Issued at: 2024-05-10
Updated at: 2024-05-10
Synopsis
Moderate: apr security update
Description
The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.
Security Fix(es):
* apr: integer overflow/wraparound in apr_encode (CVE-2022-24963)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected products
Rocky Linux 9 ppc64le
Rocky Linux 9 s390x
Fixes
2169465
CVEs
CVE-2022-24963
Affected packages
Rocky Linux 9 ppc64le - AppStream
apr-0:1.7.0-12.el9_3.ppc64le.rpm
apr-0:1.7.0-12.el9_3.src.rpm
apr-debuginfo-0:1.7.0-12.el9_3.ppc64le.rpm
apr-debugsource-0:1.7.0-12.el9_3.ppc64le.rpm
apr-devel-0:1.7.0-12.el9_3.ppc64le.rpm
Rocky Linux 9 s390x - AppStream
apr-0:1.7.0-12.el9_3.s390x.rpm
apr-0:1.7.0-12.el9_3.src.rpm
apr-debuginfo-0:1.7.0-12.el9_3.s390x.rpm
apr-debugsource-0:1.7.0-12.el9_3.s390x.rpm
apr-devel-0:1.7.0-12.el9_3.s390x.rpm