Alerts This Week
Warning Icon 1 541
Alerts This Week
Warning Icon 1 541

Stay Secure with the Latest Linux Advisories

Ubuntu Large Esm H800
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H800
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 0 articles for you...
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorysecurity issueFedora

Fedora 40 APR Package Update - Security: CVE-2023-49582 Lax Permissions

This update to the apr package fixes a security issue in the handling of shared memory permissions. SECURITY: CVE-2023-49582: Apache Portable Runtime (APR): Unexpected lax shared memory permissions (cve.mitre.org) Lax permissions set by the Apache Portable Runtime library on. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-b40491b84b 2024-09-04 02:22:40.987666 -------------------------------------------------------------------------------- Name : apr Product : Fedora 40 Version : 1.7.5 Release : 1.fc40 URL : https://apr.apache.org/ Summary : Apache Portable Runtime library Description : The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. -------------------------------------------------------------------------------- Update Information: This update to the apr package fixes a security issue in the handling of shared memory permissions. SECURITY: CVE-2023-49582: Apache Portable Runtime (APR): Unexpected lax shared memory permissions (cve.mitre.org) Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. -------------------------------------------------------------------------------- ChangeLog: * Wed Aug 28 2024 Joe Orton - 1.7.5-1 - update to 1.7.5 (#2307902) * Wed Jul 17 2024 Fedora Release Engineering - 1.7.3-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild -------------------------------------------------------------------------------- References: [ 1 ] Bug #2308487 - CVE-2023-49582 apr: Lax permissions in Apache Portable Runtime shared memory [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2308487 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-b40491b84b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it. Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue . Fedora 40 patch resolves vulnerability in Apache Portable Runtime related to shared memory access permissions.. Fedora Updates, Security Issues, Apache Runtime, Package Fixes. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Sep 04, 2024 Important Fedora
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updateimportant

RHEL 7 RHSA-2023-3145-01 Critical: apr-util Out-Of-Bounds Writes

An update for apr-util is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: apr-util security update Advisory ID: RHSA-2023:3145-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:3145 Issue date: 2023-05-16 CVE Names: CVE-2022-25147 ==================================================================== 1. Summary: An update for apr-util is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Security Fix(es): * apr-util: out-of-bounds writes in the apr_base64 (CVE-2022-25147) For more details about the security issue(s),including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Applications using the APR libraries, such as httpd, must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 2169652 - CVE-2022-25147 apr-util: out-of-bounds writes in the apr_base64 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: apr-util-1.5.2-6.el7_9.1.src.rpm x86_64: apr-util-1.5.2-6.el7_9.1.i686.rpm apr-util-1.5.2-6.el7_9.1.x86_64.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.i686.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: apr-util-debuginfo-1.5.2-6.el7_9.1.i686.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.x86_64.rpm apr-util-devel-1.5.2-6.el7_9.1.i686.rpm apr-util-devel-1.5.2-6.el7_9.1.x86_64.rpm apr-util-ldap-1.5.2-6.el7_9.1.x86_64.rpm apr-util-mysql-1.5.2-6.el7_9.1.x86_64.rpm apr-util-nss-1.5.2-6.el7_9.1.x86_64.rpm apr-util-odbc-1.5.2-6.el7_9.1.x86_64.rpm apr-util-openssl-1.5.2-6.el7_9.1.x86_64.rpm apr-util-pgsql-1.5.2-6.el7_9.1.x86_64.rpm apr-util-sqlite-1.5.2-6.el7_9.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: apr-util-1.5.2-6.el7_9.1.src.rpm x86_64: apr-util-1.5.2-6.el7_9.1.i686.rpm apr-util-1.5.2-6.el7_9.1.x86_64.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.i686.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.x86_64.rpm apr-util-devel-1.5.2-6.el7_9.1.i686.rpm apr-util-devel-1.5.2-6.el7_9.1.x86_64.rpm apr-util-ldap-1.5.2-6.el7_9.1.x86_64.rpm apr-util-mysql-1.5.2-6.el7_9.1.x86_64.rpm apr-util-nss-1.5.2-6.el7_9.1.x86_64.rpm apr-util-odbc-1.5.2-6.el7_9.1.x86_64.rpm apr-util-openssl-1.5.2-6.el7_9.1.x86_64.rpm apr-util-pgsql-1.5.2-6.el7_9.1.x86_64.rpm apr-util-sqlite-1.5.2-6.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: apr-util-1.5.2-6.el7_9.1.src.rpm ppc64: apr-util-1.5.2-6.el7_9.1.ppc.rpm apr-util-1.5.2-6.el7_9.1.ppc64.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.ppc.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.ppc64.rpm apr-util-devel-1.5.2-6.el7_9.1.ppc.rpm apr-util-devel-1.5.2-6.el7_9.1.ppc64.rpm apr-util-openssl-1.5.2-6.el7_9.1.ppc64.rpm ppc64le: apr-util-1.5.2-6.el7_9.1.ppc64le.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.ppc64le.rpm apr-util-devel-1.5.2-6.el7_9.1.ppc64le.rpm apr-util-openssl-1.5.2-6.el7_9.1.ppc64le.rpm s390x: apr-util-1.5.2-6.el7_9.1.s390.rpm apr-util-1.5.2-6.el7_9.1.s390x.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.s390.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.s390x.rpm apr-util-devel-1.5.2-6.el7_9.1.s390.rpm apr-util-devel-1.5.2-6.el7_9.1.s390x.rpm apr-util-openssl-1.5.2-6.el7_9.1.s390x.rpm x86_64: apr-util-1.5.2-6.el7_9.1.i686.rpm apr-util-1.5.2-6.el7_9.1.x86_64.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.i686.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.x86_64.rpm apr-util-devel-1.5.2-6.el7_9.1.i686.rpm apr-util-devel-1.5.2-6.el7_9.1.x86_64.rpm apr-util-openssl-1.5.2-6.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Server Optional (v.7): ppc64: apr-util-debuginfo-1.5.2-6.el7_9.1.ppc64.rpm apr-util-ldap-1.5.2-6.el7_9.1.ppc64.rpm apr-util-mysql-1.5.2-6.el7_9.1.ppc64.rpm apr-util-nss-1.5.2-6.el7_9.1.ppc64.rpm apr-util-odbc-1.5.2-6.el7_9.1.ppc64.rpm apr-util-pgsql-1.5.2-6.el7_9.1.ppc64.rpm apr-util-sqlite-1.5.2-6.el7_9.1.ppc64.rpm ppc64le: apr-util-debuginfo-1.5.2-6.el7_9.1.ppc64le.rpm apr-util-ldap-1.5.2-6.el7_9.1.ppc64le.rpm apr-util-mysql-1.5.2-6.el7_9.1.ppc64le.rpm apr-util-nss-1.5.2-6.el7_9.1.ppc64le.rpm apr-util-odbc-1.5.2-6.el7_9.1.ppc64le.rpm apr-util-pgsql-1.5.2-6.el7_9.1.ppc64le.rpm apr-util-sqlite-1.5.2-6.el7_9.1.ppc64le.rpm s390x: apr-util-debuginfo-1.5.2-6.el7_9.1.s390x.rpm apr-util-ldap-1.5.2-6.el7_9.1.s390x.rpm apr-util-mysql-1.5.2-6.el7_9.1.s390x.rpm apr-util-nss-1.5.2-6.el7_9.1.s390x.rpm apr-util-odbc-1.5.2-6.el7_9.1.s390x.rpm apr-util-pgsql-1.5.2-6.el7_9.1.s390x.rpm apr-util-sqlite-1.5.2-6.el7_9.1.s390x.rpm x86_64: apr-util-debuginfo-1.5.2-6.el7_9.1.x86_64.rpm apr-util-ldap-1.5.2-6.el7_9.1.x86_64.rpm apr-util-mysql-1.5.2-6.el7_9.1.x86_64.rpm apr-util-nss-1.5.2-6.el7_9.1.x86_64.rpm apr-util-odbc-1.5.2-6.el7_9.1.x86_64.rpm apr-util-pgsql-1.5.2-6.el7_9.1.x86_64.rpm apr-util-sqlite-1.5.2-6.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: apr-util-1.5.2-6.el7_9.1.src.rpm x86_64: apr-util-1.5.2-6.el7_9.1.i686.rpm apr-util-1.5.2-6.el7_9.1.x86_64.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.i686.rpm apr-util-debuginfo-1.5.2-6.el7_9.1.x86_64.rpm apr-util-devel-1.5.2-6.el7_9.1.i686.rpm apr-util-devel-1.5.2-6.el7_9.1.x86_64.rpm apr-util-openssl-1.5.2-6.el7_9.1.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: apr-util-debuginfo-1.5.2-6.el7_9.1.x86_64.rpm apr-util-ldap-1.5.2-6.el7_9.1.x86_64.rpm apr-util-mysql-1.5.2-6.el7_9.1.x86_64.rpm apr-util-nss-1.5.2-6.el7_9.1.x86_64.rpm apr-util-odbc-1.5.2-6.el7_9.1.x86_64.rpm apr-util-pgsql-1.5.2-6.el7_9.1.x86_64.rpm apr-util-sqlite-1.5.2-6.el7_9.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verifythe signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-25147 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZGQX0NzjgjWX9erEAQgRyQ//dcncRu48Jh6moW96jAzVAd5aO1+ZC04/ o3sqB/de75bp2ISpOCKFsTO5iRY8q4O3pXM5ZBXpVvOmnCfUdBfZDYqrirp0EJGJ cbC+p46UdjV6VltZVjK10BG6D2YozMLtyMOOvK4CMYhqlbYRkznkzCsY8CFayANU bbBwkDSPFhpoVZHrnxBkXa0jJM25Bt4DD1lmrWsBI46J1Y0PQOdRo0r1gC7jX+EP tP1GDnAwdN/e70/wCuehr92Y+idv8Ngbsc71pt0siWh3A3kgMIHy6+QZiZUWW8Zo koUSIL9YEgCQ70TAdOSqH2P4Gq2g9CzA/NyB1Kt+AFdpkV4Q+SWrSVbommhI/BeY zV20beFPZ+QAS8ddPl/GKWPmpGsTakDIkA1dmo8y7F7S4AXDk8zFqOt5yu4i6e0j GL8DHm3mIE2N4DJRFb8lLJ2QN9QQDzlIQg/v3hw+6P8dEiZb/ajh8H92zwlmoH/r W3UWyym5l3OvnEFIGqHPY8mBodZhYp/F7WfgsFP2hxjwWuGcpwUW2MBZ0PbIB31l Wrx6nJoHMV3tgGEkEIZ7IjRtj/JEP3/y+rFa1GNtp+/3KLpx+fgHFcIg7ESz+h5Z 1vkti/h/dqn4DDuJ24z9yuSYX8TtRPk0oQJC5twRJHn2zfAdc+z/lgH32USwImTJ vgTT/CsNs2s=+nCK -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A new version of apr-util has been released for RHEL 7, fixing critical vulnerabilities linked to potential out-of-bounds write issues.. apr-util Update, Red Hat Security, Important Security Fix, Apache Impact. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 16, 2023 Important Red Hat
Banner 4 1028x280 1708121825 1771600306
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity issueupdate

