---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-308
2004-09-16
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : apr-util
Version     : 0.9.4
Release     : 14.2
Summary     : Apache Portable Runtime Utility library
Description :
The mission of the Apache Portable Runtime (APR) is to provide a
free library of C data structures and routines.  This library
contains additional utility interfaces for APR; including support
for XML, LDAP, database interfaces, URI parsing and more.

---------------------------------------------------------------------
Update Information:

Testing using the Codenomicon HTTP Test Tool performed by the Apache
Software Foundation security group and Red Hat uncovered an input
validation issue in the IPv6 URI parsing routines in the apr-util
library.  If a remote attacker sent a request including a carefully
crafted URI, an httpd child process could be made to crash.  The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0786 to this issue.

This update includes a backported fix for this issue.

---------------------------------------------------------------------
* Tue Sep 14 2004 Joe Orton <jorton@redhat.com> 0.9.4-14.2

- add security fix for CAN-2004-0786

---------------------------------------------------------------------
This update can be downloaded from:
    

707beabca3584d07dbcd3614b80093cb  SRPMS/apr-util-0.9.4-14.2.src.rpm
902896dacdd450d100949c5a5af98f93  x86_64/apr-util-0.9.4-14.2.x86_64.rpm
58781e97602be02bb0b37d7039aaed78  x86_64/apr-util-devel-0.9.4-14.2.x86_64.rpm
02ef6a9f2c5651c7db6cd33432b86058  x86_64/debug/apr-util-debuginfo-0.9.4-14.2.x86_64.rpm
70b1159aff827af2930b5488064c4a00  i386/apr-util-0.9.4-14.2.i386.rpm
f602170d5cf714238b2a91f4ce4ae052  i386/apr-util-devel-0.9.4-14.2.i386.rpm
d9b03f13abf22c32ac291da2ce2a5a10  i386/debug/apr-util-debuginfo-0.9.4-14.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------


--
fedora-announce-list mailing list
fedora-announce-list@redhat.com 
fedora-announce-list Info Page

Fedora: Apache Portable Runtime Utility library Fedora Core 2 Update: apr-util-0.9.4-14.2

September 16, 2004
Testing using the Codenomicon HTTP Test Tool performed by the ApacheSoftware Foundation security group and Red Hat uncovered an inputvalidation issue in the IPv6 URI parsing routin...

Summary

The mission of the Apache Portable Runtime (APR) is to provide a

free library of C data structures and routines. This library

contains additional utility interfaces for APR; including support

for XML, LDAP, database interfaces, URI parsing and more.

Update Information:

Testing using the Codenomicon HTTP Test Tool performed by the Apache Software Foundation security group and Red Hat uncovered an input validation issue in the IPv6 URI parsing routines in the apr-util library. If a remote attacker sent a request including a carefully crafted URI, an httpd child process could be made to crash. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2004-0786 to this issue.

This update includes a backported fix for this issue.

* Tue Sep 14 2004 Joe Orton <jorton@redhat.com> 0.9.4-14.2

- add security fix for CAN-2004-0786

This update can be downloaded from:


707beabca3584d07dbcd3614b80093cb SRPMS/apr-util-0.9.4-14.2.src.rpm 902896dacdd450d100949c5a5af98f93 x86_64/apr-util-0.9.4-14.2.x86_64.rpm 58781e97602be02bb0b37d7039aaed78 x86_64/apr-util-devel-0.9.4-14.2.x86_64.rpm 02ef6a9f2c5651c7db6cd33432b86058 x86_64/debug/apr-util-debuginfo-0.9.4-14.2.x86_64.rpm 70b1159aff827af2930b5488064c4a00 i386/apr-util-0.9.4-14.2.i386.rpm f602170d5cf714238b2a91f4ce4ae052 i386/apr-util-devel-0.9.4-14.2.i386.rpm d9b03f13abf22c32ac291da2ce2a5a10 i386/debug/apr-util-debuginfo-0.9.4-14.2.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.


-- fedora-announce-list mailing list fedora-announce-list@redhat.com fedora-announce-list Info Page

Change Log

References

Fedora Update Notification FEDORA-2004-308 2004-09-16 Product : Fedora Core 2 Name : apr-util Version : 0.9.4 Release : 14.2 Summary : Apache Portable Runtime Utility library Description : The mission of the Apache Portable Runtime (APR) is to provide a free library of C data structures and routines. This library contains additional utility interfaces for APR; including support for XML, LDAP, database interfaces, URI parsing and more.

Update Instructions

Severity
Product : Fedora Core 2
Name : apr-util
Version : 0.9.4
Release : 14.2
Summary : Apache Portable Runtime Utility library

Related News

Google Releases Chrome 130 with Critical Security Fixes for 17 Flaws
3 - 5 min read
Google recently unveiled Chrome 130 , an update that addresses several security vulnerabilities to ensure the web browser's safety and reliability.
U.S. Investigation into China-Backed Telecom Companies Hack: The Role & Risks of Encryption Backdoors
3 - 5 min read
U.S. authorities are on high alert as they investigate an alleged Chinese state-sponsored hack targeting major U.S. telecommunications companies.
FASTCash Linux Malware: A New Cybercrime Menace Targeting Payment Switch Systems
3 - 5 min read
As malware threats evolve to increasingly target Linux systems, admins and organizations must stay up-to-date on the latest Linux malware variants
Optimizing CWPP on Linux Servers: Best Practices and Configurations
3 - 6 min read
Cloud Workload Protection Platforms are now essential for securing virtual environments. These provide a robust security layer vital for addressing
The Infiltration of Supply Chain Attacks in Open-Source Software Management
3 - 6 min read
Open-source projects are renowned for their collaborative nature and widespread adoption, yet more sophisticated supply chain attacks target them
Strengthen Your Linux Software Development Pipeline with Code Security Scanners
3 - 6 min read
Developers recognize the critical nature of protecting software systems as cyberattacks grow more sophisticated, thus necessitating robust security
Everything You Need to Know About Cloud Security Posture Management
3 - 5 min read
Many companies are transitioning from physical servers to cloud operations, but this transformation brings new challenges. Cloud Security Posture
Understanding the Critical Oath-Toolkit Vulnerability and Its Implications for Admins
3 - 5 min read
As Linux security threats advance and evolve, vulnerabilities often surface unexpectedly, exposing systems to potential exploitation. SUSE

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved