CHANGES revision 289166
1 -*- coding: utf-8 -*- 2Changes for APR 1.5.2 3 4 *) SECURITY: CVE-2015-1829 (cve.mitre.org) 5 APR applications using APR named pipe support on Windows can be 6 vulnerable to a pipe squatting attack from a local process; the extent 7 of the vulnerability, when present, depends on the application. 8 Initial analysis and report was provided by John Hernandez of Casaba 9 Security via HP SSRT Security Alert. [Yann Ylavic] 10 11 *) apr_atomic: Fix errors when building on Visual Studio 2013 while 12 maintaining the ability to build on Visual Studio 6 with Windows 13 Server 2003 R2 SDK. PR 57191. [Gregg Smith] 14 15 *) Switch to generic atomics for early/unpatched Solaris 10 not exporting 16 some atomic functions. PR 55418. [Yann Ylavic] 17 18 *) apr_file_mktemp() on HP-UX: Remove limitation of 26 temporary files 19 per process. PR 57677. [Jeff Trawick] 20 21 *) apr_escape: Correctly calculate the size of the returned string in 22 apr_escape_path and set the correct return value in case we actually 23 escape the string. [<aduryagin gmail.com>] PR 57230. 24 25 *) pollcb on Windows: Handle calls with no file/socket descriptors. 26 Follow up to PR 49882. [Jeff Trawick, Yann Ylavic] 27 28 *) apr_poll(cb): fix error paths returned values and leaks. [Yann Ylavic] 29 30 *) apr_thread_cond_*wait() on BeOS: Fix broken logic. PR 45800. 31 [Jochen Voss (no e-mail)] 32 33 *) apr_skiplist: Optimize the number of allocations by reusing pooled or 34 malloc()ed nodes for the lifetime of the skiplist. [Yann Ylavic] 35 36 *) apr_skiplist: Fix possible multiple-free() on the same value in 37 apr_skiplist_remove_all(). [Yann Ylavic] 38 39 *) apr_pollset: On z/OS, threadsafe apr_pollset_poll() may return 40 "EDC8102I Operation would block" under load. 41 [Pat Odonnell <patod us.ibm.com>] 42 43 *) On z/OS, apr_sockaddr_info_get() with family == APR_UNSPEC was not 44 returning IPv4 addresses if any IPv6 addresses were returned. 45 [Eric Covener] 46 47 *) Windows cmake build: Fix an incompatibility with cmake 2.8.12 and 48 later. [Jeff Trawick] 49 50 *) apr_global_mutex/apr_proc_mutex: Resolve failures with the 51 POSIX sem implementation in environments which receive signals. 52 [Jeff Trawick] 53 54 *) apr_skiplist: Fix potential corruption of skiplists leading to 55 results or crashes. [Takashi Sato <takashi tks st>, Eric Covener] 56 PR 56654. 57 58 *) Improve platform detection by updating config.guess and config.sub. 59 [Rainer Jung] 60 61Changes for APR 1.5.1 62 63 *) apr_os_proc_mutex_get() on Unix: Avoid segfault for cross- 64 process pthread mutexes. [Yann Ylavic <ylavic.dev gmail.com>] 65 66 *) When using shmget-based shared memory, the ID used for ftok is 67 now an APR hash of the filename instead of the constant '1'. 68 We do this to help avoid collisions. PR 53996 [Jim Jagielski] 69 70 *) apr_socket_atreadeof(): Fix breakage on OS X. [Jim Jagielski] 71 72 *) Fix POSIX shared memory (shm_open) use for named shared memory. 73 Includes adding '--enable-posix-shm' to force POSIX shm if 74 available, and OS X compatibility. PR 55928. 75 [Jozef Hatala <jh-asf skrt org>, Jim Jagielski] 76 77 *) Fix race condition when calling apr_dir_make_recursive from 78 multiple threads on Windows. 79 [Bert Huijben] 80 81 *) Fix apr_escape.c compilation errors on EBCDIC platforms. 82 [Eric Covener] 83 84 *) FreeBSD 10: Correct a regression in 1.5.0 which affected non- 85 blocking sockets in some applications, including httpd. [Jeff 86 Trawick] 87 88 *) Windows cmake build: Fix incorrect installation of some .pdb 89 files. Fix incorrect use of some logic intended for Windows 9x, 90 including legacy filesystem interfaces and dynamic loading of 91 some Windows APIs. [Jeff Trawick] 92 93 *) apr_skiplist: Add compatibility with C++ applications. 