[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ MDVSA-2010:192 ] apr-util
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: [ MDVSA-2010:192 ] apr-util
- From: security@xxxxxxxxxxxx
- Date: Sat, 02 Oct 2010 22:50:00 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2010:192
http://www.mandriva.com/security/
_______________________________________________________________________
Package : apr-util
Date : October 2, 2010
Affected: 2008.0, 2009.0, 2009.1, 2010.0, 2010.1, Corporate 4.0,
Enterprise Server 5.0
_______________________________________________________________________
Problem Description:
A denial of service attack against apr_brigade_split_line() was
discovered in apr-util (CVE-2010-1623).
Packages for 2008.0 and 2009.0 are provided as of the Extended
Maintenance Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct this issue.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1623
http://svn.apache.org/viewvc?view=revision&revision=1003494
_______________________________________________________________________
Updated Packages:
Mandriva Linux 2008.0:
0f0a7a89ae55aadde220ec2addb62ecb
2008.0/i586/apr-util-dbd-mysql-1.2.10-1.2mdv2008.0.i586.rpm
95338fe510f971933c3c8073727ce618
2008.0/i586/apr-util-dbd-pgsql-1.2.10-1.2mdv2008.0.i586.rpm
3b116b31712e8cb25843e5a5fe82bcfc
2008.0/i586/apr-util-dbd-sqlite3-1.2.10-1.2mdv2008.0.i586.rpm
37703fb6b512baf59b795530a34e2db0
2008.0/i586/libapr-util1-1.2.10-1.2mdv2008.0.i586.rpm
0c6d489de4654e52abcac77bf2525497
2008.0/i586/libapr-util-devel-1.2.10-1.2mdv2008.0.i586.rpm
31f565a4c7e40d22de0d19f6fe27947f
2008.0/SRPMS/apr-util-1.2.10-1.2mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64:
14b4f0ee8d6aa175fa9e31ea2e636644
2008.0/x86_64/apr-util-dbd-mysql-1.2.10-1.2mdv2008.0.x86_64.rpm
340d47ec560aa3c3c46c26ce4ccf7b80
2008.0/x86_64/apr-util-dbd-pgsql-1.2.10-1.2mdv2008.0.x86_64.rpm
e5cb7c43589ac3e3cef57c32ed4b48f0
2008.0/x86_64/apr-util-dbd-sqlite3-1.2.10-1.2mdv2008.0.x86_64.rpm
c049cdabacbbafb05fd775f8c8a4c4f0
2008.0/x86_64/lib64apr-util1-1.2.10-1.2mdv2008.0.x86_64.rpm
fca193ff0018c87be501b7f1cc17f4a0
2008.0/x86_64/lib64apr-util-devel-1.2.10-1.2mdv2008.0.x86_64.rpm
31f565a4c7e40d22de0d19f6fe27947f
2008.0/SRPMS/apr-util-1.2.10-1.2mdv2008.0.src.rpm
Mandriva Linux 2009.0:
0f656cdddd156450885327bc1ebe8a3d
2009.0/i586/apr-util-dbd-freetds-1.3.4-2.4mdv2009.0.i586.rpm
0b27531d8603ef0046d1ecbd52bd066b
2009.0/i586/apr-util-dbd-ldap-1.3.4-2.4mdv2009.0.i586.rpm
b953deb329e282e9581e7e313c07ed76
2009.0/i586/apr-util-dbd-mysql-1.3.4-2.4mdv2009.0.i586.rpm
447213e5c8f79056ea4feb876100dd8a
2009.0/i586/apr-util-dbd-odbc-1.3.4-2.4mdv2009.0.i586.rpm
859195910511e75007717a8215a2867d
2009.0/i586/apr-util-dbd-pgsql-1.3.4-2.4mdv2009.0.i586.rpm
a30f411ba441c03f211897409056cfec
2009.0/i586/apr-util-dbd-sqlite3-1.3.4-2.4mdv2009.0.i586.rpm
bc7042e923c2417424916b4af22cc011
2009.0/i586/libapr-util1-1.3.4-2.4mdv2009.0.i586.rpm
cce9d4fa39e9ea354e40dbbab9bf8556
2009.0/i586/libapr-util-devel-1.3.4-2.4mdv2009.0.i586.rpm
3aff05faba17156c0c2891c840994afb
2009.0/SRPMS/apr-util-1.3.4-2.4mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64:
b5584a5d68829432416dd72637614313
2009.0/x86_64/apr-util-dbd-freetds-1.3.4-2.4mdv2009.0.x86_64.rpm
7512a01982585a0c13a1900d0fb5cfd0
2009.0/x86_64/apr-util-dbd-ldap-1.3.4-2.4mdv2009.0.x86_64.rpm
ce1b43cee0adea7473e35dd7bb7a8a80
2009.0/x86_64/apr-util-dbd-mysql-1.3.4-2.4mdv2009.0.x86_64.rpm
c669db3ca0188ff08e6d960d7caecfa6
2009.0/x86_64/apr-util-dbd-odbc-1.3.4-2.4mdv2009.0.x86_64.rpm
2dbd14c6c46263100ceb452fff4a4703
2009.0/x86_64/apr-util-dbd-pgsql-1.3.4-2.4mdv2009.0.x86_64.rpm
2b054ec7c879389f507f99d41a1fa55b
2009.0/x86_64/apr-util-dbd-sqlite3-1.3.4-2.4mdv2009.0.x86_64.rpm
2824b2b491da4991aecef5fd9b7fa68e
2009.0/x86_64/lib64apr-util1-1.3.4-2.4mdv2009.0.x86_64.rpm
776f7bd8add07ed6c441a4c79c693bcf
2009.0/x86_64/lib64apr-util-devel-1.3.4-2.4mdv2009.0.x86_64.rpm
3aff05faba17156c0c2891c840994afb
2009.0/SRPMS/apr-util-1.3.4-2.4mdv2009.0.src.rpm
Mandriva Linux 2009.1:
001d390f4321be10b4939425b44dec6c
2009.1/i586/apr-util-dbd-freetds-1.3.4-9.3mdv2009.1.i586.rpm
6e0a9f8d9ce14618ab4f50100af1facf
2009.1/i586/apr-util-dbd-ldap-1.3.4-9.3mdv2009.1.i586.rpm
9360685a7758c51c691b800ec3426a40
2009.1/i586/apr-util-dbd-mysql-1.3.4-9.3mdv2009.1.i586.rpm
c81ae900616ce0d7c94f455347e7d6c4
2009.1/i586/apr-util-dbd-odbc-1.3.4-9.3mdv2009.1.i586.rpm
e891e8f91ce6b5a97b75747978051f65
2009.1/i586/apr-util-dbd-pgsql-1.3.4-9.3mdv2009.1.i586.rpm
743e80845e68b75df6c73f1fe6c9894f
2009.1/i586/apr-util-dbd-sqlite3-1.3.4-9.3mdv2009.1.i586.rpm
fce72f37686e7a70cb98d76f471fd2cd
2009.1/i586/libapr-util1-1.3.4-9.3mdv2009.1.i586.rpm
4a610df132d46c8599bab182dd61665c
2009.1/i586/libapr-util-devel-1.3.4-9.3mdv2009.1.i586.rpm
5d4de61925e94c72108f3c26fdd36bd3
2009.1/SRPMS/apr-util-1.3.4-9.3mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64:
119da8132add44a7541ad668b28ce4d8
2009.1/x86_64/apr-util-dbd-freetds-1.3.4-9.3mdv2009.1.x86_64.rpm
422cb11ac2c100b11dd2897668816567
2009.1/x86_64/apr-util-dbd-ldap-1.3.4-9.3mdv2009.1.x86_64.rpm
ec451e6c20a3a3c0f3c7e9f5e9aa502e
