(RHSA-2018:0316) Important: httpd24-apr security update

ID RHSA-2018:0316
Type redhat
Reporter RedHat
Modified 2018-06-13T01:28:19


The Apache Portable Runtime (APR) is a portability library used by the Apache HTTP Server and other projects. It provides a free library of C data structures and routines.

Security Fix(es):

  • An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)