Red Hat: RHSA-2018:1253 Important Security: APR Out-Of-Bounds Access

An update for apr is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, Red Hat Enterprise. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: apr security update Advisory ID: RHSA-2018:1253-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2018:1253 Issue date: 2018-04-26 CVE Names: CVE-2017-12613 ==================================================================== 1. Summary: An update for apr is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support, Red Hat Enterprise Linux 6.5 Advanced Update Support, Red Hat Enterprise Linux 6.6 Advanced Update Support, Red Hat Enterprise Linux 6.6 Telco Extended Update Support, Red Hat Enterprise Linux 6.7 Extended Update Support, Red Hat Enterprise Linux 7.2 Advanced Update Support, Red Hat Enterprise Linux 7.2 Telco Extended Update Support, Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions, and Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3) - x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.5) - x86_64 Red Hat Enterprise Linux Server AUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server AUS (v. 7.2) -x86_64 Red Hat Enterprise Linux Server E4S (v. 7.2) - ppc64le, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.7) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 7.3) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server TUS (v. 6.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.2) - x86_64 3. Description: The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines. Security Fix(es): * apr: Out-of-bounds array deref in apr_time_exp*() functions (CVE-2017-12613) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Applications using the APR libraries, such as httpd, must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1506523 - CVE-2017-12613 apr: Out-of-bounds array deref in apr_time_exp*() functions 6. Package List: Red Hat Enterprise Linux HPC Node EUS (v. 6.7): Source: apr-1.3.9-5.el6_7.1.src.rpm x86_64: apr-1.3.9-5.el6_7.1.i686.rpm apr-1.3.9-5.el6_7.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_7.1.i686.rpm apr-debuginfo-1.3.9-5.el6_7.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7): x86_64: apr-debuginfo-1.3.9-5.el6_7.1.i686.rpm apr-debuginfo-1.3.9-5.el6_7.1.x86_64.rpm apr-devel-1.3.9-5.el6_7.1.i686.rpm apr-devel-1.3.9-5.el6_7.1.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.4): Source: apr-1.3.9-5.el6_4.1.src.rpm x86_64: apr-1.3.9-5.el6_4.1.i686.rpm apr-1.3.9-5.el6_4.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_4.1.i686.rpm apr-debuginfo-1.3.9-5.el6_4.1.x86_64.rpm apr-devel-1.3.9-5.el6_4.1.i686.rpm apr-devel-1.3.9-5.el6_4.1.x86_64.rpm Red Hat Enterprise Linux Server AUS (v.6.5): Source: apr-1.3.9-5.el6_5.1.src.rpm x86_64: apr-1.3.9-5.el6_5.1.i686.rpm apr-1.3.9-5.el6_5.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_5.1.i686.rpm apr-debuginfo-1.3.9-5.el6_5.1.x86_64.rpm apr-devel-1.3.9-5.el6_5.1.i686.rpm apr-devel-1.3.9-5.el6_5.1.x86_64.rpm Red Hat Enterprise Linux Server AUS (v. 6.6): Source: apr-1.3.9-5.el6_6.1.src.rpm x86_64: apr-1.3.9-5.el6_6.1.i686.rpm apr-1.3.9-5.el6_6.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_6.1.i686.rpm apr-debuginfo-1.3.9-5.el6_6.1.x86_64.rpm apr-devel-1.3.9-5.el6_6.1.i686.rpm apr-devel-1.3.9-5.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 6.6): Source: apr-1.3.9-5.el6_6.1.src.rpm x86_64: apr-1.3.9-5.el6_6.1.i686.rpm apr-1.3.9-5.el6_6.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_6.1.i686.rpm apr-debuginfo-1.3.9-5.el6_6.1.x86_64.rpm apr-devel-1.3.9-5.el6_6.1.i686.rpm apr-devel-1.3.9-5.el6_6.1.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 6.7): Source: apr-1.3.9-5.el6_7.1.src.rpm i386: apr-1.3.9-5.el6_7.1.i686.rpm apr-debuginfo-1.3.9-5.el6_7.1.i686.rpm apr-devel-1.3.9-5.el6_7.1.i686.rpm ppc64: apr-1.3.9-5.el6_7.1.ppc.rpm apr-1.3.9-5.el6_7.1.ppc64.rpm apr-debuginfo-1.3.9-5.el6_7.1.ppc.rpm apr-debuginfo-1.3.9-5.el6_7.1.ppc64.rpm apr-devel-1.3.9-5.el6_7.1.ppc.rpm apr-devel-1.3.9-5.el6_7.1.ppc64.rpm s390x: apr-1.3.9-5.el6_7.1.s390.rpm apr-1.3.9-5.el6_7.1.s390x.rpm apr-debuginfo-1.3.9-5.el6_7.1.s390.rpm apr-debuginfo-1.3.9-5.el6_7.1.s390x.rpm apr-devel-1.3.9-5.el6_7.1.s390.rpm apr-devel-1.3.9-5.el6_7.1.s390x.rpm x86_64: apr-1.3.9-5.el6_7.1.i686.rpm apr-1.3.9-5.el6_7.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_7.1.i686.rpm apr-debuginfo-1.3.9-5.el6_7.1.x86_64.rpm apr-devel-1.3.9-5.el6_7.1.i686.rpm apr-devel-1.3.9-5.el6_7.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3): Source: apr-1.4.8-3.el7_3.1.src.rpm x86_64: apr-1.4.8-3.el7_3.1.i686.rpm apr-1.4.8-3.el7_3.1.x86_64.rpm apr-debuginfo-1.4.8-3.el7_3.1.i686.rpm apr-debuginfo-1.4.8-3.el7_3.1.x86_64.rpm apr-devel-1.4.8-3.el7_3.1.i686.rpm apr-devel-1.4.8-3.el7_3.1.x86_64.rpm Red HatEnterprise Linux Server AUS (v. 7.2): Source: apr-1.4.8-3.el7_2.1.src.rpm x86_64: apr-1.4.8-3.el7_2.1.i686.rpm apr-1.4.8-3.el7_2.1.x86_64.rpm apr-debuginfo-1.4.8-3.el7_2.1.i686.rpm apr-debuginfo-1.4.8-3.el7_2.1.x86_64.rpm apr-devel-1.4.8-3.el7_2.1.i686.rpm apr-devel-1.4.8-3.el7_2.1.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.2): Source: apr-1.4.8-3.el7_2.1.src.rpm ppc64le: apr-1.4.8-3.el7_2.1.ppc64le.rpm apr-debuginfo-1.4.8-3.el7_2.1.ppc64le.rpm apr-devel-1.4.8-3.el7_2.1.ppc64le.rpm x86_64: apr-1.4.8-3.el7_2.1.i686.rpm apr-1.4.8-3.el7_2.1.x86_64.rpm apr-debuginfo-1.4.8-3.el7_2.1.i686.rpm apr-debuginfo-1.4.8-3.el7_2.1.x86_64.rpm apr-devel-1.4.8-3.el7_2.1.i686.rpm apr-devel-1.4.8-3.el7_2.1.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.2): Source: apr-1.4.8-3.el7_2.1.src.rpm x86_64: apr-1.4.8-3.el7_2.1.i686.rpm apr-1.4.8-3.el7_2.1.x86_64.rpm apr-debuginfo-1.4.8-3.el7_2.1.i686.rpm apr-debuginfo-1.4.8-3.el7_2.1.x86_64.rpm apr-devel-1.4.8-3.el7_2.1.i686.rpm apr-devel-1.4.8-3.el7_2.1.x86_64.rpm Red Hat Enterprise Linux Server EUS (v. 7.3): Source: apr-1.4.8-3.el7_3.1.src.rpm ppc64: apr-1.4.8-3.el7_3.1.ppc.rpm apr-1.4.8-3.el7_3.1.ppc64.rpm apr-debuginfo-1.4.8-3.el7_3.1.ppc.rpm apr-debuginfo-1.4.8-3.el7_3.1.ppc64.rpm apr-devel-1.4.8-3.el7_3.1.ppc.rpm apr-devel-1.4.8-3.el7_3.1.ppc64.rpm ppc64le: apr-1.4.8-3.el7_3.1.ppc64le.rpm apr-debuginfo-1.4.8-3.el7_3.1.ppc64le.rpm apr-devel-1.4.8-3.el7_3.1.ppc64le.rpm s390x: apr-1.4.8-3.el7_3.1.s390.rpm apr-1.4.8-3.el7_3.1.s390x.rpm apr-debuginfo-1.4.8-3.el7_3.1.s390.rpm apr-debuginfo-1.4.8-3.el7_3.1.s390x.rpm apr-devel-1.4.8-3.el7_3.1.s390.rpm apr-devel-1.4.8-3.el7_3.1.s390x.rpm x86_64: apr-1.4.8-3.el7_3.1.i686.rpm apr-1.4.8-3.el7_3.1.x86_64.rpm apr-debuginfo-1.4.8-3.el7_3.1.i686.rpm apr-debuginfo-1.4.8-3.el7_3.1.x86_64.rpm apr-devel-1.4.8-3.el7_3.1.i686.rpm apr-devel-1.4.8-3.el7_3.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-12613 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2018 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFa4j0lXlSAg2UNWIIRAq05AJ4pwwTLE6OnsWgsL1xxge5Zz+C28ACdHRHQ w0VT8MLHcQqKdXFiVKYYrrE=mjXk -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A critical patch has been released for the Apache Portable Runtime within Red Hat Enterprise Linux versions.. apr Security Update, Red Hat Advisory, Important Update. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Apr 26, 2018 Important Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorydenial of serviceimportant

Red Hat: RHSA-2017-3270-01 Important: apr Security Risk and Update

An update for apr is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Important: apr security update Advisory ID: RHSA-2017:3270-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:3270 Issue date: 2017-11-28 CVE Names: CVE-2017-12613 ==================================================================== 1. Summary: An update for apr is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le 3. Description: The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a freelibrary of C data structures and routines. Security Fix(es): * An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Applications using the APR libraries, such as httpd, must be restarted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1506523 - CVE-2017-12613 apr: Out-of-bounds array deref in apr_time_exp*() functions 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: apr-1.3.9-5.el6_9.1.src.rpm i386: apr-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm x86_64: apr-1.3.9-5.el6_9.1.i686.rpm apr-1.3.9-5.el6_9.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): i386: apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-devel-1.3.9-5.el6_9.1.i686.rpm x86_64: apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.x86_64.rpm apr-devel-1.3.9-5.el6_9.1.i686.rpm apr-devel-1.3.9-5.el6_9.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: apr-1.3.9-5.el6_9.1.src.rpm x86_64: apr-1.3.9-5.el6_9.1.i686.rpm apr-1.3.9-5.el6_9.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): x86_64: apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.x86_64.rpm apr-devel-1.3.9-5.el6_9.1.i686.rpm apr-devel-1.3.9-5.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Server (v.6): Source: apr-1.3.9-5.el6_9.1.src.rpm i386: apr-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-devel-1.3.9-5.el6_9.1.i686.rpm ppc64: apr-1.3.9-5.el6_9.1.ppc.rpm apr-1.3.9-5.el6_9.1.ppc64.rpm apr-debuginfo-1.3.9-5.el6_9.1.ppc.rpm apr-debuginfo-1.3.9-5.el6_9.1.ppc64.rpm apr-devel-1.3.9-5.el6_9.1.ppc.rpm apr-devel-1.3.9-5.el6_9.1.ppc64.rpm s390x: apr-1.3.9-5.el6_9.1.s390.rpm apr-1.3.9-5.el6_9.1.s390x.rpm apr-debuginfo-1.3.9-5.el6_9.1.s390.rpm apr-debuginfo-1.3.9-5.el6_9.1.s390x.rpm apr-devel-1.3.9-5.el6_9.1.s390.rpm apr-devel-1.3.9-5.el6_9.1.s390x.rpm x86_64: apr-1.3.9-5.el6_9.1.i686.rpm apr-1.3.9-5.el6_9.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.x86_64.rpm apr-devel-1.3.9-5.el6_9.1.i686.rpm apr-devel-1.3.9-5.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: apr-1.3.9-5.el6_9.1.src.rpm i386: apr-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-devel-1.3.9-5.el6_9.1.i686.rpm x86_64: apr-1.3.9-5.el6_9.1.i686.rpm apr-1.3.9-5.el6_9.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.x86_64.rpm apr-devel-1.3.9-5.el6_9.1.i686.rpm apr-devel-1.3.9-5.el6_9.1.x86_64.rpm Red Hat Enterprise Linux Client (v. 7): Source: apr-1.4.8-3.el7_4.1.src.rpm x86_64: apr-1.4.8-3.el7_4.1.i686.rpm apr-1.4.8-3.el7_4.1.x86_64.rpm apr-debuginfo-1.4.8-3.el7_4.1.i686.rpm apr-debuginfo-1.4.8-3.el7_4.1.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: apr-debuginfo-1.4.8-3.el7_4.1.i686.rpm apr-debuginfo-1.4.8-3.el7_4.1.x86_64.rpm apr-devel-1.4.8-3.el7_4.1.i686.rpm apr-devel-1.4.8-3.el7_4.1.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: apr-1.4.8-3.el7_4.1.src.rpm x86_64: apr-1.4.8-3.el7_4.1.i686.rpm apr-1.4.8-3.el7_4.1.x86_64.rpm apr-debuginfo-1.4.8-3.el7_4.1.i686.rpm apr-debuginfo-1.4.8-3.el7_4.1.x86_64.rpm apr-devel-1.4.8-3.el7_4.1.i686.rpm apr-devel-1.4.8-3.el7_4.1.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: apr-1.4.8-3.el7_4.1.src.rpm ppc64: apr-1.4.8-3.el7_4.1.ppc.rpm apr-1.4.8-3.el7_4.1.ppc64.rpm apr-debuginfo-1.4.8-3.el7_4.1.ppc.rpm apr-debuginfo-1.4.8-3.el7_4.1.ppc64.rpm apr-devel-1.4.8-3.el7_4.1.ppc.rpm apr-devel-1.4.8-3.el7_4.1.ppc64.rpm ppc64le: apr-1.4.8-3.el7_4.1.ppc64le.rpm apr-debuginfo-1.4.8-3.el7_4.1.ppc64le.rpm apr-devel-1.4.8-3.el7_4.1.ppc64le.rpm s390x: apr-1.4.8-3.el7_4.1.s390.rpm apr-1.4.8-3.el7_4.1.s390x.rpm apr-debuginfo-1.4.8-3.el7_4.1.s390.rpm apr-debuginfo-1.4.8-3.el7_4.1.s390x.rpm apr-devel-1.4.8-3.el7_4.1.s390.rpm apr-devel-1.4.8-3.el7_4.1.s390x.rpm x86_64: apr-1.4.8-3.el7_4.1.i686.rpm apr-1.4.8-3.el7_4.1.x86_64.rpm apr-debuginfo-1.4.8-3.el7_4.1.i686.rpm apr-debuginfo-1.4.8-3.el7_4.1.x86_64.rpm apr-devel-1.4.8-3.el7_4.1.i686.rpm apr-devel-1.4.8-3.el7_4.1.x86_64.rpm Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7): Source: apr-1.4.8-3.el7_4.1.src.rpm aarch64: apr-1.4.8-3.el7_4.1.aarch64.rpm apr-debuginfo-1.4.8-3.el7_4.1.aarch64.rpm apr-devel-1.4.8-3.el7_4.1.aarch64.rpm ppc64le: apr-1.4.8-3.el7_4.1.ppc64le.rpm apr-debuginfo-1.4.8-3.el7_4.1.ppc64le.rpm apr-devel-1.4.8-3.el7_4.1.ppc64le.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: apr-1.4.8-3.el7_4.1.src.rpm x86_64: apr-1.4.8-3.el7_4.1.i686.rpm apr-1.4.8-3.el7_4.1.x86_64.rpm apr-debuginfo-1.4.8-3.el7_4.1.i686.rpm apr-debuginfo-1.4.8-3.el7_4.1.x86_64.rpm apr-devel-1.4.8-3.el7_4.1.i686.rpm apr-devel-1.4.8-3.el7_4.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2017-12613 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iD8DBQFaHeYxXlSAg2UNWIIRAq68AJ40znkuoeryDgG2kL1l2MTpL+oD6wCggb4M AW0e3FjuWmFdkBHik4lmxdc=vZ+z -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Crucial patch released for apr on Red Hat Enterprise Linux versions 6 and 7 targeting potential denial of service vulnerabilities.. apr Security Update, Red Hat Advisory, Enterprise Linux Security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Nov 28, 2017 Important Red Hat
Banner 4 1028x280 1708121825 1771600306
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorycritical issueFedora

Fedora 27: 2017-48368de8c9 Critical: Apr Out-Of-Bounds Security Fix

Security fix + version update. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-48368de8c9 2017-11-11 13:29:22.452056 --------------------------------------------------------------------------------Name : apr Product : Fedora 27 Version : 1.6.3 Release : 1.fc27 URL : https://apr.apache.org/ Summary : Apache Portable Runtime library Description : The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines, forming a system portability layer to as many operating systems as possible, including Unices, MS Win32, BeOS and OS/2. --------------------------------------------------------------------------------Update Information: Security fix + version update --------------------------------------------------------------------------------References: [ 1 ] Bug #1506524 - CVE-2017-12613 apr: Out-of-bounds array deref in apr_time_exp*() functions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1506524 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade apr' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora 27 enhances the apr library by implementing a security patch that tackles severe vulnerabilities to bolster overall system protection.. Fedora Update, Security Fix, Apache Portable Runtime. . Severity:Critical. LinuxSecurity.com Team

Calendar 2 Nov 11, 2017 Critical Fedora
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorydenial of servicegentoo

Gentoo: GLSA-201805-12 Low: Apache Tomcat Security Vulnerability

Memory consumption errors in Apache Portable Runtime and APR Utility Library could result in Denial of Service.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201405-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Low Title: Apache Portable Runtime, APR Utility Library: Denial of Service Date: May 18, 2014 Bugs: #339527, #366903, #368651, #399089 ID: 201405-24 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Memory consumption errors in Apache Portable Runtime and APR Utility Library could result in Denial of Service. Background ========= The Apache Portable Runtime (aka APR) provides a set of APIs for creating platform-independent applications. The Apache Portable Runtime Utility Library (aka APR-Util) provides an interface to functionality such as XML parsing, string matching and database connections. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/apr < 1.4.8-r1 > = 1.4.8-r1 2 dev-libs/apr-util < 1.3.10 > = 1.3.10 ------------------------------------------------------------------- 2 affected packages Description ========== Multiple vulnerabilities have been discovered in Apache Portable Runtime and APR Utility Library. Please review the CVE identifiersreferenced below for details. Impact ===== A remote attacker could cause a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All Apache Portable Runtime users shouldupgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-libs/apr-1.4.8-r1" All users of the APR Utility Library should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-libs/apr-util-1.3.10" Packages which depend on these libraries may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages. References ========= [ 1 ] CVE-2010-1623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1623 [ 2 ] CVE-2011-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0419 [ 3 ] CVE-2011-1928 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1928 [ 4 ] CVE-2012-0840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0840 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201405-24 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . The Apache Portable Runtime has been found to have memory vulnerabilities that may cause Denial of Service issues. Update promptly to enhance your system's security!. Apache Portable Runtime, Denial of Service, Gentoo Security. . Severity: Low. LinuxSecurity.com Team

Calendar 2 May 18, 2014 Low Gentoo
Banner 4 1028x280 1708121825 1771600306
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderateRed Hat Enterprise Linux

Red Hat RHEL: RHSA-2011:0507-01 Moderate: apr Recursion Issue

Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: apr security update Advisory ID: RHSA-2011:0507-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2011:0507.html Issue date: 2011-05-11 CVE Names: CVE-2011-0419 ==================================================================== 1. Summary: Updated apr packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 3. Description: The Apache Portable Runtime (APR) is a portability library used bythe Apache HTTP Server and other projects. It provides a free library of C data structures and routines. It was discovered that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching. (CVE-2011-0419) Red Hat would like to thank Maksymilian Arciemowicz for reporting this issue. All apr users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr library, such as httpd, must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 703390 - CVE-2011-0419 apr: unconstrained recursion in apr_fnmatch 6. Package List: Red Hat Enterprise Linux AS version4: Source: i386: apr-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-devel-0.9.4-25.el4.i386.rpm ia64: apr-0.9.4-25.el4.i386.rpm apr-0.9.4-25.el4.ia64.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.ia64.rpm apr-devel-0.9.4-25.el4.ia64.rpm ppc: apr-0.9.4-25.el4.ppc.rpm apr-0.9.4-25.el4.ppc64.rpm apr-debuginfo-0.9.4-25.el4.ppc.rpm apr-debuginfo-0.9.4-25.el4.ppc64.rpm apr-devel-0.9.4-25.el4.ppc.rpm s390: apr-0.9.4-25.el4.s390.rpm apr-debuginfo-0.9.4-25.el4.s390.rpm apr-devel-0.9.4-25.el4.s390.rpm s390x: apr-0.9.4-25.el4.s390.rpm apr-0.9.4-25.el4.s390x.rpm apr-debuginfo-0.9.4-25.el4.s390.rpm apr-debuginfo-0.9.4-25.el4.s390x.rpm apr-devel-0.9.4-25.el4.s390x.rpm x86_64: apr-0.9.4-25.el4.i386.rpm apr-0.9.4-25.el4.x86_64.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.x86_64.rpm apr-devel-0.9.4-25.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: Source: i386: apr-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-devel-0.9.4-25.el4.i386.rpm x86_64: apr-0.9.4-25.el4.i386.rpm apr-0.9.4-25.el4.x86_64.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.x86_64.rpm apr-devel-0.9.4-25.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: apr-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-devel-0.9.4-25.el4.i386.rpm ia64: apr-0.9.4-25.el4.i386.rpm apr-0.9.4-25.el4.ia64.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.ia64.rpm apr-devel-0.9.4-25.el4.ia64.rpm x86_64: apr-0.9.4-25.el4.i386.rpm apr-0.9.4-25.el4.x86_64.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.x86_64.rpm apr-devel-0.9.4-25.el4.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: apr-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-devel-0.9.4-25.el4.i386.rpm ia64: apr-0.9.4-25.el4.i386.rpm apr-0.9.4-25.el4.ia64.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.ia64.rpm apr-devel-0.9.4-25.el4.ia64.rpm x86_64: apr-0.9.4-25.el4.i386.rpm apr-0.9.4-25.el4.x86_64.rpm apr-debuginfo-0.9.4-25.el4.i386.rpm apr-debuginfo-0.9.4-25.el4.x86_64.rpm apr-devel-0.9.4-25.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: apr-1.2.7-11.el5_6.4.i386.rpm apr-debuginfo-1.2.7-11.el5_6.4.i386.rpm apr-docs-1.2.7-11.el5_6.4.i386.rpm x86_64: apr-1.2.7-11.el5_6.4.i386.rpm apr-1.2.7-11.el5_6.4.x86_64.rpm apr-debuginfo-1.2.7-11.el5_6.4.i386.rpm apr-debuginfo-1.2.7-11.el5_6.4.x86_64.rpm apr-docs-1.2.7-11.el5_6.4.x86_64.rpm RHEL Desktop Workstation (v. 5 client): Source: i386: apr-debuginfo-1.2.7-11.el5_6.4.i386.rpm apr-devel-1.2.7-11.el5_6.4.i386.rpm x86_64: apr-debuginfo-1.2.7-11.el5_6.4.i386.rpm apr-debuginfo-1.2.7-11.el5_6.4.x86_64.rpm apr-devel-1.2.7-11.el5_6.4.i386.rpm apr-devel-1.2.7-11.el5_6.4.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: apr-1.2.7-11.el5_6.4.i386.rpm apr-debuginfo-1.2.7-11.el5_6.4.i386.rpm apr-devel-1.2.7-11.el5_6.4.i386.rpm apr-docs-1.2.7-11.el5_6.4.i386.rpm ia64: apr-1.2.7-11.el5_6.4.ia64.rpm apr-debuginfo-1.2.7-11.el5_6.4.ia64.rpm apr-devel-1.2.7-11.el5_6.4.ia64.rpm apr-docs-1.2.7-11.el5_6.4.ia64.rpm ppc: apr-1.2.7-11.el5_6.4.ppc.rpm apr-1.2.7-11.el5_6.4.ppc64.rpm apr-debuginfo-1.2.7-11.el5_6.4.ppc.rpm apr-debuginfo-1.2.7-11.el5_6.4.ppc64.rpm apr-devel-1.2.7-11.el5_6.4.ppc.rpm apr-devel-1.2.7-11.el5_6.4.ppc64.rpm apr-docs-1.2.7-11.el5_6.4.ppc.rpm s390x: apr-1.2.7-11.el5_6.4.s390.rpm apr-1.2.7-11.el5_6.4.s390x.rpm apr-debuginfo-1.2.7-11.el5_6.4.s390.rpm apr-debuginfo-1.2.7-11.el5_6.4.s390x.rpm apr-devel-1.2.7-11.el5_6.4.s390.rpm apr-devel-1.2.7-11.el5_6.4.s390x.rpm apr-docs-1.2.7-11.el5_6.4.s390x.rpm x86_64: apr-1.2.7-11.el5_6.4.i386.rpm apr-1.2.7-11.el5_6.4.x86_64.rpm apr-debuginfo-1.2.7-11.el5_6.4.i386.rpm apr-debuginfo-1.2.7-11.el5_6.4.x86_64.rpm apr-devel-1.2.7-11.el5_6.4.i386.rpm apr-devel-1.2.7-11.el5_6.4.x86_64.rpm apr-docs-1.2.7-11.el5_6.4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 6): Source: i386: apr-1.3.9-3.el6_0.1.i686.rpm apr-debuginfo-1.3.9-3.el6_0.1.i686.rpm x86_64: apr-1.3.9-3.el6_0.1.i686.rpm apr-1.3.9-3.el6_0.1.x86_64.rpm apr-debuginfo-1.3.9-3.el6_0.1.i686.rpm apr-debuginfo-1.3.9-3.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: i386: apr-debuginfo-1.3.9-3.el6_0.1.i686.rpm apr-devel-1.3.9-3.el6_0.1.i686.rpm x86_64: apr-debuginfo-1.3.9-3.el6_0.1.i686.rpm apr-debuginfo-1.3.9-3.el6_0.1.x86_64.rpm apr-devel-1.3.9-3.el6_0.1.i686.rpm apr-devel-1.3.9-3.el6_0.1.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: x86_64: apr-1.3.9-3.el6_0.1.i686.rpm apr-1.3.9-3.el6_0.1.x86_64.rpm apr-debuginfo-1.3.9-3.el6_0.1.i686.rpm apr-debuginfo-1.3.9-3.el6_0.1.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v.6): Source: x86_64: apr-debuginfo-1.3.9-3.el6_0.1.i686.rpm apr-debuginfo-1.3.9-3.el6_0.1.x86_64.rpm apr-devel-1.3.9-3.el6_0.1.i686.rpm apr-devel-1.3.9-3.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: i386: apr-1.3.9-3.el6_0.1.i686.rpm apr-debuginfo-1.3.9-3.el6_0.1.i686.rpm apr-devel-1.3.9-3.el6_0.1.i686.rpm ppc64: apr-1.3.9-3.el6_0.1.ppc.rpm apr-1.3.9-3.el6_0.1.ppc64.rpm apr-debuginfo-1.3.9-3.el6_0.1.ppc.rpm apr-debuginfo-1.3.9-3.el6_0.1.ppc64.rpm apr-devel-1.3.9-3.el6_0.1.ppc.rpm apr-devel-1.3.9-3.el6_0.1.ppc64.rpm s390x: apr-1.3.9-3.el6_0.1.s390.rpm apr-1.3.9-3.el6_0.1.s390x.rpm apr-debuginfo-1.3.9-3.el6_0.1.s390.rpm apr-debuginfo-1.3.9-3.el6_0.1.s390x.rpm apr-devel-1.3.9-3.el6_0.1.s390.rpm apr-devel-1.3.9-3.el6_0.1.s390x.rpm x86_64: apr-1.3.9-3.el6_0.1.i686.rpm apr-1.3.9-3.el6_0.1.x86_64.rpm apr-debuginfo-1.3.9-3.el6_0.1.i686.rpm apr-debuginfo-1.3.9-3.el6_0.1.x86_64.rpm apr-devel-1.3.9-3.el6_0.1.i686.rpm apr-devel-1.3.9-3.el6_0.1.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: i386: apr-1.3.9-3.el6_0.1.i686.rpm apr-debuginfo-1.3.9-3.el6_0.1.i686.rpm apr-devel-1.3.9-3.el6_0.1.i686.rpm x86_64: apr-1.3.9-3.el6_0.1.i686.rpm apr-1.3.9-3.el6_0.1.x86_64.rpm apr-debuginfo-1.3.9-3.el6_0.1.i686.rpm apr-debuginfo-1.3.9-3.el6_0.1.x86_64.rpm apr-devel-1.3.9-3.el6_0.1.i686.rpm apr-devel-1.3.9-3.el6_0.1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://access.redhat.com/security/cve/CVE-2011-0419 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFNyxiLXlSAg2UNWIIRAqMmAJ9N/SemmsZZJN8mp93a5bZo7OD3YwCfUVxg oWnstz3qfiJn7vUvAjUlChw=OXvL -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Recent security patch released for Red Hat focusing on an identified issue in regex validation. Refer to the complete advisory for in-depth information.. Red Hat Security, apr updates, pattern matching flaw, recursion issue. . LinuxSecurity.com Team

Calendar 2 May 11, 2011 Red Hat
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorymoderatebuffer overflow

Red Hat: RHSA-2009:1204 Moderate: Apr Buffer Overflow Issue

Updated apr and apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: apr and apr-util security update Advisory ID: RHSA-2009:1204-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2009:1204.html Issue date: 2009-08-10 CVE Names: CVE-2009-2412 ==================================================================== 1. Summary: Updated apr and apr-util packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It aims to provide a free library of C data structures and routines. apr-util is a utility library used with APR. This library provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the Apache Portable Runtime (APR) manages memory pool and relocatable memory allocations. An attacker coulduse these flaws to issue a specially-crafted request for memory allocation, which would lead to a denial of service (application crash) or, potentially, execute arbitrary code with the privileges of an application using the APR libraries. (CVE-2009-2412) All apr and apr-util users should upgrade to these updated packages, which contain backported patches to correct these issues. Applications using the APR libraries, such as httpd, must be restarted for this update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at 5. Bugs fixed (https://bugzilla.redhat.com/): 515698 - CVE-2009-2412 apr, apr-util: Integer overflows in memory pool (apr) and relocatable memory (apr-util) management 6. Package List: Red Hat Enterprise Linux AS version4: Source: i386: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-devel-0.9.4-24.9.el4_8.2.i386.rpm apr-util-0.9.4-22.el4_8.2.i386.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.i386.rpm apr-util-devel-0.9.4-22.el4_8.2.i386.rpm ia64: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-0.9.4-24.9.el4_8.2.ia64.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.ia64.rpm apr-devel-0.9.4-24.9.el4_8.2.ia64.rpm apr-util-0.9.4-22.el4_8.2.ia64.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.ia64.rpm apr-util-devel-0.9.4-22.el4_8.2.ia64.rpm ppc: apr-0.9.4-24.9.el4_8.2.ppc.rpm apr-0.9.4-24.9.el4_8.2.ppc64.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.ppc.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.ppc64.rpm apr-devel-0.9.4-24.9.el4_8.2.ppc.rpm apr-util-0.9.4-22.el4_8.2.ppc.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.ppc.rpm apr-util-devel-0.9.4-22.el4_8.2.ppc.rpm s390: apr-0.9.4-24.9.el4_8.2.s390.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.s390.rpm apr-devel-0.9.4-24.9.el4_8.2.s390.rpm apr-util-0.9.4-22.el4_8.2.s390.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.s390.rpm apr-util-devel-0.9.4-22.el4_8.2.s390.rpm s390x: apr-0.9.4-24.9.el4_8.2.s390.rpm apr-0.9.4-24.9.el4_8.2.s390x.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.s390.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.s390x.rpm apr-devel-0.9.4-24.9.el4_8.2.s390x.rpm apr-util-0.9.4-22.el4_8.2.s390x.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.s390x.rpm apr-util-devel-0.9.4-22.el4_8.2.s390x.rpm x86_64: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-0.9.4-24.9.el4_8.2.x86_64.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.x86_64.rpm apr-devel-0.9.4-24.9.el4_8.2.x86_64.rpm apr-util-0.9.4-22.el4_8.2.x86_64.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.x86_64.rpm apr-util-devel-0.9.4-22.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop version4: Source: i386: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-devel-0.9.4-24.9.el4_8.2.i386.rpm apr-util-0.9.4-22.el4_8.2.i386.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.i386.rpm apr-util-devel-0.9.4-22.el4_8.2.i386.rpm x86_64: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-0.9.4-24.9.el4_8.2.x86_64.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.x86_64.rpm apr-devel-0.9.4-24.9.el4_8.2.x86_64.rpm apr-util-0.9.4-22.el4_8.2.x86_64.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.x86_64.rpm apr-util-devel-0.9.4-22.el4_8.2.x86_64.rpm Red Hat Enterprise Linux ES version 4: Source: i386: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-devel-0.9.4-24.9.el4_8.2.i386.rpm apr-util-0.9.4-22.el4_8.2.i386.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.i386.rpm apr-util-devel-0.9.4-22.el4_8.2.i386.rpm ia64: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-0.9.4-24.9.el4_8.2.ia64.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.ia64.rpm apr-devel-0.9.4-24.9.el4_8.2.ia64.rpm apr-util-0.9.4-22.el4_8.2.ia64.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.ia64.rpm apr-util-devel-0.9.4-22.el4_8.2.ia64.rpm x86_64: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-0.9.4-24.9.el4_8.2.x86_64.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.x86_64.rpm apr-devel-0.9.4-24.9.el4_8.2.x86_64.rpm apr-util-0.9.4-22.el4_8.2.x86_64.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.x86_64.rpm apr-util-devel-0.9.4-22.el4_8.2.x86_64.rpm Red Hat Enterprise Linux WS version4: Source: i386: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-devel-0.9.4-24.9.el4_8.2.i386.rpm apr-util-0.9.4-22.el4_8.2.i386.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.i386.rpm apr-util-devel-0.9.4-22.el4_8.2.i386.rpm ia64: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-0.9.4-24.9.el4_8.2.ia64.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.ia64.rpm apr-devel-0.9.4-24.9.el4_8.2.ia64.rpm apr-util-0.9.4-22.el4_8.2.ia64.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.ia64.rpm apr-util-devel-0.9.4-22.el4_8.2.ia64.rpm x86_64: apr-0.9.4-24.9.el4_8.2.i386.rpm apr-0.9.4-24.9.el4_8.2.x86_64.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.i386.rpm apr-debuginfo-0.9.4-24.9.el4_8.2.x86_64.rpm apr-devel-0.9.4-24.9.el4_8.2.x86_64.rpm apr-util-0.9.4-22.el4_8.2.x86_64.rpm apr-util-debuginfo-0.9.4-22.el4_8.2.x86_64.rpm apr-util-devel-0.9.4-22.el4_8.2.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): Source: i386: apr-1.2.7-11.el5_3.1.i386.rpm apr-debuginfo-1.2.7-11.el5_3.1.i386.rpm apr-docs-1.2.7-11.el5_3.1.i386.rpm apr-util-1.2.7-7.el5_3.2.i386.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.i386.rpm apr-util-docs-1.2.7-7.el5_3.2.i386.rpm x86_64: apr-1.2.7-11.el5_3.1.i386.rpm apr-1.2.7-11.el5_3.1.x86_64.rpm apr-debuginfo-1.2.7-11.el5_3.1.i386.rpm apr-debuginfo-1.2.7-11.el5_3.1.x86_64.rpm apr-docs-1.2.7-11.el5_3.1.x86_64.rpm apr-util-1.2.7-7.el5_3.2.i386.rpm apr-util-1.2.7-7.el5_3.2.x86_64.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.i386.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.x86_64.rpm apr-util-docs-1.2.7-7.el5_3.2.x86_64.rpm RHEL Desktop Workstation (v. 5client): Source: i386: apr-debuginfo-1.2.7-11.el5_3.1.i386.rpm apr-devel-1.2.7-11.el5_3.1.i386.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.i386.rpm apr-util-devel-1.2.7-7.el5_3.2.i386.rpm x86_64: apr-debuginfo-1.2.7-11.el5_3.1.i386.rpm apr-debuginfo-1.2.7-11.el5_3.1.x86_64.rpm apr-devel-1.2.7-11.el5_3.1.i386.rpm apr-devel-1.2.7-11.el5_3.1.x86_64.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.i386.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.x86_64.rpm apr-util-devel-1.2.7-7.el5_3.2.i386.rpm apr-util-devel-1.2.7-7.el5_3.2.x86_64.rpm Red Hat Enterprise Linux (v. 5server): Source: i386: apr-1.2.7-11.el5_3.1.i386.rpm apr-debuginfo-1.2.7-11.el5_3.1.i386.rpm apr-devel-1.2.7-11.el5_3.1.i386.rpm apr-docs-1.2.7-11.el5_3.1.i386.rpm apr-util-1.2.7-7.el5_3.2.i386.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.i386.rpm apr-util-devel-1.2.7-7.el5_3.2.i386.rpm apr-util-docs-1.2.7-7.el5_3.2.i386.rpm ia64: apr-1.2.7-11.el5_3.1.ia64.rpm apr-debuginfo-1.2.7-11.el5_3.1.ia64.rpm apr-devel-1.2.7-11.el5_3.1.ia64.rpm apr-docs-1.2.7-11.el5_3.1.ia64.rpm apr-util-1.2.7-7.el5_3.2.ia64.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.ia64.rpm apr-util-devel-1.2.7-7.el5_3.2.ia64.rpm apr-util-docs-1.2.7-7.el5_3.2.ia64.rpm ppc: apr-1.2.7-11.el5_3.1.ppc.rpm apr-1.2.7-11.el5_3.1.ppc64.rpm apr-debuginfo-1.2.7-11.el5_3.1.ppc.rpm apr-debuginfo-1.2.7-11.el5_3.1.ppc64.rpm apr-devel-1.2.7-11.el5_3.1.ppc.rpm apr-devel-1.2.7-11.el5_3.1.ppc64.rpm apr-docs-1.2.7-11.el5_3.1.ppc.rpm apr-util-1.2.7-7.el5_3.2.ppc.rpm apr-util-1.2.7-7.el5_3.2.ppc64.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.ppc.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.ppc64.rpm apr-util-devel-1.2.7-7.el5_3.2.ppc.rpm apr-util-devel-1.2.7-7.el5_3.2.ppc64.rpm apr-util-docs-1.2.7-7.el5_3.2.ppc.rpm s390x: apr-1.2.7-11.el5_3.1.s390.rpm apr-1.2.7-11.el5_3.1.s390x.rpm apr-debuginfo-1.2.7-11.el5_3.1.s390.rpm apr-debuginfo-1.2.7-11.el5_3.1.s390x.rpm apr-devel-1.2.7-11.el5_3.1.s390.rpm apr-devel-1.2.7-11.el5_3.1.s390x.rpm apr-docs-1.2.7-11.el5_3.1.s390x.rpm apr-util-1.2.7-7.el5_3.2.s390.rpm apr-util-1.2.7-7.el5_3.2.s390x.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.s390.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.s390x.rpm apr-util-devel-1.2.7-7.el5_3.2.s390.rpm apr-util-devel-1.2.7-7.el5_3.2.s390x.rpm apr-util-docs-1.2.7-7.el5_3.2.s390x.rpm x86_64: apr-1.2.7-11.el5_3.1.i386.rpm apr-1.2.7-11.el5_3.1.x86_64.rpm apr-debuginfo-1.2.7-11.el5_3.1.i386.rpm apr-debuginfo-1.2.7-11.el5_3.1.x86_64.rpm apr-devel-1.2.7-11.el5_3.1.i386.rpm apr-devel-1.2.7-11.el5_3.1.x86_64.rpm apr-docs-1.2.7-11.el5_3.1.x86_64.rpm apr-util-1.2.7-7.el5_3.2.i386.rpm apr-util-1.2.7-7.el5_3.2.x86_64.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.i386.rpm apr-util-debuginfo-1.2.7-7.el5_3.2.x86_64.rpm apr-util-devel-1.2.7-7.el5_3.2.i386.rpm apr-util-devel-1.2.7-7.el5_3.2.x86_64.rpm apr-util-docs-1.2.7-7.el5_3.2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2009-2412 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2009 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFKgGRUXlSAg2UNWIIRAntJAKCaAj41LbIQJdzhw7NzoMsFVQaoCwCfWk7+ qumP/7/SPUs6MkL0hsb1uU0=ji/m -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Fedora patches libcurl and openssl to address various vulnerabilities that may affect secure data handling on UNIX-like platforms.. Red Hat Updates, Software Security, Memory Issues, APR, Security Fixes. . LinuxSecurity.com Team

Calendar 2 Aug 10, 2009 Red Hat
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here