 +Changes for APR 1.6.5 - *) SECURITY: CVE-2015-1829 (cve.mitre.org) - APR applications using APR named pipe support on Windows can be - vulnerable to a pipe squatting attack from a local process; the extent - of the vulnerability, when present, depends on the application. - Initial analysis and report was provided by John Hernandez of Casaba - Security via HP SSRT Security Alert. [Yann Ylavic] + *) Fix Win32 build breakage in apr_os_exp_time_put() in 1.6.4. [Rainer Jung] + +Changes for APR 1.6.4 (not released) - *) apr_atomic: Fix errors when building on Visual Studio 2013 while - maintaining the ability to build on Visual Studio 6 with Windows - Server 2003 R2 SDK. PR 57191. [Gregg Smith] - - *) Switch to generic atomics for early/unpatched Solaris 10 not exporting - some atomic functions. PR 55418. [Yann Ylavic] - - *) apr_file_mktemp() on HP-UX: Remove limitation of 26 temporary files - per process. PR 57677. [Jeff Trawick] - - *) apr_escape: Correctly calculate the size of the returned string in - apr_escape_path and set the correct return value in case we actually - escape the string. [<aduryagin gmail.com>] PR 57230. - - *) pollcb on Windows: Handle calls with no file/socket descriptors. - Follow up to PR 49882. [Jeff Trawick, Yann Ylavic] - - *) apr_poll(cb): fix error paths returned values and leaks. [Yann Ylavic] - - *) apr_thread_cond_*wait() on BeOS: Fix broken logic. PR 45800. - [Jochen Voss (no e-mail)] + *) configure: Fix detection of <net/if.h> on OpenBSD. + PR 61976. [David Carlier <devnexen gmail.com>, Yann Ylavic] - *) apr_skiplist: Optimize the number of allocations by reusing pooled or - malloc()ed nodes for the lifetime of the skiplist. [Yann Ylavic] + *) Fix apr_parse_addr_port() regression in scope_id parsing introduced + in 1.6.3. [Rainer Jung] - *) apr_skiplist: Fix possible multiple-free() on the same value in - apr_skiplist_remove_all(). [Yann Ylavic] + *) Fix Win32 file buffer locking behavior for single threaded file streams. + [Evgeny Kotkov, Mladen Turk, Jean-Frederic Clere] - *) apr_pollset: On z/OS, threadsafe apr_pollset_poll() may return - "EDC8102I Operation would block" under load. - [Pat Odonnell <patod us.ibm.com>] + *) Numerous corrections to APR poll behavior. [Yann Ylavic] - *) On z/OS, apr_sockaddr_info_get() with family == APR_UNSPEC was not - returning IPv4 addresses if any IPv6 addresses were returned. - [Eric Covener] +Changes for APR 1.6.3 - *) Windows cmake build: Fix an incompatibility with cmake 2.8.12 and - later. [Jeff Trawick] + *) apr_file_trunc: Truncating a buffered file could add unexpected + data after the truncate position. PR 51017. + [Evgeny Kotkov <evgeny.kotkov visualsvn.com>] - *) apr_global_mutex/apr_proc_mutex: Resolve failures with the - POSIX sem implementation in environments which receive signals. - [Jeff Trawick] + *) apr_file_trunc: Fix an issue where reading from a buffered file + after truncate could return stale data from the buffer. + [Evgeny Kotkov <evgeny.kotkov visualsvn.com>] - *) apr_skiplist: Fix potential corruption of skiplists leading to - results or crashes. [Takashi Sato <takashi tks st>, Eric Covener] - PR 56654. + *) apr_ipsubnet_create() now fails for an empty input string. + [Joe Orton] - *) Improve platform detection by updating config.guess and config.sub. - [Rainer Jung] +Changes for APR 1.6.2 -Changes for APR 1.5.1 + *) Corrected non-Unix builds for APR_LOCK_DEFAULT. - *) apr_os_proc_mutex_get() on Unix: Avoid segfault for cross- - process pthread mutexes. [Yann Ylavic <ylavic.dev gmail.com>] +Changes for APR 1.6.1 - *) When using shmget-based shared memory, the ID used for ftok is - now an APR hash of the filename instead of the constant '1'. - We do this to help avoid collisions. PR 53996 [Jim Jagielski] + *) Defer timed locks API for later 1.7 release [Nick Kew, William Rowe] - *) apr_socket_atreadeof(): Fix breakage on OS X. [Jim Jagielski] + *) Export build files find_apr.m4 and apr_common.m4 [Jacob Champion] - *) Fix POSIX shared memory (shm_open) use for named shared memory. - Includes adding '--enable-posix-shm' to force POSIX shm if - available, and OS X compatibility. PR 55928. - [Jozef Hatala <jh-asf skrt org>, Jim Jagielski] +Changes for APR 1.6.0 - *) Fix race condition when calling apr_dir_make_recursive from - multiple threads on Windows. - [Bert Huijben] + *) apr_allocator: Provide apr_allocator_align() to get the true size that + would be allocated for the given size (including the header and + alignment). [Yann Ylavic] - *) Fix apr_escape.c compilation errors on EBCDIC platforms. - [Eric Covener] + *) apr_os_proc_mutex_put_ex: Allow to specify whether the OS native + mutex should or not be cleaned up (destroyed) with the constructed + APR mutex (given pool), and default to not for the simple _put() + function. [Yann Ylavic] - *) FreeBSD 10: Correct a regression in 1.5.0 which affected non- - blocking sockets in some applications, including httpd. [Jeff - Trawick] + *) apr_proc/global_mutex: Fix API regarding the native OS mutexes + accessors from/to available APR mechanisms, adding the new functions + apr_os_proc_mutex_get_ex() and apr_os_proc_mutex_set_ex() which give + control to the user over the selected mechanisms, including the missing + POSIX semaphores (sem_t) on platforms supporting them. + [Yann Ylavic] - *) Windows cmake build: Fix incorrect installation of some .pdb - files. Fix incorrect use of some logic intended for Windows 9x, - including legacy filesystem interfaces and dynamic loading of - some Windows APIs. [Jeff Trawick] + *) apr_proc_mutex-pthread: Refcount shared mutexes usage to avoid + destruction while still is use by some process(es). PR 49504. + [Yann Ylavic] - *) apr_skiplist: Add compatibility with C++ applications. - [Jeff Trawick] + *) apr_file_io: Add apr_file_pipe_create_pools() allowing a pair of + pipes to be created, each in a different pool. [Graham Leggett] - *) Correct a regression in 1.5.0 which affected out-of-tree - builds on Unix. [Rainer Jung] + *) Add apr_pollcb_wakeup(), with similar behavior to + apr_pollset_wakeup(). Add apr_pollcb_method_name(), with similar + behavior to apr_pollset_method_name(). + [Neil Conway <nrc cs berkeley edu>, Jeff Trawick] - *) Improve platform detection by updating config.guess and config.sub. - [Rainer Jung] + *) apr_table_overlap: Add APR_OVERLAP_TABLES_ADD to merge and set when + overlapping tables. [Graham Leggett] -Changes for APR 1.5.0 + *) locks: Introduce apr_{thread,proc,global}_mutex_timedlock(). + [Yann Ylavic] - *) Fix Linux kernel version check to recognize more versions, - including versions 3.10 and later. PR 55690. [Joe Orton, - Arfrever Frehtes Taifersar Arahesis <arfrever.fta gmail.com>] + *) Introduce the apr_cstr_fn() family of functions, derived from + the svn_cstring_ functions of the Subversion project. - *) Add apr_sockaddr_is_wildcard() to check if a socket address - refers to the wildcard address for the protocol family (e.g., - 0.0.0.0/INADDR_ANY for IPv4). [Jeff Trawick] + *) Add APR_SO_FREEBIND option for apr_socket_opt_set. PR 58725. + [Ashley GC, Jan Kaluza, Joe Orton] - *) apr_file_dup2() on Windows: Fix debug RTL assertion when - attempting to _commit(stdout) or _commit(stderr). [Mike Rumph - <mike.rumph oracle.com>] + *) apr_filepath_merge: Fix truename length calculation on Windows + in cases where the "short" name variant is actually longer than + the "long" or "true" name. See: testnames.c:merge_shortname(). + [Bert Huijben <rhuijben a.o>] - *) apr_socket_connect() on Windows: Handle WSAEISCONN. PR 48736. - [<inoue ariel-networks.com>, Jeff Trawick] - - *) z/OS: threadsafe apr_pollset_poll support for sockets [Greg Ames] - - *) Windows: Don't obtain a mutex for buffered file I/O unless the - file was opened with the APR_FOPEN_XTHREAD flag. [Ivan Zhakov - <ivan visualsvn.com>] - - *) Windows: Create named shared memory