Google Git
Sign in
apache / apr-util / 64bed1e821c6b93586d2faca4dfd893875c456b5
commit64bed1e821c6b93586d2faca4dfd893875c456b5[log] [tgz]
authorJustin Erenkrantz <jerenkrantz@apache.org>Wed May 28 04:45:46 2003 +0000
committerJustin Erenkrantz <jerenkrantz@apache.org>Wed May 28 04:45:46 2003 +0000
treeba5b64b655367d309f786a08bac116587d8b1567
parente23ad2ae3f0929ed20cd514a949826e63f09d303 [diff]
SECURITY [httpd incident CAN-2003-0189] Address a thread safety issue with
apr_password_validate() on AIX, Linux, Mac OS X, and possibly other platforms.

We didn't move the crypt_r checks from apr to apr-util when we moved
apr_password_validate.  Add testpass.c to ensure we don't regress.

CVE: CAN-2003-0189
Reviewed by:	Justin, Jim, Jeff


git-svn-id: https://svn.apache.org/repos/asf/apr/apr-util/trunk@58900 13f79535-47bb-0310-9956-ffa450edef68
7 files changed
tree: ba5b64b655367d309f786a08bac116587d8b1567
  1. buckets/
  2. build/
  3. crypto/
  4. dbm/
  5. docs/
  6. encoding/
  7. hooks/
  8. include/
  9. ldap/
  10. misc/
  11. strmatch/
  12. test/
  13. uri/
  14. xlate/
  15. xml/
  16. .cvsignore
  17. aprutil.dsp
  18. aprutil.dsw
  19. apu-config.in
  20. buildconf
  21. CHANGES
  22. config.layout
  23. configure.in
  24. export_vars.sh.in
  25. libaprutil.dsp
  26. LICENSE
  27. Makefile.in
  28. NWGNUmakefile
  29. renames_pending
  30. STATUS