UbuntuUpdates.org

Package "apr"

Name: apr

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Apache Portable Runtime Library
  • Apache Portable Runtime Library - Development Headers
Latest version: 1.7.0-8ubuntu0.22.04.2
Release: jammy (22.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "apr" in Jammy

Repository Area Version
base main 1.7.0-8build1
security main 1.7.0-8ubuntu0.22.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.7.0-8ubuntu0.22.04.2 2024-09-26 10:07:02 UTC

  apr (1.7.0-8ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: local information disclosure via shared memory segments
    - debian/patches/CVE-2023-49582.patch: adjust permissions on shared
      memory segments to prevent unauthorized access in shmem/unix/shm.c
    - CVE-2023-49582

 -- Vyom Yadav <email address hidden> Wed, 18 Sep 2024 10:41:57 +0530
Source diff to previous version
CVE-2023-49582 Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, pot

Version: 1.7.0-8ubuntu0.22.04.1 2023-02-27 02:06:53 UTC

  apr (1.7.0-8ubuntu0.22.04.1) jammy-security; urgency=medium

  * SECURITY UPDATE: fix integer overflow in apr_encode functions
    - debian/patches/CVE-2022-24963.patch: better check inputs of
      apr_{encode,decode}_* functions
    - CVE-2022-24963

 -- David Lane <email address hidden> Fri, 17 Feb 2023 15:35:59 +1100
CVE-2022-24963 Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a


About   -   Send Feedback to @ubuntu_updates