Advisories » MGASA-2023-0045

Updated apr-util packages fix security vulnerability

Publication date: 14 Feb 2023
Modification date: 14 Feb 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-25147

Description

Integer Overflow or Wraparound vulnerability in apr_base64 functions of
Apache Portable Runtime Utility (APR-util) allows an attacker to write
beyond bounds of a buffer. (CVE-2022-25147)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=31486
• https://www.openwall.com/lists/oss-security/2023/01/31/4
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25147

SRPMS

8/core

• apr-util-1.6.3-1.mga8