94 [Jeff Trawick] 95 96 *) Correct a regression in 1.5.0 which affected out-of-tree 97 builds on Unix. [Rainer Jung] 98 99 *) Improve platform detection by updating config.guess and config.sub. 100 [Rainer Jung] 101 102Changes for APR 1.5.0 103 104 *) Fix Linux kernel version check to recognize more versions, 105 including versions 3.10 and later. PR 55690. [Joe Orton, 106 Arfrever Frehtes Taifersar Arahesis <arfrever.fta gmail.com>] 107 108 *) Add apr_sockaddr_is_wildcard() to check if a socket address 109 refers to the wildcard address for the protocol family (e.g., 110 0.0.0.0/INADDR_ANY for IPv4). [Jeff Trawick] 111 112 *) apr_file_dup2() on Windows: Fix debug RTL assertion when 113 attempting to _commit(stdout) or _commit(stderr). [Mike Rumph 114 <mike.rumph oracle.com>] 115 116 *) apr_socket_connect() on Windows: Handle WSAEISCONN. PR 48736. 117 [<inoue ariel-networks.com>, Jeff Trawick] 118 119 *) z/OS: threadsafe apr_pollset_poll support for sockets [Greg Ames] 120 121 *) Windows: Don't obtain a mutex for buffered file I/O unless the 122 file was opened with the APR_FOPEN_XTHREAD flag. [Ivan Zhakov 123 <ivan visualsvn.com>] 124 125 *) Windows: Create named shared memory segments under the "Local" 126 namespace if the caller is unprivileged, fixing an inability of 127 unprivileged callers to use apr_shm_create() with named shared 128 memory segments under recent Windows. As before, shared memory 129 segments are created under the "Global" namespace for privileged 130 callers. Add apr_shm_create_ex() and apr_shm_attach_ex(), which 131 provide the ability to override the normal namespace selection. 132 [Jeff Trawick] 133 134 *) Update compile settings for MINT OS. PR 47181. [Alan Hourihane 135 <alanh fairlite.co.uk>] 136 137 *) Files and pipes on Windows: Don't create an unused pollset when 138 files and pipes are opened. [Mladen Turk] 139 140 *) apr_socket_timeout_set() on Windows: If the socket was in a non- 141 blocking state before, disable that setting so that timeouts work. 142 [Jeff Trawick] 143 144 *) File info APIs: Fix calculation of atime and mtime on AIX. PR 51146. 145 [Ruediger Pluem] 146 147 *) Add the apr_escape interface. [Graham Leggett] 148 149 *) Cygwin build fixes. PRs 51016 and 55586. [Carlo Bramini 150 <carlo.bramix libero.it>] 151 152 *) Add apr_skiplist family. [Jim Jagielski] 153 154 *) Add experimental cmake-based build system for Windows. Refer to 155 README.cmake for more information. [Jeff Trawick, Tom Donovan] 156 157 *) Add the apr_table_getm() call, which transparently handles the 158 merging of keys with multiple values. [Graham Leggett] 159 160 *) Add apr_hash_this_key(), apr_hash_this_key_len(), and 161 apr_hash_this_val() for easier access to those attributes from 162 a hash iterator. [Hyrum K. Wright <hyrum_wright mail.utexas.edu>] 163 164 *) MinGW/MSYS: Support shared builds of APR, other general improvements 165 to support of this toolchain. PR 46175. [Carlo Bramini 166 <carlo.bramix libero.it>] 167 168 *) Improve platform detection by updating config.guess and config.sub. 169 [Rainer Jung] 170 171 *) apr_socket_opt_set: Add support for APR_SO_BROADCAST. PR 46389. 172 [Armin M��ller <mueller itestra com>] 173 174 *) Enable platform specific support for the opening of a file or 175 pipe in non-blocking mode through the APR_FOPEN_NONBLOCK flag. 176 [Graham Leggett] 177 178Changes for APR 1.4.x and later: 179 180 *) http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/CHANGES?view=markup 181 182Changes for APR 1.3.x and later: 183 184 *) http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/CHANGES?view=markup 185 186Changes for APR 1.2.x and later: 187 188 *) http://svn.apache.org/viewvc/apr/apr/branches/1.2.x/CHANGES?view=markup 189 190Changes for APR 1.1.x and later: 191 192 *) http://svn.apache.org/viewvc/apr/apr/branches/1.1.x/CHANGES?view=markup 193 194Changes for APR 1.0.x and later: 195 196 *) http://svn.apache.org/viewvc/apr/apr/branches/1.0.x/CHANGES?view=markup 197 198Changes for APR 0.9.x and later/earlier: 199 200 *) http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/CHANGES?view=markup 201