2009.1/x86_64/apr-util-dbd-mysql-1.3.4-9.3mdv2009.1.x86_64.rpm
fc72b14950c52fd5a7056995d259bfc2
2009.1/x86_64/apr-util-dbd-odbc-1.3.4-9.3mdv2009.1.x86_64.rpm
278986ccd687de4b2c08337364dd497d
2009.1/x86_64/apr-util-dbd-pgsql-1.3.4-9.3mdv2009.1.x86_64.rpm
b57deb5f7f6e4610241e065e17b06c1d
2009.1/x86_64/apr-util-dbd-sqlite3-1.3.4-9.3mdv2009.1.x86_64.rpm
b714a6dcb61dd9dc89042c198f34af21
2009.1/x86_64/lib64apr-util1-1.3.4-9.3mdv2009.1.x86_64.rpm
01b9bf2eeb3a78ce738ac791a3089f03
2009.1/x86_64/lib64apr-util-devel-1.3.4-9.3mdv2009.1.x86_64.rpm
5d4de61925e94c72108f3c26fdd36bd3
2009.1/SRPMS/apr-util-1.3.4-9.3mdv2009.1.src.rpm
Mandriva Linux 2010.0:
7104f899bcc0d33436a8c916d469950f
2010.0/i586/apr-util-dbd-freetds-1.3.9-1.1mdv2010.0.i586.rpm
cbfba9e9fe72e3534b8a80d3609ddc4c
2010.0/i586/apr-util-dbd-ldap-1.3.9-1.1mdv2010.0.i586.rpm
eefc82df01c75c8dd213a565dc1ca07e
2010.0/i586/apr-util-dbd-mysql-1.3.9-1.1mdv2010.0.i586.rpm
7683f369d6978a0655cec399218fac7c
2010.0/i586/apr-util-dbd-odbc-1.3.9-1.1mdv2010.0.i586.rpm
35c21ae63429aae906c61b1075cb87b5
2010.0/i586/apr-util-dbd-pgsql-1.3.9-1.1mdv2010.0.i586.rpm
124086ec608347efd1a3d21fcb05a2a9
2010.0/i586/apr-util-dbd-sqlite3-1.3.9-1.1mdv2010.0.i586.rpm
2ed8516ac72d308629bc66614a067640
2010.0/i586/apr-util-dbm-db-1.3.9-1.1mdv2010.0.i586.rpm
ce89f9af479706258a09ca920570a23b
2010.0/i586/libapr-util1-1.3.9-1.1mdv2010.0.i586.rpm
6ce488984efbeffa3ee59d13b8a163ee
2010.0/i586/libapr-util-devel-1.3.9-1.1mdv2010.0.i586.rpm
4d89f78015a68e376ffb468d9a1e5a3b
2010.0/SRPMS/apr-util-1.3.9-1.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64:
6ef2f004c07e8c85750eaba0249c17dc
2010.0/x86_64/apr-util-dbd-freetds-1.3.9-1.1mdv2010.0.x86_64.rpm
78efec7bd1638218c39fb77f6461699c
2010.0/x86_64/apr-util-dbd-ldap-1.3.9-1.1mdv2010.0.x86_64.rpm
4a9af9f05c7ae8fdcc33e2a234132386
2010.0/x86_64/apr-util-dbd-mysql-1.3.9-1.1mdv2010.0.x86_64.rpm
5000249ae003a1c960c82ee956708525
2010.0/x86_64/apr-util-dbd-odbc-1.3.9-1.1mdv2010.0.x86_64.rpm
a94630ddf4a6ddac834a10fb2adcf7f4
2010.0/x86_64/apr-util-dbd-pgsql-1.3.9-1.1mdv2010.0.x86_64.rpm
9beb8d95b2255c339f04e1375274d671
2010.0/x86_64/apr-util-dbd-sqlite3-1.3.9-1.1mdv2010.0.x86_64.rpm
921a170766b859c3e03f571c716fb8d8
2010.0/x86_64/apr-util-dbm-db-1.3.9-1.1mdv2010.0.x86_64.rpm
8431b937315bcb9ae31186c304fc7728
2010.0/x86_64/lib64apr-util1-1.3.9-1.1mdv2010.0.x86_64.rpm
68766b794688d7778689559bbf561440
2010.0/x86_64/lib64apr-util-devel-1.3.9-1.1mdv2010.0.x86_64.rpm
4d89f78015a68e376ffb468d9a1e5a3b
2010.0/SRPMS/apr-util-1.3.9-1.1mdv2010.0.src.rpm
Mandriva Linux 2010.1:
c1f6da21eceff9f12ce9e5fdbc139e2c
2010.1/i586/apr-util-dbd-freetds-1.3.9-3.1mdv2010.1.i586.rpm
02448a005cab83d33dc1caa5acb09354
2010.1/i586/apr-util-dbd-ldap-1.3.9-3.1mdv2010.1.i586.rpm
ac43c4ba22c1bb989b8472099acc72bc
2010.1/i586/apr-util-dbd-mysql-1.3.9-3.1mdv2010.1.i586.rpm
43357c5c03ba2087262f89c18345c0ce
2010.1/i586/apr-util-dbd-odbc-1.3.9-3.1mdv2010.1.i586.rpm
e9446e8917d7534c5b9e8940244ea67a
2010.1/i586/apr-util-dbd-pgsql-1.3.9-3.1mdv2010.1.i586.rpm
e4b9edb06489f316c72932d3a995a4bb
2010.1/i586/apr-util-dbd-sqlite3-1.3.9-3.1mdv2010.1.i586.rpm
1a55fe7dc1a04f59af8ea2e71faa97de
2010.1/i586/apr-util-dbm-db-1.3.9-3.1mdv2010.1.i586.rpm
eba84956ada0732d44d90d77a611bfc4
2010.1/i586/libapr-util1-1.3.9-3.1mdv2010.1.i586.rpm
3b00ce82ba97bf93b705e60a9d4357cf
2010.1/i586/libapr-util-devel-1.3.9-3.1mdv2010.1.i586.rpm
dd5ef7f688dead375e68317c0fed321e
2010.1/SRPMS/apr-util-1.3.9-3.1mdv2010.1.src.rpm
Mandriva Linux 2010.1/X86_64:
04b62364aa944ce3e0a7c1b538ef1946
2010.1/x86_64/apr-util-dbd-freetds-1.3.9-3.1mdv2010.1.x86_64.rpm
a8ae3d5f09428067ca0e10bb24e7c20b
2010.1/x86_64/apr-util-dbd-ldap-1.3.9-3.1mdv2010.1.x86_64.rpm
b16193bf6bdc2a4de1c09b09c4fc22e4
2010.1/x86_64/apr-util-dbd-mysql-1.3.9-3.1mdv2010.1.x86_64.rpm
6762861af1375dfea380a617cc87442d
2010.1/x86_64/apr-util-dbd-odbc-1.3.9-3.1mdv2010.1.x86_64.rpm
b39be4553beb8d25cb2d08483c2dcabe
2010.1/x86_64/apr-util-dbd-pgsql-1.3.9-3.1mdv2010.1.x86_64.rpm
f91c0e9e31da23c9aa178dd2fcddebb9
2010.1/x86_64/apr-util-dbd-sqlite3-1.3.9-3.1mdv2010.1.x86_64.rpm
caab16e8c0b8b90cfd78fb0ac14d0e97
2010.1/x86_64/apr-util-dbm-db-1.3.9-3.1mdv2010.1.x86_64.rpm
455cacb44b17d813b7c9f7cb1d161b65
2010.1/x86_64/lib64apr-util1-1.3.9-3.1mdv2010.1.x86_64.rpm
172c3e83a4bad8b5819d46cb90076fea
2010.1/x86_64/lib64apr-util-devel-1.3.9-3.1mdv2010.1.x86_64.rpm
dd5ef7f688dead375e68317c0fed321e
2010.1/SRPMS/apr-util-1.3.9-3.1mdv2010.1.src.rpm
Corporate 4.0:
37c7afc1d2b2d7d5dd2a946982ef738a
corporate/4.0/i586/apr-util-dbd-mysql-1.2.7-6.3.20060mlcs4.i586.rpm
b3d072af8d55034a4438fcf39758045a
corporate/4.0/i586/apr-util-dbd-pgsql-1.2.7-6.3.20060mlcs4.i586.rpm
acded08fd4d734ec0af5553356509dbb
corporate/4.0/i586/apr-util-dbd-sqlite3-1.2.7-6.3.20060mlcs4.i586.rpm
36f03264536ce6751ded2c5c57b9844b
corporate/4.0/i586/libapr-util1-1.2.7-6.3.20060mlcs4.i586.rpm
ea63f8860d6dcfb945a6dfb7165d44f6
corporate/4.0/i586/libapr-util1-devel-1.2.7-6.3.20060mlcs4.i586.rpm
d92771b20285bc9a35950bdef2b72b2a
corporate/4.0/SRPMS/apr-util-1.2.7-6.3.20060mlcs4.src.rpm
Corporate 4.0/X86_64:
76bf5cc4c9b7faeb65bb556e0cc59fc2
corporate/4.0/x86_64/apr-util-dbd-mysql-1.2.7-6.3.20060mlcs4.x86_64.rpm
f271acf4919d8bd17955edf6a8e9aeaa
corporate/4.0/x86_64/apr-util-dbd-pgsql-1.2.7-6.3.20060mlcs4.x86_64.rpm
e7292a6383fc575c8233ee39fbfa043f
corporate/4.0/x86_64/apr-util-dbd-sqlite3-1.2.7-6.3.20060mlcs4.x86_64.rpm
df2bb4a6432f2c12507569696a71104d
corporate/4.0/x86_64/lib64apr-util1-1.2.7-6.3.20060mlcs4.x86_64.rpm
205e677a87b282e8a85ef3116ebce4ed
corporate/4.0/x86_64/lib64apr-util1-devel-1.2.7-6.3.20060mlcs4.x86_64.rpm
d92771b20285bc9a35950bdef2b72b2a
corporate/4.0/SRPMS/apr-util-1.2.7-6.3.20060mlcs4.src.rpm
Mandriva Enterprise Server 5:
99959b762a9e8c29e7a7a8041aaa73e6
mes5/i586/apr-util-dbd-freetds-1.3.4-2.4mdvmes5.1.i586.rpm
5e2d4d7cce62ba53d020389423f1b2af
mes5/i586/apr-util-dbd-ldap-1.3.4-2.4mdvmes5.1.i586.rpm
0415313632f4df4518b024703f1b3915
mes5/i586/apr-util-dbd-mysql-1.3.4-2.4mdvmes5.1.i586.rpm
64f80ec4486143424fd313c06a4c9d48
mes5/i586/apr-util-dbd-odbc-1.3.4-2.4mdvmes5.1.i586.rpm
a87a16a3d1879576b30fa32bc3a87b3a
mes5/i586/apr-util-dbd-pgsql-1.3.4-2.4mdvmes5.1.i586.rpm
e0c797c2d43cea44b10e42def4ab2257
mes5/i586/apr-util-dbd-sqlite3-1.3.4-2.4mdvmes5.1.i586.rpm
abad5a5f2f5a82616a189cbdb01d27dc
mes5/i586/libapr-util1-1.3.4-2.4mdvmes5.1.i586.rpm
13b3f835de86c79c07275eccdcd8f19e
mes5/i586/libapr-util-devel-1.3.4-2.4mdvmes5.1.i586.rpm
a7b8f4cbbbce29d309628ba9b43ba647
mes5/SRPMS/apr-util-1.3.4-2.4mdvmes5.1.src.rpm
Mandriva Enterprise Server 5/X86_64:
20c75ba7bf7f2886ad994e94c1e1a688
mes5/x86_64/apr-util-dbd-freetds-1.3.4-2.4mdvmes5.1.x86_64.rpm
e41e3b30ce6dee38ab658dff6a785fa6
mes5/x86_64/apr-util-dbd-ldap-1.3.4-2.4mdvmes5.1.x86_64.rpm
0e8608ef763527c8bc1242bbcc061da8
mes5/x86_64/apr-util-dbd-mysql-1.3.4-2.4mdvmes5.1.x86_64.rpm
31a7b8fe04018448a0bb40641d7b1da8
mes5/x86_64/apr-util-dbd-odbc-1.3.4-2.4mdvmes5.1.x86_64.rpm
e8379a5953bee84c8a4ccf5e56eeb3a5
mes5/x86_64/apr-util-dbd-pgsql-1.3.4-2.4mdvmes5.1.x86_64.rpm
3996de5f56896841e445a6cc56d3ab61
mes5/x86_64/apr-util-dbd-sqlite3-1.3.4-2.4mdvmes5.1.x86_64.rpm
6399751a3c9ab86ccd1c60043ced4de2
mes5/x86_64/lib64apr-util1-1.3.4-2.4mdvmes5.1.x86_64.rpm
91e6585e482c43542c4fb08512f171b6
mes5/x86_64/lib64apr-util-devel-1.3.4-2.4mdvmes5.1.x86_64.rpm
a7b8f4cbbbce29d309628ba9b43ba647
mes5/SRPMS/apr-util-1.3.4-2.4mdvmes5.1.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
_______________________________________________________________________
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFMp2gfmqjQ0CJFipgRAt4MAKDyY5474rouxr68uwdAJFM5ccGCWQCgluf4
+3Ue46VyQAyCWIdyaxpp9no=
=hI/k
-----END PGP SIGNATURE-----