MDVSA-2009:131-1

Package name

apr-util

Date

2009-06-06

Advisory ID

MDVSA-2009:131-1

Affected versions

CS3.0 i586 , MNF2.0 i586 , CS3.0 x86_64

Problem description

Multiple security vulnerabilities has been identified and fixed
in apr-util:

The apr_strmatch_precompile function in strmatch/apr_strmatch.c in
Apache APR-util before 1.3.5 allows remote attackers to cause a denial
of service (daemon crash) via crafted input involving (1) a .htaccess
file used with the Apache HTTP Server, (2) the SVNMasterURI directive
in the mod_dav_svn module in the Apache HTTP Server, (3) the mod_apreq2
module for the Apache HTTP Server, or (4) an application that uses
the libapreq2 library, related to an underflow flaw. (CVE-2009-0023).

The expat XML parser in the apr_xml_* interface in xml/apr_xml.c in
Apache APR-util before 1.3.7, as used in the mod_dav and mod_dav_svn
modules in the Apache HTTP Server, allows remote attackers to
cause a denial of service (memory consumption) via a crafted XML
document containing a large number of nested entity references, as
demonstrated by a PROPFIND request, a similar issue to CVE-2003-1564
(CVE-2009-1955).

Off-by-one error in the apr_brigade_vprintf function in Apache APR-util
before 1.3.5 on big-endian platforms allows remote attackers to obtain
sensitive information or cause a denial of service (application crash)
via crafted input (CVE-2009-1956).

The updated packages have been patched to prevent this.

Update:

Fixed packages for CS3 and MNF2 was missing with the last update.

Updated packages

CS3.0 i586

 6438073fa2571cedb2edcb8a695bda16  corporate/3.0/i586/apache2-2.0.48-6.20.C30mdk.i586.rpm
 12e8afeabb65ea4abf905524fd61b343  corporate/3.0/i586/apache2-common-2.0.48-6.20.C30mdk.i586.rpm
 4eadd42fb186a26d786d25362533e82a  corporate/3.0/i586/apache2-devel-2.0.48-6.20.C30mdk.i586.rpm
 832d9dbd5600782a929b71bd7e6f61bb  corporate/3.0/i586/apache2-manual-2.0.48-6.20.C30mdk.i586.rpm
 750c02cf0859b7b317f124c5107a5b07  corporate/3.0/i586/apache2-mod_cache-2.0.48-6.20.C30mdk.i586.rpm
 9ed613802d3e5f8fc088b8465428f1d9  corporate/3.0/i586/apache2-mod_dav-2.0.48-6.20.C30mdk.i586.rpm
 9030c9382a9d4d3020b8fd815cbabaa7  corporate/3.0/i586/apache2-mod_deflate-2.0.48-6.20.C30mdk.i586.rpm
 8e98aa19ce3197ae31f870c84402e1ea  corporate/3.0/i586/apache2-mod_disk_cache-2.0.48-6.20.C30mdk.i586.rpm
 97233182b774c4350d05e4e7422aca65  corporate/3.0/i586/apache2-mod_file_cache-2.0.48-6.20.C30mdk.i586.rpm
 40e47234eb2605375c5fc717659e0eae  corporate/3.0/i586/apache2-mod_ldap-2.0.48-6.20.C30mdk.i586.rpm
 80dfaf750009361fe621c594bec5efb7  corporate/3.0/i586/apache2-mod_mem_cache-2.0.48-6.20.C30mdk.i586.rpm
 6573645bbb414f59115229207305a3f3  corporate/3.0/i586/apache2-mod_proxy-2.0.48-6.20.C30mdk.i586.rpm
 612e933acc767970ecdf1f23e62c2ebf  corporate/3.0/i586/apache2-mod_ssl-2.0.48-6.20.C30mdk.i586.rpm
 dc00610fd6633f63f891c5f768a22acd  corporate/3.0/i586/apache2-modules-2.0.48-6.20.C30mdk.i586.rpm
 5241d3032ae49713e43d07d39fbbee04  corporate/3.0/i586/apache2-source-2.0.48-6.20.C30mdk.i586.rpm
 34d3d434bc723130e6e59049b5e3939a  corporate/3.0/i586/libapr0-2.0.48-6.20.C30mdk.i586.rpm 
 f048b454b9bf609c1cc7b13c413387d4  corporate/3.0/SRPMS/apache2-2.0.48-6.20.C30mdk.src.rpm

