[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2897-1] apr security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2897-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
January 24, 2022                              https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : apr
Version        : 1.5.2-5+deb9u1
CVE ID         : CVE-2017-12613


An issue has been found in apr, the Apache Portable Runtime Library.
The issue is related to out of bounds memory access due to invalid date fields.


For Debian 9 stretch, this problem has been fixed in version
1.5.2-5+deb9u1.

We recommend that you upgrade your apr packages.

For the detailed security status of apr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/apr

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmHvKdNfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEcmyhAAisjqaRi7vGxPwRSl3xC+zmOMDwfe4SEOhw/KTHboiB/c6XD5jLEINHYF
LXfuxN8QU/zIWGOObfqjRJYMT8JlKAl2VzPfWRaxdX8ncR/c6+34RMouDiNEZEsN
4vPM1fKauZbt0jbCZeJbP1UnJ7a97iGFHXcsq0KGxOg/uzDaOqKZUjnJKwGIvjB1
8IGrieOEC+F/ybL7Z7Dj0DT77f9zMs5nyb/uGHzYAypFft5qOsrlJxrpRPzlico9
2NwC+CGaGGLIcMDd0DW86UTrxG7/nFBOwATE2d9uCFvtqBE/FaeQkD3p1B/78zvG
VPKbH8bVH8VZKiHAs3Zf73s45GO+Y3wzPs3ZKKj3g7wePu6ywKyU/ZCDOYWn/cUN
4bAC+1KEgUgoDf3S15fDRfDmjyUsceW2whEI/SgIf4i3j44lJuNR6gQmH3GklnYC
axf5WklHCRlshArS0R+MZYpiuDFsdTrkmZG/PxYs4TomjNt7srISHSFZUPIA/H+R
f1/Eu7RSYgZrP+pM9Od9DHhKYeDTQiC1e9WGQhkRd4+OG/6JordT1YnkjsCoxXtY
QczH4ZVyfHsg60Xj803Gl7M8kIDK1L/PqV5Vcgs8l2MbiLnkZYDi0hri9dvoWSDV
nRXb1KtIFuRV3YHp3RpwU5cQs+BeoCDfJiXSk1DZxG/4z7lXHRM=
=+a7p
-----END PGP SIGNATURE-----


Reply to: