UbuntuUpdates.org

Package "libapr1-dev"

Name: libapr1-dev

Description:

Apache Portable Runtime Library - Development Headers

Latest version: 1.7.0-8ubuntu0.22.04.2
Release: jammy (22.04)
Level: security
Repository: main
Head package: apr
Homepage: https://apr.apache.org/

Links


Download "libapr1-dev"


Other versions of "libapr1-dev" in Jammy

Repository Area Version
base main 1.7.0-8build1
updates main 1.7.0-8ubuntu0.22.04.2

Changelog

Version: 1.7.0-8ubuntu0.22.04.2 2024-09-26 09:07:04 UTC

  apr (1.7.0-8ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: local information disclosure via shared memory segments
    - debian/patches/CVE-2023-49582.patch: adjust permissions on shared
      memory segments to prevent unauthorized access in shmem/unix/shm.c
    - CVE-2023-49582

 -- Vyom Yadav <email address hidden> Wed, 18 Sep 2024 10:41:57 +0530

Source diff to previous version
CVE-2023-49582 Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, pot

Version: 1.7.0-8ubuntu0.22.04.1 2023-02-27 02:06:53 UTC

  apr (1.7.0-8ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: fix integer overflow in apr_encode functions
    - debian/patches/CVE-2022-24963.patch: better check inputs of
      apr_{encode,decode}_* functions
    - CVE-2022-24963

 -- David Lane <email address hidden> Fri, 17 Feb 2023 15:35:59 +1100

CVE-2022-24963 Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a



About   -   Send Feedback to @ubuntu_updates