Apr-util, the Apache Portable Runtime Utility library, is used by
Apache 2.x, Subversion, and other applications. Two denial of service
vulnerabilities have been found in apr-util:
Other exploit paths in other applications using apr-util may exist.
If you use Apache, or if you use svnserve in standalone mode, you need
to restart the services after you upgraded the libaprutil1 package.
The oldstable distribution (etch), these problems have been fixed in
version 1.2.7+dfsg-2+etch2.
For the stable distribution (lenny), these problems have been fixed in
version 1.2.12+dfsg-8+lenny2.
For the testing distribution (squeeze) and the unstable distribution
(sid), these problems will be fixed soon.
We recommend that you upgrade your apr-util packages.