Описание
ELSA-2011-0507: apr security update (MODERATE)
[1.3.9-3.1]
- add fix for CVE-2011-0419 (#703520)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
apr
1.2.7-11.el5_6.4
apr-devel
1.2.7-11.el5_6.4
apr-docs
1.2.7-11.el5_6.4
Oracle Linux x86_64
apr
1.2.7-11.el5_6.4
apr-devel
1.2.7-11.el5_6.4
apr-docs
1.2.7-11.el5_6.4
Oracle Linux i386
apr
1.2.7-11.el5_6.4
apr-devel
1.2.7-11.el5_6.4
apr-docs
1.2.7-11.el5_6.4
Oracle Linux 6
Oracle Linux x86_64
apr
1.3.9-3.el6_0.1
apr-devel
1.3.9-3.el6_0.1
Oracle Linux i686
apr
1.3.9-3.el6_0.1
apr-devel
1.3.9-3.el6_0.1
Связанные CVE
Связанные уязвимости
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.
Stack consumption vulnerability in the fnmatch implementation in apr_f ...
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows context-dependent attackers to cause a denial of service (CPU and memory consumption) via *? sequences in the first argument, as demonstrated by attacks against mod_autoindex in httpd.