-*- coding: utf-8 -*-
Changes for APR 1.7.5

  *) SECURITY: CVE-2023-49582: Apache Portable Runtime (APR):
     Unexpected lax shared memory permissions (cve.mitre.org)
     Lax permissions set by the Apache Portable Runtime library on
     Unix platforms would allow local users read access to named
     shared memory segments, potentially revealing sensitive
     application data.
     This issue does not affect non-Unix platforms, or builds with
     APR_USE_SHMEM_SHMGET=1 (apr.h)
     Users are recommended to upgrade to APR version 1.7.5, which
     fixes this issue.
     Credits: Thomas Stangner

  *) Unix: Implement apr_shm_perms_set() for the "POSIX shm_open()"
     and "classic mmap" shared memory implementations.  [Joe Orton,
     Ruediger Pluem]

  *) Fix missing ';' for XML/HTML hex entities from apr_escape_entity().
     [Yann Ylavic]

  *) Fix crash in apr_pool_create() with --enable-pool-debug=all|owner.
     [Yann Ylavic]

  *) Improve platform detection by updating config.guess and config.sub.
     [Rainer Jung]

  *) CMake: Add support for CMAKE_WARNING_AS_ERROR. [Ivan Zhakov]

  *) CMake: Enable support for MSVC runtime library selection by abstraction.
     [Ivan Zhakov]

  *) CMake: Export installed targets (libapr-1, apr-1, libaprapp-1, aprapp-1)
     to apr:: namespace. [Ivan Zhakov]

Changes for APR 1.7.4

  *) Fix a regression where writing to a file opened with both APR_FOPEN_APPEND
     and APR_FOPEN_BUFFERED did not properly append the data on Windows.
     (This regression was introduced in APR 1.7.3)  [Evgeny Kotkov]

Changes for APR 1.7.3

  *) apr-1-config: Fix crosscompiling detection in apr-1-config. PR 66510
     [Ruediger Pluem]

  *) configure: Add --enable-sysv-shm to use SysV shared memory (shmget) if
     available. [Ruediger Pluem]

  *) apr_socket_sendfile: Use WSAIoctl() to get TransmitFile function
     pointer on Windows. [Ivan Zhakov]

  *) apr_dir_read: Do not request short file names on Windows 7
     and later. [Ivan Zhakov]

  *) apr_file_gets: Optimize for buffered files on Windows.
     [Evgeny Kotkov]

  *) Fix a deadlock when writing to locked files opened with APR_FOPEN_APPEND
     on Windows. PR 50058. [Evgeny Kotkov]

  *) Don't seek to the end when opening files with APR_FOPEN_APPEND on Windows.
     [Evgeny Kotkov]

  *) apr_file_write: Optimize large writes to buffered files on Windows.
     [Evgeny Kotkov]

  *) apr_file_read: Optimize large reads from buffered files on Windows.
     [Evgeny Kotkov]

Changes for APR 1.7.2

  *) Correct a packaging issue in 1.7.1. The contents of the release were
     correct, but the top level directory was misnamed.

Changes for APR 1.7.1

  *) SECURITY: CVE-2022-24963 (cve.mitre.org)
     Integer Overflow or Wraparound vulnerability in apr_encode functions of 
     Apache Portable Runtime (APR) allows an attacker to write beyond bounds 
     of a buffer.

  *) SECURITY: CVE-2022-28331 (cve.mitre.org)
     On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond 
     the end of a stack based buffer in apr_socket_sendv(). This is a result 
     of integer overflow.

  *) SECURITY: CVE-2021-35940 (cve.mitre.org)
     Restore fix for out-of-bounds array dereference in apr_time_exp*() functions.
     (This issue was addressed as CVE-2017-12613 in APR 1.6.3 and
     later 1.6.x releases, but was missing in 1.7.0.)  [Stefan Sperling]

  *) configure: Fix various build issues for compilers enforcing
     strict C99 compliance.  PR 66396, 66408, 66426.
     [Florian Weimer <fweimer redhat.com>, Sam James <sam gentoo.org>]

  *) apr_atomic_read64(): Fix non-atomic read on 32-bit Windows [Ivan Zhakov]

  *) configure: Prefer posix name-based shared memory over SysV IPC.
     [Jim Jagielski]

  *) configure: Add --disable-sctp argument to forcibly disable SCTP
     support, or --enable-sctp which fails if SCTP support is not
     detected.  [Lubos Uhliarik <luhliari redhat.com>, Joe Orton]

  *) Fix handle leak in the Win32 apr_uid_current implementation.
     PR 61165. [Ivan Zhakov]

  *) Add error handling for lseek() failures in apr_file_write() and
     apr_file_writev().  [Joe Orton]

  *) Don't silently set APR_FOPEN_NOCLEANUP for apr_file_mktemp() created file
     to avoid a fd and inode leak when/if later passed to apr_file_setaside().
     [Yann Ylavic]

  *) APR's configure script uses AC_TRY_RUN to detect whether the return type
     of strerror_r is int. When cross-compiling this defaults to no.

     This commit adds an AC_CACHE_CHECK so users who cross-compile APR may
     influence the outcome with a configure variable. [Sebastian Kemper
     <sebastian_ml gmx net>]

  *) Add a cache check with which users who cross-compile APR
     can influence the outcome of the /dev/zero test by setting the variable
     ac_cv_mmap__dev_zero=yes [Sebastian Kemper <sebastian_ml gmx net>]

  *) Trick autoconf into printing the correct default prefix in the help.
     [Stefan Fritsch]

  *) Don't try to use PROC_PTHREAD by default when cross compiling.
     [Yann Ylavic]

  *) Add the ability to cross compile APR. [Graham Leggett]

  *) While cross-compiling, the tools/gen_test_char could not
     be executed at build time, use AX_PROG_CC_FOR_BUILD to
     build native tools/gen_test_char

     Support explicit libtool by variable assigning before buildcheck.sh,
     it is helpful for cross-compiling (such as libtool=aarch64-linux-libtool)
     [Hongxu Jia <hongxu.jia windriver.com>]

  *) Avoid an overflow on 32 bit platforms. [René Hjortskov Nielsen
     <r... hjortskov.dk>]

  *) Use AC_CHECK_SIZEOF, so as to support cross compiling. PR 56053.
     [Mike Frysinger <vapier gentoo.org>]

  *) Add --tag=CC to libtool invocations. PR 62640. [Michael Osipov]

  *) apr_pools: Fix pool debugging output so that creation events are
     always emitted before allocation events and subpool destruction
     events are emitted on pool clear/destroy for proper accounting.
     [Brane Čibej]

  *) apr_socket_listen: Allow larger listen backlog values on Windows 8+.
     [Evgeny Kotkov <evgeny.kotkov visualsvn.com>]

  *) Fixed: apr_get_oslevel() was returning APR_WIN_XP on Windows 10

  *) Fix attempt to free invalid memory on exit when apr_app is used
     on Windows. [Ivan Zhakov]

  *) Fix double free on exit when apr_app is used on Windows. [Ivan Zhakov]

  *) Fix a regression in apr_stat() for root path on Windows. [Ivan Zhakov]

Changes for APR 1.7.0

  *) apr_dir_read: [Unix] Dropped the preference of the dirread_r() flavor
     for dirread(), because the former is both deprecated and unneeded.
     [Yann Ylavic, William Rowe]

  *) apr_file_info: [Win32 only] Treat only "name surrogate" reparse points
     as symlinks, and not other reparse tag types. PR47630
     [Oleg Liatte <olegliatte gmail.com>]

  *) Test %ld vs. %lld to avoid compiler emits using APR_OFF_T_FMT, in the
     case of apparently equivilant long and long long types. [William Rowe]

  *) Recognize APPLE predefined macros as equivilant to DARWIN. [Jim Jagielski]

  *) Signals: Allow handling of SIGUSR2 in apr_signal_thread. [Yann Ylavic]

  *) Atomics: Support for 64bit ints. [Jim Jagielski]

  *) Add the apr_encode_* API that implements RFC4648 and RFC7515
     compliant BASE64, BASE64URL, BASE32, BASE32HEX and BASE16
     encode/decode functions. [Graham Leggett]

  *) rand: Use arc4random_buf() on BSD platforms and getrandom() on Linux,
     when available. [Christian Weisgerber <naddy openbsd.org, Yann Ylavic]

  *) Add apr_sockaddr_zone_set, apr_sockaddr_zone_set to set and retrieve
     the zone for link-local IPv6 addresses.  [Joe Orton]

  *) apr_sockaddr_equal: Compare link-local IPv6 addresses with different
     zones as not equal.  [Joe Orton]

  *) apr_sockaddr_ip_getbuf, apr_sockaddr_ip_get: Append "%zone" for
     IPv6 link-local addresses.  [Joe Orton]

  *) Locks: add a --disable-timedlocks config option in case users
     encounter more platforms where it fails [Nick Kew].

  *) apr_allocator, apr_pools: Add apr_allocator_page_size() and
     apr_allocator_min_order_set() to respectively get the (system's) page size
     in use and set the minimum allocation size for an allocator (expressed in
     2^order pages).  [Yann Ylavic]

  *) locks: provide portable implementations of timedlock()s for
     posix-sems, sysv-sems and pthreads for those platforms that
     lack native versions (eg: OSX/macOS). [Jim Jagielski]

  *) locks: Introduce apr_{thread,proc,global}_mutex_timedlock().
     [Yann Ylavic]

Changes for APR 1.6.x and later:

  *) http://svn.apache.org/viewvc/apr/apr/branches/1.6.x/CHANGES?view=markup

Changes for APR 1.5.x and later:

  *) http://svn.apache.org/viewvc/apr/apr/branches/1.5.x/CHANGES?view=markup

Changes for APR 1.4.x and later:

  *) http://svn.apache.org/viewvc/apr/apr/branches/1.4.x/CHANGES?view=markup

Changes for APR 1.3.x and later:

  *) http://svn.apache.org/viewvc/apr/apr/branches/1.3.x/CHANGES?view=markup

Changes for APR 1.2.x and later:

  *) http://svn.apache.org/viewvc/apr/apr/branches/1.2.x/CHANGES?view=markup

Changes for APR 1.1.x and later:

  *) http://svn.apache.org/viewvc/apr/apr/branches/1.1.x/CHANGES?view=markup

Changes for APR 1.0.x and later:

  *) http://svn.apache.org/viewvc/apr/apr/branches/1.0.x/CHANGES?view=markup

Changes for APR 0.9.x and later/earlier:

  *) http://svn.apache.org/viewvc/apr/apr/branches/0.9.x/CHANGES?view=markup