Ubuntu 16.04 ESM: USN-5738-1 Moderate Security Update Addressing DDoS Risk
ubuntu
November 23, 2022
APR-util could be made to crash or leak sensitive information if it opened a specially crafted SDBM file.
Summary
APR-util could be made to crash or leak sensitive information if it opened
a specially crafted SDBM file.
Software Description:
- apr-util: Apache Portable Runtime Utility Library
Details:
It was discovered that APR-util did not properly handle memory when using
SDBM database files. A local attacker with write access to the database
can make a program or process using these functions crash, and cause a
denial of service.
Topics Covered
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: libaprutil1 1.5.4-1ubuntu0.1~esm1 Ubuntu 14.04 ESM: libaprutil1 1.5.3-1ubuntu0.1~esm1 After a standard system update you need to restart any applications using APR-util, such as Subversion and Apache, to make all the necessary changes.
References
https://ubuntu.com/security/notices/USN-5737-1
CVE-2017-12618
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
November 23, 2022
Topics Covered
Package Information
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!