segments under the "Local" - namespace if the caller is unprivileged, fixing an inability of - unprivileged callers to use apr_shm_create() with named shared - memory segments under recent Windows. As before, shared memory - segments are created under the "Global" namespace for privileged - callers. Add apr_shm_create_ex() and apr_shm_attach_ex(), which - provide the ability to override the normal namespace selection. - [Jeff Trawick] - - *) Update compile settings for MINT OS. PR 47181. [Alan Hourihane - <alanh fairlite.co.uk>] - - *) Files and pipes on Windows: Don't create an unused pollset when - files and pipes are opened. [Mladen Turk] + *) apr_atomic: Fix errors when building on Visual Studio 2013 while + maintaining the ability to build on Visual Studio 6 with Windows + Server 2003 R2 SDK. PR 57191. [Gregg Smith] - *) apr_socket_timeout_set() on Windows: If the socket was in a non- - blocking state before, disable that setting so that timeouts work. - [Jeff Trawick] + *) apr_skiplist: Add apr_skiplist_addne*() family to preserve existing + values (no duplicate), add apr_skiplist_size(), apr_skiplist_height() + and apr_skiplist_preheight() to get the corresponding current values, + and apr_skiplist_set_preheight() to modify it. [ Yann Ylavic ] - *) File info APIs: Fix calculation of atime and mtime on AIX. PR 51146. - [Ruediger Pluem] + *) Add new --enable-allocator-guard-pages which is like allocator-uses-mmap, + but will also add inaccessible guard pages before and after each memnode. + This will result in higher ressource usage but allow to find/protect + against certain buffer overflow/overread bugs. Under Linux, it may be + necessary to increase /proc/sys/vm/max_map_count . [Stefan Fritsch] - *) Add the apr_escape interface. [Graham Leggett] + *) apr_skiplist: Add apr_skiplist_add() to support multiple values. - *) Cygwin build fixes. PRs 51016 and 55586. [Carlo Bramini - <carlo.bramix libero.it>] + *) Add new --enable-pool-concurrency-check configure option to detect + thread-unsafe concurrent accesses to pools. Runtime costs should be + relatively low. [Stefan Fritsch] - *) Add apr_skiplist family. [Jim Jagielski] + *) Add support code to teach valgrind about APR pools and allocators. + [Stefan Fritsch] - *) Add experimental cmake-based build system for Windows. Refer to - README.cmake for more information. [Jeff Trawick, Tom Donovan] + *) Add apr_sockaddr_info_copy(), for making a deep copy of an + apr_sockaddr_t into a specified pool. [Yann Ylavic + <ylavic.dev gmail.com>] - *) Add the apr_table_getm() call, which transparently handles the - merging of keys with multiple values. [Graham Leggett] + *) Added Unix domain socket support. + [Mladen Turk] - *) Add apr_hash_this_key(), apr_hash_this_key_len(), and - apr_hash_this_val() for easier access to those attributes from - a hash iterator. [Hyrum K. Wright <hyrum_wright mail.utexas.edu>] + *) Add apr_shm_delete() to compliment apr_shm_remove(). + [Jim Jagielski] - *) MinGW/MSYS: Support shared builds of APR, other general improvements - to support of this toolchain. PR 46175. [Carlo Bramini - <carlo.bramix libero.it>] + *) Intruduce APR_PERMS_SET macros for setting the owner/group on + objects. Currently only implemented for shm, proc and global + mutexes on posix platforms. + [Mladen Turk] - *) Improve platform detection by updating config.guess and config.sub. - [Rainer Jung] + *) Add apr_escape_ldap() and apr_pescape_ldap(), escaping characters + as described by RFC4514 and RFC4515 respectively. [Graham Leggett] - *) apr_socket_opt_set: Add support for APR_SO_BROADCAST. PR 46389. - [Armin Müller <mueller itestra com>] +Changes for APR 1.5.x and later: - *) Enable platform specific support for the opening of a file or - pipe in non-blocking mode through the APR_FOPEN_NONBLOCK flag. - [Graham Leggett] + *) http://svn.apache.org/viewvc/apr/apr/branches/1.5.x/CHANGES?view=markup Changes for APR 1.4.x and later: |