RHSA-2010:0950-01 -- Redhat apr-utilID: oval:org.secpod.oval:def:500457 | Date: (C)2012-01-31 (M)2023-11-09 |
Class: PATCH | Family: unix |
The Apache Portable Runtime is a portability library used by the Apache HTTP Server and other projects. apr-util is a library which provides additional utility interfaces for APR; including support for XML parsing, LDAP, database interfaces, URI parsing, and more. It was found that certain input could cause the apr-util library to allocate more memory than intended in the apr_brigade_split_line function. An attacker able to provide input in small chunks to an application using the apr-util library could possibly use this flaw to trigger high memory consumption. All apr-util users should upgrade to these updated packages, which contain a backported patch to correct this issue. Applications using the apr-util library, such as httpd, must be restarted for this update to take effect.
Platform: |
Red Hat Enterprise Linux 6 |
Red Hat Enterprise Linux 5 |
Red Hat Enterprise Linux 4 |