Updated apr-util packages fix security vulnerability
Publication date: 26 Nov 2017Modification date: 26 Nov 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-12618
Description
Apache Portable Runtime Utility (APR-util) 1.6.0 and prior fail to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can make a program or process using these functions crash, and cause a denial of service (CVE-2017-12618).
References
SRPMS
5/core
- apr-util-1.5.4-5.mga5
6/core
- apr-util-1.5.4-8.mga6