Oval Definition:oval:com.redhat.rhsa:def:20173270
Revision Date:2017-11-28Version:637
Title:RHSA-2017:3270: apr security update (Important)
Description:The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.

Security Fix(es):

  • An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)
    • Family:unixClass:patch
    Status:Reference(s):CVE-2017-12613
    RHSA-2017:3270
    RHSA-2017:3270-00
    RHSA-2017:3270-01
    Platform(s):Red Hat Enterprise Linux 6
    Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • apr is earlier than 0:1.3.9-5.el6_9.1
  • AND apr is signed with Red Hat redhatrelease2 key
  • apr-devel is earlier than 0:1.3.9-5.el6_9.1
  • AND apr-devel is signed with Red Hat redhatrelease2 key
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • apr is earlier than 0:1.4.8-3.el7_4.1
  • AND apr is signed with Red Hat redhatrelease2 key
  • apr-devel is earlier than 0:1.4.8-3.el7_4.1
  • AND apr-devel is signed with Red Hat redhatrelease2 key
    • BACK