apr-util 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1246385653
업데이트 : 2009.07.01
- 보안버그 수정 사항
A heap-based underwrite flaw was found in the way apr-util created compiled
forms of particular search patterns. An attacker could formulate a
specially-crafted search keyword, that would overwrite arbitrary heap
memory locations when processed by the pattern preparation engine.
A denial of service flaw was found in the apr-util Extensible Markup
Language (XML) parser. A remote attacker could create a specially-crafted
XML document that would cause excessive memory consumption when processed
by the XML decoding engine.
An off-by-one overflow flaw was found in the way apr-util processed a
variable list of arguments. An attacker could provide a specially-crafted
string as input for the formatted output conversion routine, which could,
on big-endian platforms, potentially lead to the disclosure of sensitive
information or a denial of service (application crash).
Autoupdates 지원 : 지원안함
pkgadd -F 'apr-util*'