changes for released CVES

git-svn-id: https://svn.apache.org/repos/asf/apr/apr/branches/1.7.x@1907155 13f79535-47bb-0310-9956-ffa450edef68
author: Eric Covener <covener@apache.org> 2023-01-31 15:25:02 +0000
committer: Eric Covener <covener@apache.org> 2023-01-31 15:25:02 +0000
commit: f565a95643976276089d9e61d14f744d55f3bf75 (patch)
tree: c0749ebfc2ce51fe278ab7a876197ab14589230f
parent: cc68c82827b3f85399b84c642229d72f7a73c2e0 (diff)
download: apr-f565a95643976276089d9e61d14f744d55f3bf75.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/CHANGES b/CHANGES
index b20301d0a..71b2f0e8d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,16 @@
                                                      -*- coding: utf-8 -*-
 Changes for APR 1.7.1
 
+  *) SECURITY: CVE-2022-24963 (cve.mitre.org)
+     Integer Overflow or Wraparound vulnerability in apr_encode functions of 
+     Apache Portable Runtime (APR) allows an attacker to write beyond bounds 
+     of a buffer.
+
+  *) SECURITY: CVE-2022-28331 (cve.mitre.org)
+     On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond 
+     the end of a stack based buffer in apr_socket_sendv(). This is a result 
+     of integer overflow.
+
   *) SECURITY: CVE-2021-35940 (cve.mitre.org)
      Restore fix for out-of-bounds array dereference in apr_time_exp*() functions.
      (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and
author	Eric Covener <covener@apache.org>	2023-01-31 15:25:02 +0000
committer	Eric Covener <covener@apache.org>	2023-01-31 15:25:02 +0000
commit	f565a95643976276089d9e61d14f744d55f3bf75 (patch)
tree	c0749ebfc2ce51fe278ab7a876197ab14589230f
parent	cc68c82827b3f85399b84c642229d72f7a73c2e0 (diff)
download	apr-f565a95643976276089d9e61d14f744d55f3bf75.tar.gz