New apr-util packages fix denial of service
Users of apr-util please be advised of a New packages fix denial of service vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from http://www.criticalwatch.com
DSA-2117-1: [DSA-2117-1] New apr-util packages fix denial of service
Jeff Trawick discovered a flaw in the apr_brigade_split_line() function
in apr-util. A remote attacker could send crafted http requests to
cause a greatly increased memory consumption in Apache httpd, resulting
in a denial of service.This upgrade fixes this issue. After the upgrade, any running apache2
server processes need to be restartedRead more at http://www.criticalwatch.com
See this Amp at http://bit.ly/aSeyRe
Reply