ID

VAR-201010-0168

CVE

CVE-2010-1623

TITLE

Apache APR-util 'apr_brigade_split_line()' Denial of Service Vulnerability

DESCRIPTION

Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors related to the destruction of an APR bucket. Apache 'APR-util' is prone to a vulnerability that may allow attackers to cause a denial-of-service condition. Versions prior to 'APR-util' 1.3.10 are vulnerable. Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more: http://store.mandriva.com/product_info.php?cPath=149&products_id=490 The updated packages have been patched to correct this issue. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFMp2gfmqjQ0CJFipgRAt4MAKDyY5474rouxr68uwdAJFM5ccGCWQCgluf4 +3Ue46VyQAyCWIdyaxpp9no= =hI/k -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: JBoss Enterprise Web Server 1.0.2 update Advisory ID: RHSA-2011:0896-01 Product: JBoss Enterprise Web Server Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0896.html Issue date: 2011-06-22 CVE Names: CVE-2008-7270 CVE-2009-3245 CVE-2009-3560 CVE-2009-3720 CVE-2009-3767 CVE-2010-1157 CVE-2010-1452 CVE-2010-1623 CVE-2010-2068 CVE-2010-3718 CVE-2010-4172 CVE-2010-4180 CVE-2011-0013 CVE-2011-0419 ===================================================================== 1. Summary: JBoss Enterprise Web Server 1.0.2 is now available from the Red Hat Customer Portal for Red Hat Enterprise Linux 4, 5 and 6, Solaris, and Microsoft Windows. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Description: JBoss Enterprise Web Server is a fully-integrated and certified set of components for hosting Java web applications. This is the first release of JBoss Enterprise Web Server for Red Hat Enterprise Linux 6. For Red Hat Enterprise Linux 4 and 5, Solaris, and Microsoft Windows, this release serves as a replacement for JBoss Enterprise Web Server 1.0.1, and includes a number of bug fixes. Refer to the Release Notes, linked in the References, for more information. This update corrects security flaws in the following components: tomcat6: A cross-site scripting (XSS) flaw was found in the Manager application, used for managing web applications on Apache Tomcat. If a remote attacker could trick a user who is logged into the Manager application into visiting a specially-crafted URL, the attacker could perform Manager application tasks with the privileges of the logged in user. (CVE-2010-4172) tomcat5 and tomcat6: It was found that web applications could modify the location of the Apache Tomcat host's work directory. As web applications deployed on Tomcat have read and write access to this directory, a malicious web application could use this flaw to trick Tomcat into giving it read and write access to an arbitrary directory on the file system. (CVE-2010-3718) A second cross-site scripting (XSS) flaw was found in the Manager application. A malicious web application could use this flaw to conduct an XSS attack, leading to arbitrary web script execution with the privileges of victims who are logged into and viewing Manager application web pages. (CVE-2011-0013) A possible minor information leak was found in the way Apache Tomcat generated HTTP BASIC and DIGEST authentication requests. For configurations where a realm name was not specified and Tomcat was accessed via a proxy, the default generated realm contained the hostname and port used by the proxy to send requests to the Tomcat server. (CVE-2010-1157) httpd: A flaw was found in the way the mod_dav module of the Apache HTTP Server handled certain requests. If a remote attacker were to send a carefully crafted request to the server, it could cause the httpd child process to crash. (CVE-2010-1452) A flaw was discovered in the way the mod_proxy_http module of the Apache HTTP Server handled the timeouts of requests forwarded by a reverse proxy to the back-end server. In some configurations, the proxy could return a response intended for another user under certain timeout conditions, possibly leading to information disclosure. Note: This issue only affected httpd running on the Windows operating system. (CVE-2010-2068) apr: It was found that the apr_fnmatch() function used an unconstrained recursion when processing patterns with the '*' wildcard. An attacker could use this flaw to cause an application using this function, which also accepted untrusted input as a pattern for matching (such as an httpd server using the mod_autoindex module), to exhaust all stack memory or use an excessive amount of CPU time when performing matching. (CVE-2011-0419) apr-util: It was found that certain input could cause the apr-util library to allocate more memory than intended in the apr_brigade_split_line() function. An attacker able to provide input in small chunks to an application using the apr-util library (such as httpd) could possibly use this flaw to trigger high memory consumption. (CVE-2010-1623) The following flaws were corrected in the packages for Solaris and Windows. Updates for Red Hat Enterprise Linux can be downloaded from the Red Hat Network. Multiple flaws in OpenSSL, which could possibly cause a crash, code execution, or a change of session parameters, have been corrected. (CVE-2009-3245, CVE-2010-4180, CVE-2008-7270) Two denial of service flaws were corrected in Expat. (CVE-2009-3560, CVE-2009-3720) An X.509 certificate verification flaw was corrected in OpenLDAP. (CVE-2009-3767) More information about these flaws is available from the CVE links in the References. 3. Solution: All users of JBoss Enterprise Web Server 1.0.1 as provided from the Red Hat Customer Portal are advised to upgrade to JBoss Enterprise Web Server 1.0.2, which corrects these issues. The References section of this erratum contains a download link (you must log in to download the update). Before installing the update, backup your existing JBoss Enterprise Web Server installation (including all applications and configuration files). Apache Tomcat and the Apache HTTP Server must be restarted for the update to take effect. 4. Bugs fixed (http://bugzilla.redhat.com/): 530715 - CVE-2009-3767 OpenLDAP: Doesn't properly handle NULL character in subject Common Name 531697 - CVE-2009-3720 expat: buffer over-read and crash on XML with malformed UTF-8 sequences 533174 - CVE-2009-3560 expat: buffer over-read and crash in big2_toUtf8() on XML with malformed UTF-8 sequences 570924 - CVE-2009-3245 openssl: missing bn_wexpand return value checks 585331 - CVE-2010-1157 tomcat: information disclosure in authentication headers 618189 - CVE-2010-1452 httpd mod_cache, mod_dav: DoS (httpd child process crash) by parsing URI structure with missing path segments 632994 - CVE-2010-2068 httpd (mod_proxy): Sensitive response disclosure due improper handling of timeouts 640281 - CVE-2010-1623 apr-util: high memory consumption in apr_brigade_split_line() 656246 - CVE-2010-4172 tomcat: cross-site-scripting vulnerability in the manager application 659462 - CVE-2010-4180 openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG ciphersuite downgrade attack 660650 - CVE-2008-7270 openssl: NETSCAPE_REUSE_CIPHER_CHANGE_BUG downgrade-to-disabled ciphersuite attack 675786 - CVE-2011-0013 tomcat: XSS vulnerability in HTML Manager interface 675792 - CVE-2010-3718 tomcat: file permission bypass flaw 703390 - CVE-2011-0419 apr: unconstrained recursion in apr_fnmatch 5. References: https://www.redhat.com/security/data/cve/CVE-2008-7270.html https://www.redhat.com/security/data/cve/CVE-2009-3245.html https://www.redhat.com/security/data/cve/CVE-2009-3560.html https://www.redhat.com/security/data/cve/CVE-2009-3720.html https://www.redhat.com/security/data/cve/CVE-2009-3767.html https://www.redhat.com/security/data/cve/CVE-2010-1157.html https://www.redhat.com/security/data/cve/CVE-2010-1452.html https://www.redhat.com/security/data/cve/CVE-2010-1623.html https://www.redhat.com/security/data/cve/CVE-2010-2068.html https://www.redhat.com/security/data/cve/CVE-2010-3718.html https://www.redhat.com/security/data/cve/CVE-2010-4172.html https://www.redhat.com/security/data/cve/CVE-2010-4180.html https://www.redhat.com/security/data/cve/CVE-2011-0013.html https://www.redhat.com/security/data/cve/CVE-2011-0419.html https://access.redhat.com/security/updates/classification/#moderate http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Web_Server/1.0/html-single/Release_Notes_1.0.2/index.html https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions&product=webserver&version=1.0.2 6. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFOAuGhXlSAg2UNWIIRAqmMAJ4r9f3dvSqtXd7MjjpO8g90BsEongCgmhEo /GsGpZfcRmJUiJiwYZJk5fU= =KiZb -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03280632 Version: 1 HPSBMU02764 SSRT100827 rev.1 - HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2012-04-16 Last Updated: 2012-04-16 Potential Security Impact: Remote cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified with HP System Management Homepage (SMH) running on Linux and Windows. The vulnerabilities could be exploited remotely and locally resulting in cross site request forgery (CSRF), Denial of Service (DoS), execution of arbitrary code, and other vulnerabilities. References: