Synopsis: Important: apr security update Advisory ID: SLSA-2017:3270-1 Issue Date: 2017-11-29 CVE Numbers: CVE-2017-12613 -- Security Fix(es): * An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613) -- SL6 x86_64 apr-1.3.9-5.el6_9.1.i686.rpm apr-1.3.9-5.el6_9.1.x86_64.rpm apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.x86_64.rpm apr-devel-1.3.9-5.el6_9.1.i686.rpm apr-devel-1.3.9-5.el6_9.1.x86_64.rpm i386 apr-1.3.9-5.el6_9.1.i686.rpm apr-debuginfo-1.3.9-5.el6_9.1.i686.rpm apr-devel-1.3.9-5.el6_9.1.i686.rpm SL7 x86_64 apr-1.4.8-3.el7_4.1.i686.rpm apr-1.4.8-3.el7_4.1.x86_64.rpm apr-debuginfo-1.4.8-3.el7_4.1.i686.rpm apr-debuginfo-1.4.8-3.el7_4.1.x86_64.rpm apr-devel-1.4.8-3.el7_4.1.i686.rpm apr-devel-1.4.8-3.el7_4.1.x86_64.rpm - Scientific Linux Development Team