The Apache Portable Runtime (APR) is a portability library used by the
Apache HTTP Server and other projects. apr-util is a library which provides
additional utility interfaces for APR; including support for XML parsing,
LDAP, database interfaces, URI parsing, and more.
It was found that certain input could cause the apr-util library to
allocate more memory than intended in the apr_brigade_split_line()
function. An attacker able to provide input in small chunks to an
application using the apr-util library (such as httpd) could possibly use
this flaw to trigger high memory consumption. (CVE-2010-1623)
All apr-util users should upgrade to these updated packages, which contain
a backported patch to correct this issue. Applications using the apr-util
library, such as httpd, must be restarted for this update to take effect.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | x86_64 | apr-util-sqlite | < 1.3.9-3.el6_0.1 | apr-util-sqlite-1.3.9-3.el6_0.1.x86_64.rpm |
RedHat | 5 | s390x | apr-util-devel | < 1.2.7-11.el5_5.2 | apr-util-devel-1.2.7-11.el5_5.2.s390x.rpm |
RedHat | 5 | s390x | apr-util-docs | < 1.2.7-11.el5_5.2 | apr-util-docs-1.2.7-11.el5_5.2.s390x.rpm |
RedHat | 4 | i386 | apr-util | < 0.9.4-22.el4_8.3 | apr-util-0.9.4-22.el4_8.3.i386.rpm |
RedHat | 6 | src | apr-util | < 1.3.9-3.el6_0.1 | apr-util-1.3.9-3.el6_0.1.src.rpm |
RedHat | 5 | i386 | apr-util-mysql | < 1.2.7-11.el5_5.2 | apr-util-mysql-1.2.7-11.el5_5.2.i386.rpm |
RedHat | 5 | ppc64 | apr-util | < 1.2.7-11.el5_5.2 | apr-util-1.2.7-11.el5_5.2.ppc64.rpm |
RedHat | 6 | i686 | apr-util-mysql | < 1.3.9-3.el6_0.1 | apr-util-mysql-1.3.9-3.el6_0.1.i686.rpm |
RedHat | 4 | s390x | apr-util-devel | < 0.9.4-22.el4_8.3 | apr-util-devel-0.9.4-22.el4_8.3.s390x.rpm |
RedHat | 6 | ppc64 | apr-util-debuginfo | < 1.3.9-3.el6_0.1 | apr-util-debuginfo-1.3.9-3.el6_0.1.ppc64.rpm |