MNF2.0 i586

 dc646d83c4a17cd5253cad5627b27baf  mnf/2.0/i586/apache2-2.0.48-6.20.C30mdk.i586.rpm
 b3e5796e1c8b600153bb7760aa3c7c44  mnf/2.0/i586/apache2-common-2.0.48-6.20.C30mdk.i586.rpm
 0c1b528680931b0d0d62aed029c00cc2  mnf/2.0/i586/apache2-devel-2.0.48-6.20.C30mdk.i586.rpm
 3951d007d5ba03eec47465eaabfe3f23  mnf/2.0/i586/apache2-manual-2.0.48-6.20.C30mdk.i586.rpm
 8e55c40e40744a064882cd0fa4ef5cf0  mnf/2.0/i586/apache2-mod_cache-2.0.48-6.20.C30mdk.i586.rpm
 3f91a25523c535522cc84ff120fdc0ed  mnf/2.0/i586/apache2-mod_dav-2.0.48-6.20.C30mdk.i586.rpm
 f2b9e2ce65a8b9195befd7ac0250e6c4  mnf/2.0/i586/apache2-mod_deflate-2.0.48-6.20.C30mdk.i586.rpm
 6c612ca239c1e15ca44beea45802d2ca  mnf/2.0/i586/apache2-mod_disk_cache-2.0.48-6.20.C30mdk.i586.rpm
 1fe18f3beae65e236fc2ebb124fac665  mnf/2.0/i586/apache2-mod_file_cache-2.0.48-6.20.C30mdk.i586.rpm
 239baa6e2e43f7e4d8b68ba57d604f2c  mnf/2.0/i586/apache2-mod_ldap-2.0.48-6.20.C30mdk.i586.rpm
 0b90721f4df783807ad1a10608f6bab1  mnf/2.0/i586/apache2-mod_mem_cache-2.0.48-6.20.C30mdk.i586.rpm
 7f372005bb7420f976f2841f86c97397  mnf/2.0/i586/apache2-mod_proxy-2.0.48-6.20.C30mdk.i586.rpm
 41edbf29d8d04a4eb449b3c7970ac106  mnf/2.0/i586/apache2-mod_ssl-2.0.48-6.20.C30mdk.i586.rpm
 0173e0d347b2f8371cb2ebd8224e9953  mnf/2.0/i586/apache2-modules-2.0.48-6.20.C30mdk.i586.rpm
 2ce003b3977c10d3e88b2d6c1dad3f9b  mnf/2.0/i586/apache2-source-2.0.48-6.20.C30mdk.i586.rpm
 f4e5264b902bfb715cb473971f15919b  mnf/2.0/i586/libapr0-2.0.48-6.20.C30mdk.i586.rpm 
 8378e9f5191f581f69e6035c384a18d9  mnf/2.0/SRPMS/apache2-2.0.48-6.20.C30mdk.src.rpm

CS3.0 x86_64

 755b2e066f779fa9aad5f403335e1f75  corporate/3.0/x86_64/apache2-2.0.48-6.20.C30mdk.x86_64.rpm
 42bc30427c45df83d7a0fbb5bee60505  corporate/3.0/x86_64/apache2-common-2.0.48-6.20.C30mdk.x86_64.rpm
 783174aa020c5b14095087172bade395  corporate/3.0/x86_64/apache2-devel-2.0.48-6.20.C30mdk.x86_64.rpm
 4b54570bdb7f6aa29d370a9250a55450  corporate/3.0/x86_64/apache2-manual-2.0.48-6.20.C30mdk.x86_64.rpm
 9fb862a630cc2fdddf5aadffc73d8f03  corporate/3.0/x86_64/apache2-mod_cache-2.0.48-6.20.C30mdk.x86_64.rpm
 ce00089db719cc5fccf8c5ed614e0f86  corporate/3.0/x86_64/apache2-mod_dav-2.0.48-6.20.C30mdk.x86_64.rpm
 6c7ce93e4faf3910a4e37ecfb3aa6bcf  corporate/3.0/x86_64/apache2-mod_deflate-2.0.48-6.20.C30mdk.x86_64.rpm
 084c2310ae92da6d58f2c2d9748ef947  corporate/3.0/x86_64/apache2-mod_disk_cache-2.0.48-6.20.C30mdk.x86_64.rpm
 338bedc1f695ac29257f4fbbbae0e913  corporate/3.0/x86_64/apache2-mod_file_cache-2.0.48-6.20.C30mdk.x86_64.rpm
 429fcecf3fa53ec73c1c2082a06c8a7b  corporate/3.0/x86_64/apache2-mod_ldap-2.0.48-6.20.C30mdk.x86_64.rpm
 34b8969d6cdf063c24c3db5da60b66ed  corporate/3.0/x86_64/apache2-mod_mem_cache-2.0.48-6.20.C30mdk.x86_64.rpm
 b4ff66b59400e60406286db040351c46  corporate/3.0/x86_64/apache2-mod_proxy-2.0.48-6.20.C30mdk.x86_64.rpm
 e0fce8ab4362f1a40461af7cc1f388c0  corporate/3.0/x86_64/apache2-mod_ssl-2.0.48-6.20.C30mdk.x86_64.rpm
 6da81ad00ba8f7e6f35e18a81b79ecc4  corporate/3.0/x86_64/apache2-modules-2.0.48-6.20.C30mdk.x86_64.rpm
 3cef182192afb5a101aed6b824d9950a  corporate/3.0/x86_64/apache2-source-2.0.48-6.20.C30mdk.x86_64.rpm
 7b3b62b6b01d77c344a66b74f6fc92c0  corporate/3.0/x86_64/lib64apr0-2.0.48-6.20.C30mdk.x86_64.rpm 
 f048b454b9bf609c1cc7b13c413387d4  corporate/3.0/SRPMS/apache2-2.0.48-6.20.C30mdk.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1956
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1955
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0023