apr-util-1.2.7-7AXS3.2
エラータID: AXSA:2009-373:02
リリース日:
2009/08/19 Wednesday - 12:35
題名:
apr-util-1.2.7-7AXS3.2
影響のあるチャネル:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- APR ライブラリと APR-util ライブラリには複数の整数オーバーフローの問題が存在し、リモートの攻撃者がサービス拒否 (アプリケーションのクラッシュ) あるいは任意のコードを実行する可能性のある脆弱性が存在します。(CVE-2009-2412)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
本パッケージと apr-1.2.7-11AXS3.1 を併せてアップデートしてください。
CVE:
CVE-2009-2412
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.
Multiple integer overflows in the Apache Portable Runtime (APR) library and the Apache Portable Utility library (aka APR-util) 0.9.x and 1.3.x allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger crafted calls to the (1) allocator_alloc or (2) apr_palloc function in memory/unix/apr_pools.c in APR; or crafted calls to the (3) apr_rmm_malloc, (4) apr_rmm_calloc, or (5) apr_rmm_realloc function in misc/apr_rmm.c in APR-util; leading to buffer overflows. NOTE: some of these details are obtained from third party information.
追加情報:
N/A
ダウンロード:
SRPMS
- apr-util-1.2.7-7AXS3.2.src.rpm
MD5: a94e8b65c0a07349308acc1a1fe49141
SHA-256: a184e30318d8c27c04a8394bb22f0d680c0e4d2c902aa0fb8bc01be9d66684c7
Size: 638.66 kB
Asianux Server 3 for x86
- apr-util-1.2.7-7AXS3.2.i386.rpm
MD5: 804f88924d6f4ee0092c6fc8471947cf
SHA-256: 0b5a850304822033ce071745ea351ebe9e58b6ca74ac1dc96348af02dad33a2b
Size: 76.21 kB - apr-util-devel-1.2.7-7AXS3.2.i386.rpm
MD5: b43280fa1baa8306d328f3cd7923d74e
SHA-256: db0e499a342d91390c68a58edd92fb181491e1c338efabcbcfbf39e60174aa7b
Size: 53.77 kB
Asianux Server 3 for x86_64
- apr-util-1.2.7-7AXS3.2.x86_64.rpm
MD5: 1545dfbee08124293f1aa0fd1e44b21c
SHA-256: 4c4c5d694a922993d0aa7859cf80c3f069ab9941c305e94f86719cba84603e06
Size: 74.35 kB - apr-util-devel-1.2.7-7AXS3.2.x86_64.rpm
MD5: 7f5456a91307f7237ea135a31fbf90a1
SHA-256: e03f986128cecf1234cf180e1d4ea7dcf8696c18d29e27af099e0742f1b1210f
Size: 53.75 kB