What Are You Looking For?

Sign Up

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  apr (SSA:2009-219-02)

New apr packages are available for Slackware 11.0, 12.0, 12.1, 12.2,
and -current to fix a security issue.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412


Here are the details from the Slackware 12.2 ChangeLog:
+--------------------------+
patches/packages/apr-1.3.8-i486-1_slack12.2.tgz:  Upgraded.
  Fix overflow in pools and rmm, where size alignment was taking place.
  [Matt Lewis , Sander Striker]
  For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

HINT:  Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try.  This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 11.0:
 apr-util-1.3.9-i486-1_slack11.0.tgz

Updated package for Slackware 12.0:
 apr-util-1.3.9-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
 apr-util-1.3.9-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
 apr-util-1.3.9-i486-1_slack12.2.tgz

Updated package for Slackware -current:
 l/apr-util-1.3.9-i486-1.txz

Updated package for Slackware64 -current:
 l/apr-util-1.3.9-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 11.0 package:
dfb02bf26c81e640916ab1ad9b3a67ae  apr-1.3.8-i486-1_slack11.0.tgz

Slackware 12.0 package:
30a9120cc1e77e07e48f1f4b2fa75f40  apr-1.3.8-i486-1_slack12.0.tgz

Slackware 12.1 package:
c1e7dcb613541281b1fd491442d5e94f  apr-1.3.8-i486-1_slack12.1.tgz

Slackware 12.2 package:
cfb3a4a245b83a25f51e5552e39b2aa4  apr-1.3.8-i486-1_slack12.2.tgz

Slackware -current package:
4807d86a16ffff5f1d4974f1d5151cc1  apr-1.3.8-i486-1.txz

Slackware64 -current package:
223252fbe0ffb7aa836eab131a1bef84  apr-1.3.8-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg apr-1.3.8-i486-1_slack12.2.tgz


+-----+

Slackware: 2009-219-02: apr Security Update

August 7, 2009
New apr packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue

Summary

Here are the details from the Slackware 12.2 ChangeLog: patches/packages/apr-1.3.8-i486-1_slack12.2.tgz: Upgraded. Fix overflow in pools and rmm, where size alignment was taking place. [Matt Lewis , Sander Striker] For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 (* Security fix *)

Where Find New Packages

HINT: Getting slow download speeds from ftp.slackware.com? Give slackware.osuosl.org a try. This is another primary FTP site for Slackware that can be considerably faster than downloading directly from ftp.slackware.com.
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating additional FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 11.0: apr-util-1.3.9-i486-1_slack11.0.tgz
Updated package for Slackware 12.0: apr-util-1.3.9-i486-1_slack12.0.tgz
Updated package for Slackware 12.1: apr-util-1.3.9-i486-1_slack12.1.tgz
Updated package for Slackware 12.2: apr-util-1.3.9-i486-1_slack12.2.tgz
Updated package for Slackware -current: l/apr-util-1.3.9-i486-1.txz
Updated package for Slackware64 -current: l/apr-util-1.3.9-x86_64-1.txz

MD5 Signatures

Slackware 11.0 package: dfb02bf26c81e640916ab1ad9b3a67ae apr-1.3.8-i486-1_slack11.0.tgz
Slackware 12.0 package: 30a9120cc1e77e07e48f1f4b2fa75f40 apr-1.3.8-i486-1_slack12.0.tgz
Slackware 12.1 package: c1e7dcb613541281b1fd491442d5e94f apr-1.3.8-i486-1_slack12.1.tgz
Slackware 12.2 package: cfb3a4a245b83a25f51e5552e39b2aa4 apr-1.3.8-i486-1_slack12.2.tgz
Slackware -current package: 4807d86a16ffff5f1d4974f1d5151cc1 apr-1.3.8-i486-1.txz
Slackware64 -current package: 223252fbe0ffb7aa836eab131a1bef84 apr-1.3.8-x86_64-1.txz

Severity
[slackware-security] apr (SSA:2009-219-02)
New apr packages are available for Slackware 11.0, 12.0, 12.1, 12.2, and -current to fix a security issue.
More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg apr-1.3.8-i486-1_slack12.2.tgz

Related News

Krasue RAT Malware Hides on Linux Servers Using Embedded Rootkits

Dec 7, 2023

Kali vs. ParrotOS: 2 Versatile Linux Distros for Security Pros

Dec 9, 2023

Kali Linux 2023.4 Released With New Hacking Tools

Dec 6, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo