Package name
apr
Date
2011-05-23
Advisory ID
MDVSA-2011:095-1
Affected versions
2010.0 x86_64 , 2010.0 i586

Problem description

It was discovered that the fix for CVE-2011-0419 under certain
conditions could cause a denial-of-service (DoS) attack in APR
(CVE-2011-1928).

Packages for 2010.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490

The updated packages have been patched to correct this issue.

Update:

Packages for Mandriva Linux 2010.0 were missing with the MDVSA-2011:095
advisory.

Updated packages

2010.0 x86_64

 1bc50f60858c9773b546304bff84787a  2010.0/x86_64/lib64apr1-1.3.9-1.2mdv2010.0.x86_64.rpm
 7ec09ad50ab59cbbd77f402797df67bc  2010.0/x86_64/lib64apr-devel-1.3.9-1.2mdv2010.0.x86_64.rpm 
 a5edcd45a4ad1e4ff2aff2b9b9ce709e  2010.0/SRPMS/apr-1.3.9-1.2mdv2010.0.src.rpm

2010.0 i586

 a77fb6f726a2997fc98cd429dd287c76  2010.0/i586/libapr1-1.3.9-1.2mdv2010.0.i586.rpm
 2cb83dae47a2044539133deed81a48b0  2010.0/i586/libapr-devel-1.3.9-1.2mdv2010.0.i586.rpm 
 a5edcd45a4ad1e4ff2aff2b9b9ce709e  2010.0/SRPMS/apr-1.3.9-1.2mdv2010.0.src.rpm

References