Advisories ยป MGASA-2017-0427

Updated apr-util packages fix security vulnerability

Publication date: 26 Nov 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-12618

Description

Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to
validate the integrity of SDBM database files used by apr_sdbm*()
functions, resulting in a possible out of bound read access. A local
user with write access to the database can make a program or process
using these functions crash, and cause a denial of service
(CVE-2017-12618).
                

References

SRPMS

5/core

6/core