[SECURITY] [DLA 1163-1] apr-util security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : apr-util
Version : 1.4.1-3+deb7u1
CVE ID : CVE-2017-12618
Debian Bug : #879996
It was discovered that there was an out-of-bounds read access in
apr-util, a support/portability library used by many applications.
A local user with write access to the database could have made a process
using these functions crash and thus cause a denial-of-service.
For Debian 7 "Wheezy", this issue has been fixed in apr-util version
1.4.1-3+deb7u1.
We recommend that you upgrade your apr-util packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAloA1nQACgkQHpU+J9Qx
Hlgn0A/+NAg5jHgkNf5CFfXWNyy0NqQjXAP9/hhwv5AqMHqOcu3dHLy0pzxZ/cFf
6i0tZyFTeqURL2D/H77PiAQC32KRx4SSw/3zYYGz3DTREay0jvSN1Ch7e7Ddk22c
iog0Sj95iE5+GSFYt+GUbHc/Z9h8wpYeSsTcxERIkMTqScTHk8/zxcmHpGbmn3iR
8RQYts94Hd/fbfXRzEs2u3Y2BTeg63u6h2AYD5DkDc82DTCcAZtsAtPNIZZ2GX1b
Wal3CasBlOjcU5hh4ThMFD0fio+IZ9Jau3VkyCKa8JfCKRQ0XcxS3STRO9Mmt+Ny
Jd3GFo+M+FzI9wcdyL0N3bKyHBFH1Xt6W6lHMGE2gi0ksnmDiwu20cDZE98SVOgg
NJ1Z3W+4j+JD3HkHm1dUMLsb/Cu9beiuZnnfPnoiuvam6zjG50nRs48wfUa3fpMK
12JsgSV2lMS8p82gUF6m+/Vgrb7O8ZQZMfstMSCN+r4okSwjJvD3XskVADo/vl4K
fENIfr1swgb513wLboJljqlKaHDi7h4jyCEka4cDP6g2PPLI5LKxlxN6O7LiXA9m
6l1zwN1fP2RInT009YPf6lQ5fgWDLjWzsyCW9aR5yk6VX3UXLJmdYnKh3SfhlsN8
AMpxw2N6eMWTQKv6IEm7MUu9xDuZw9I0XhcxRMqiQP9C12NiYnQ=
=g1lO
-----END PGP SIGNATURE-----
Reply to: