FAQ   Search   Memberlist  
Profile    Log in to check your private messages    Register    Log in
Update apr-util: 10k & 20k

 
Post new topic   Reply to topic    BLAG Forum Index -> announcements
View previous topic :: View next topic  
Author Message
jebba
PostPosted: Fri Sep 17, 2004 6:44 am    Post subject: Update apr-util: 10k & 20k Reply with quote

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-308
2004-09-16
---------------------------------------------------------------------

Product : Fedora Core 2
Name : apr-util
Version : 0.9.4
Release : 14.2
Summary : Apache Portable Runtime Utility library
Description :
The mission of the Apache Portable Runtime (APR) is to provide a
free library of C data structures and routines. This library
contains additional utility interfaces for APR; including support
for XML, LDAP, database interfaces, URI parsing and more.

---------------------------------------------------------------------
Update Information:

Testing using the Codenomicon HTTP Test Tool performed by the Apache
Software Foundation security group and Red Hat uncovered an input
validation issue in the IPv6 URI parsing routines in the apr-util
library. If a remote attacker sent a request including a carefully
crafted URI, an httpd child process could be made to crash. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0786 to this issue.

This update includes a backported fix for this issue.

---------------------------------------------------------------------
* Tue Sep 14 2004 Joe Orton <jorton@redhat.com> 0.9.4-14.2

- add security fix for CAN-2004-0786

---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

707beabca3584d07dbcd3614b80093cb SRPMS/apr-util-0.9.4-14.2.src.rpm
902896dacdd450d100949c5a5af98f93 x86_64/apr-util-0.9.4-14.2.x86_64.rpm
58781e97602be02bb0b37d7039aaed78 x86_64/apr-util-devel-0.9.4-14.2.x86_64.rpm
02ef6a9f2c5651c7db6cd33432b86058 x86_64/debug/apr-util-debuginfo-0.9.4-14.2.x86_64.rpm
70b1159aff827af2930b5488064c4a00 i386/apr-util-0.9.4-14.2.i386.rpm
f602170d5cf714238b2a91f4ce4ae052 i386/apr-util-devel-0.9.4-14.2.i386.rpm
d9b03f13abf22c32ac291da2ce2a5a10 i386/debug/apr-util-debuginfo-0.9.4-14.2.i386.rpm


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-307
2004-09-16
---------------------------------------------------------------------

Product : Fedora Core 1
Name : apr-util
Version : 0.9.4
Release : 2.1
Summary : Apache Portable Runtime Utility library
Description :
The mission of the Apache Portable Runtime (APR) is to provide a
free library of C data structures and routines. This library
contains additional utility interfaces for APR; including support
for XML, LDAP, database interfaces, URI parsing and more.

---------------------------------------------------------------------
Update Information:

Testing using the Codenomicon HTTP Test Tool performed by the Apache
Software Foundation security group and Red Hat uncovered an input
validation issue in the IPv6 URI parsing routines in the apr-util
library. If a remote attacker sent a request including a carefully
crafted URI, an httpd child process could be made to crash. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2004-0786 to this issue.

This update includes a backported patch for this issue.

---------------------------------------------------------------------
* Wed Sep 15 2004 Joe Orton <jorton@redhat.com> 0.9.4-2.1

- add security fix for CAN-2004-0786
- add fix for SHA1 password support

---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

a20b967ffa4e004ba2c24ae6f6d0285b SRPMS/apr-util-0.9.4-2.1.src.rpm
51a0579a62f8a8883946b88863aec3d0 x86_64/apr-util-0.9.4-2.1.x86_64.rpm
814f6f5290b802b1997da32c569034c1 x86_64/apr-util-devel-0.9.4-2.1.x86_64.rpm
0344e8181664d9e6b37bc298fe79cc95 x86_64/debug/apr-util-debuginfo-0.9.4-2.1.x86_64.rpm
6d8df3d6e25c851161e1865f96eab6b4 i386/apr-util-0.9.4-2.1.i386.rpm
bcf23f81f50ff80b3fff315b1a6aff92 i386/apr-util-devel-0.9.4-2.1.i386.rpm
ea3b514f7544b0eef8deacf1b4e57a62 i386/debug/apr-util-debuginfo-0.9.4-2.1.i386.rpm

Display posts from previous:   
Post new topic   Reply to topic    BLAG Forum Index -> announcements
Page 1 of 1

Protected by Anti-Spam ACP