Advisories » MGASA-2023-0063

Updated apr packages fix security vulnerability

Publication date: 27 Feb 2023
Modification date: 27 Feb 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-24963

Description

Integer Overflow or Wraparound vulnerability in apr_encode functions of
Apache Portable Runtime (APR) allows an attacker to write beyond bounds
of a buffer. (CVE-2022-24963)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=31485
• https://www.openwall.com/lists/oss-security/2023/01/31/3
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24963

SRPMS

8/core

• apr-1.7.2-1.mga8