-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 01 Mar 2023 15:22:18 +0100 Source: apr Architecture: source Version: 1.7.0-6+deb11u2 Distribution: bullseye-security Urgency: high Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org> Changed-By: Salvatore Bonaccorso <carnil@debian.org> Changes: apr (1.7.0-6+deb11u2) bullseye-security; urgency=high . * Non-maintainer upload by the Security Team. * Address some warnings raised by MSVC-32/64 * apr_encode_base32: fix advertised output *len when called with dst == NULL * apr_decode_base{64,32,16}: stop reading before (not including) NUL byte. * encoding: Better check inputs of apr_{encode,decode}_* functions (CVE-2022-24963) Checksums-Sha1: 156212687fcf6e23df18da892aa91fc5b2f6ff03 2202 apr_1.7.0-6+deb11u2.dsc 58ebc7b35efaebb211c0b9df594ab16c4d874234 872238 apr_1.7.0.orig.tar.bz2 d9f104d20e52acfb6dbc6c09aa18a98f16bbfbe8 225364 apr_1.7.0-6+deb11u2.debian.tar.xz a8427f42f0f6ffddcded47d974162b9ec0d8699b 7519 apr_1.7.0-6+deb11u2_source.buildinfo Checksums-Sha256: 9736c0926998f8ca24f96a88c935f323127817400184b4040e52456e483eacb1 2202 apr_1.7.0-6+deb11u2.dsc e2e148f0b2e99b8e5c6caa09f6d4fb4dd3e83f744aa72a952f94f5a14436f7ea 872238 apr_1.7.0.orig.tar.bz2 b90bcafcb6061f1685473f8c48e26c0916c8a312542eb25dca852c730a4dae64 225364 apr_1.7.0-6+deb11u2.debian.tar.xz ebee93c4d5a433c2309430f3b0bc3d6559e4ed2a51b7d75a22c63129f7880cc2 7519 apr_1.7.0-6+deb11u2_source.buildinfo Files: 8b3b9c840454b87fb0e20065e8ebd141 2202 libs optional apr_1.7.0-6+deb11u2.dsc 7a14a83d664e87599ea25ff4432e48a7 872238 libs optional apr_1.7.0.orig.tar.bz2 23c14b186d64c6c904bb93d59a981820 225364 libs optional apr_1.7.0-6+deb11u2.debian.tar.xz ec11e0df59b18ed6a1c18c7e4c37749a 7519 libs optional apr_1.7.0-6+deb11u2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmP/belfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk ZWJpYW4ub3JnAAoJEAVMuPMTQ89EmzwP/ifKtNCcT6KE8jFkmCMZcJMXMTE6bsgM j+Z3YGzdyTB89YV+Q0Po66xoz8Iv26LydAiEoWdQKU0gPqmq5Bo0F3f8Uq1tZVaT tFiCXBBD0+TXmdh434ThV1ik3Dszrkp8uymvVSRn+dpjHUJqRF5OvluVQXEZNPOd mEMGhS5BLX7nyW0Ke7D9UjCcR6M7p77qs5OVitif/t/IHuYUuEVa53syX9vVkSx1 nStanH63APGBVQcUrVloGtqoX4jpIbh+f/zNe+ab02Eqyt6sa0CGkFm3D2QdV3cA GfMQoPOvpQw7fI+YPyq775vG3Wca4JcP9qQSwTmsIPTvuCgEUXxcyP+B0xZsBA9K 7QuZrJhTSmOVq66OMd2Hv4wgE7ibL5yRyDi1adMAOd2tUpmCzSek4rqe7QOGWiz8 beuVHDqFyIU/OUa91JE7RyUYe+yshIiQG0N2CEnRerJQg6/eTM5t/CAC4zetQ42d zswlT3BpdIVc9qTBbxxGq3/82HWhZ72jeSoB93gnpMGOzk1p9vlsfLveFbbLoa0I sYmFNqFN7gMLi7uhois3FKXqLHcmEOTmMK79WJtkr36kwiEqrb3qau0+35DkZdW9 pBQiIdXRee522mCcVY4XC/7Ne1j3m85W7Uu9Sa0eK8kQUyhIHymDpNlWQmSRf7EB dWefK5cJZi81 =tj2Y -----END PGP SIGNATURE-----