Slackware: 2023-032-02: apr-util Security Update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  apr-util (SSA:2023-032-02)

New apr-util packages are available for Slackware 15.0 and -current to
fix a security issue.


Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/apr-util-1.6.3-i586-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  Integer Overflow or Wraparound vulnerability in apr_base64 functions
  of Apache Portable Runtime Utility (APR-util) allows an attacker to
  write beyond bounds of a buffer. (CVE-2022-25147)
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-25147
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on https://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/apr-util-1.6.3-i586-1_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/apr-util-1.6.3-x86_64-1_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-util-1.6.3-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-util-1.6.3-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 15.0 package:
6a07516dc4ebc58003dc197f7e237af9  apr-util-1.6.3-i586-1_slack15.0.txz

Slackware x86_64 15.0 package:
4866e956e3704d94499ae65898032829  apr-util-1.6.3-x86_64-1_slack15.0.txz

Slackware -current package:
3c4740597034be368eca2f3565a87421  l/apr-util-1.6.3-i586-1.txz

Slackware x86_64 -current package:
974e390b328a88b7593b63bcb064428a  l/apr-util-1.6.3-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg apr-util-1.6.3-i586-1_slack15.0.txz


+-----+

Slackware: 2023-032-02: apr-util Security Update

February 1, 2023
New apr-util packages are available for Slackware 15.0 and -current to fix a security issue

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/apr-util-1.6.3-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue: Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. (CVE-2022-25147) For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-25147 (* Security fix *)

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on https://slackware.com for additional mirror sites near you.
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/apr-util-1.6.3-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/apr-util-1.6.3-x86_64-1_slack15.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/apr-util-1.6.3-i586-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/apr-util-1.6.3-x86_64-1.txz

MD5 Signatures

Slackware 15.0 package: 6a07516dc4ebc58003dc197f7e237af9 apr-util-1.6.3-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: 4866e956e3704d94499ae65898032829 apr-util-1.6.3-x86_64-1_slack15.0.txz
Slackware -current package: 3c4740597034be368eca2f3565a87421 l/apr-util-1.6.3-i586-1.txz
Slackware x86_64 -current package: 974e390b328a88b7593b63bcb064428a l/apr-util-1.6.3-x86_64-1.txz

Severity
[slackware-security] apr-util (SSA:2023-032-02)
New apr-util packages are available for Slackware 15.0 and -current to fix a security issue.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg apr-util-1.6.3-i586-1_slack15.0.txz

Related News

Google Discloses CentOS Linux Kernel Vulnerabilities Following Failure to Issue Timely Fixes

Kali Linux 2023.1 Introduces 'Purple' Distro for Defensive Security

Companies Can’t Stop Using Open Source

8 Reasons Why Kali Linux is the Ultimate Operating System for Hackers

News

Advisories

HOWTOs

Features

Interview with Guardian Digital CEO Dave Wreski: Open Source Utilization in Email Security Solutions & More
Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy