-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : apr-util Version : 1.4.1-3+deb7u1 CVE ID : CVE-2017-12618 Debian Bug : #879996
It was discovered that there was an out-of-bounds read access in apr-util, a support/portability library used by many applications. A local user with write access to the database could have made a process using these functions crash and thus cause a denial-of-service. For Debian 7 "Wheezy", this issue has been fixed in apr-util version 1.4.1-3+deb7u1. We recommend that you upgrade your apr-util packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org / chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAloA1nQACgkQHpU+J9Qx Hlgn0A/+NAg5jHgkNf5CFfXWNyy0NqQjXAP9/hhwv5AqMHqOcu3dHLy0pzxZ/cFf 6i0tZyFTeqURL2D/H77PiAQC32KRx4SSw/3zYYGz3DTREay0jvSN1Ch7e7Ddk22c iog0Sj95iE5+GSFYt+GUbHc/Z9h8wpYeSsTcxERIkMTqScTHk8/zxcmHpGbmn3iR 8RQYts94Hd/fbfXRzEs2u3Y2BTeg63u6h2AYD5DkDc82DTCcAZtsAtPNIZZ2GX1b Wal3CasBlOjcU5hh4ThMFD0fio+IZ9Jau3VkyCKa8JfCKRQ0XcxS3STRO9Mmt+Ny Jd3GFo+M+FzI9wcdyL0N3bKyHBFH1Xt6W6lHMGE2gi0ksnmDiwu20cDZE98SVOgg NJ1Z3W+4j+JD3HkHm1dUMLsb/Cu9beiuZnnfPnoiuvam6zjG50nRs48wfUa3fpMK 12JsgSV2lMS8p82gUF6m+/Vgrb7O8ZQZMfstMSCN+r4okSwjJvD3XskVADo/vl4K fENIfr1swgb513wLboJljqlKaHDi7h4jyCEka4cDP6g2PPLI5LKxlxN6O7LiXA9m 6l1zwN1fP2RInT009YPf6lQ5fgWDLjWzsyCW9aR5yk6VX3UXLJmdYnKh3SfhlsN8 AMpxw2N6eMWTQKv6IEm7MUu9xDuZw9I0XhcxRMqiQP9C12NiYnQ= =g1lO -----END PGP SIGNATURE-----