Synopsis: Moderate: apr-util security update Issue date: 2009-06-16 CVE Names: CVE-2009-0023 CVE-2009-1955 CVE-2009-1956 An off-by-one overflow flaw was found in the way apr-util processed a variable list of arguments. An attacker could provide a specially-crafted string as input for the formatted output conversion routine, which could, on big-endian platforms, potentially lead to the disclosure of sensitive information or a denial of service (application crash). (CVE-2009-1956) A denial of service flaw was found in the apr-util Extensible Markup Language (XML) parser. A remote attacker could create a specially-crafted XML document that would cause excessive memory consumption when processed by the XML decoding engine. (CVE-2009-1955) A heap-based underwrite flaw was found in the way apr-util created compiled forms of particular search patterns. An attacker could formulate a specially-crafted search keyword, that would overwrite arbitrary heap memory locations when processed by the pattern preparation engine. (CVE-2009-0023) Applications using the Apache Portable Runtime library, such as httpd, must be restarted for this update to take effect. SL 4.x SRPMS: apr-util-0.9.4-22.el4_8.1.src.rpm i386: apr-util-0.9.4-22.el4_8.1.i386.rpm apr-util-devel-0.9.4-22.el4_8.1.i386.rpm x86_64: apr-util-0.9.4-22.el4_8.1.x86_64.rpm apr-util-devel-0.9.4-22.el4_8.1.x86_64.rpm SL 5.x SRPMS: apr-util-1.2.7-7.el5_3.1.src.rpm i386: apr-util-1.2.7-7.el5_3.1.i386.rpm apr-util-devel-1.2.7-7.el5_3.1.i386.rpm apr-util-docs-1.2.7-7.el5_3.1.i386.rpm x86_64: apr-util-1.2.7-7.el5_3.1.i386.rpm apr-util-1.2.7-7.el5_3.1.x86_64.rpm apr-util-devel-1.2.7-7.el5_3.1.i386.rpm apr-util-devel-1.2.7-7.el5_3.1.x86_64.rpm apr-util-docs-1.2.7-7.el5_3.1.x86_64.rpm -Connie Sieh -Troy Dawson