Graham... > Changes for APR 1.3.8 > > + *) Make sure that "make check" is used in the RPM spec file, consistent > + with apr-util. [Graham Leggett] > + > *) SECURITY: CVE-2009-2412 (cve.mitre.org) > Fix overflow in pools and rmm, where size alignment was taking place. > [Matt Lewis <[email protected]>, Sander Striker]
Do not violate apr (and httpd) conventions of placing <i>trivial shit</i> above <strong>IMPORTANT</strong> notices in CHANGES. The convention is that all SECURITY notices appear at the beginning under each respective release version header.
