diff options
author | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-03-08 08:35:43 +0100 |
---|---|---|
committer | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-03-08 08:35:43 +0100 |
commit | 2fc83372dd820fa967f2dc271d447a6338258c5d (patch) | |
tree | fa50ad7c7e58cdb347d5d7773740818d5a383ca4 | |
parent | 32a963ed1678eb7e2025a7dece64fd88dc320861 (diff) |
[SECURITY] [DSA 5370-1] apr security update
-rw-r--r-- | english/security/2023/dsa-5370.data | 13 | ||||
-rw-r--r-- | english/security/2023/dsa-5370.wml | 20 |
2 files changed, 33 insertions, 0 deletions
diff --git a/english/security/2023/dsa-5370.data b/english/security/2023/dsa-5370.data new file mode 100644 index 00000000000..c1dabee1047 --- /dev/null +++ b/english/security/2023/dsa-5370.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-5370-1 apr</define-tag> +<define-tag report_date>2023-3-07</define-tag> +<define-tag secrefs>CVE-2022-24963</define-tag> +<define-tag packages>apr</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2023/dsa-5370.wml b/english/security/2023/dsa-5370.wml new file mode 100644 index 00000000000..8149cd9617b --- /dev/null +++ b/english/security/2023/dsa-5370.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>Ronald Crane discovered that missing input sanitizing in the apr_encode +functions of apr, the Apache Portable Runtime library, may result in +denial of service or potentially the execution of arbitrary code.</p> + +<p>For the stable distribution (bullseye), this problem has been fixed in +version 1.7.0-6+deb11u2.</p> + +<p>We recommend that you upgrade your apr packages.</p> + +<p>For the detailed security status of apr please refer to its security +tracker page at: +<a href="https://security-tracker.debian.org/tracker/apr">\ +https://security-tracker.debian.org/tracker/apr</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2023/dsa-5370.data" +# $Id: $ |