CVE-2009-0037, CVE-2010-0734, CVE-2010-1452, CVE-2010-1623, CVE-2010-2068, CVE-2010-2791, CVE-2010-3436, CVE-2010-4409, CVE-2010-4645, CVE-2011-0014, CVE-2011-0195, CVE-2011-0419, CVE-2011-1148, CVE-2011-1153, CVE-2011-1464, CVE-2011-1467, CVE-2011-1468, CVE-2011-1470, CVE-2011-1471, CVE-2011-1928, CVE-2011-1938, CVE-2011-1945, CVE-2011-2192, CVE-2011-2202, CVE-2011-2483, CVE-2011-3182, CVE-2011-3189, CVE-2011-3192, CVE-2011-3267, CVE-2011-3268, CVE-2011-3207, CVE-2011-3210, CVE-2011-3348, CVE-2011-3368, CVE-2011-3639, CVE-2011-3846, SSRT100376, CVE-2011-4317, CVE-2012-0135, SSRT100609, CVE-2012-1993, SSRT10043 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP System Management Homepage (SMH) before v7.0 running on Linux and Windows. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2009-0037 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-0734 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2010-1452 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-1623 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-2068 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-2791 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2010-3436 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2010-4409 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2010-4645 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0014 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-0195 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-0419 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1148 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1153 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1464 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1467 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-1468 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1470 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1471 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1928 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-1938 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2011-1945 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2011-2192 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-2202 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 CVE-2011-2483 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3182 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3189 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2011-3192 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2011-3267 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3268 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2011-3207 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2011-3210 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2011-3348 (AV:N/AC:M/Au:N/C:N/I:N/A:P) 4.3 CVE-2011-3368 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2011-3639 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2011-3846 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 6.8 CVE-2011-4317 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2012-0135 (AV:N/AC:M/Au:S/C:N/I:N/A:P) 3.5 CVE-2012-1993 (AV:L/AC:L/Au:S/C:P/I:P/A:N) 3.2 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 The Hewlett-Packard Company thanks Sow Ching Shiong coordinating with Secunia for reporting CVE-2011-3846 to security-alert@hp.com. RESOLUTION HP has provided HP System Management Homepage v7.0 or subsequent to resolve the vulnerabilities. SMH v7.0 is available here: http://h18000.www1.hp.com/products/servers/management/agents/index.html HISTORY Version:1 (rev.1) 16 April 2012 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430 Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2012 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Background ========== The Apache Portable Runtime (aka APR) provides a set of APIs for creating platform-independent applications. The Apache Portable Runtime Utility Library (aka APR-Util) provides an interface to functionality such as XML parsing, string matching and database connections. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-libs/apr < 1.4.8-r1 >= 1.4.8-r1 2 dev-libs/apr-util < 1.3.10 >= 1.3.10 ------------------------------------------------------------------- 2 affected packages Description =========== Multiple vulnerabilities have been discovered in Apache Portable Runtime and APR Utility Library. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Apache Portable Runtime users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/apr-1.4.8-r1" All users of the APR Utility Library should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/apr-util-1.3.10" Packages which depend on these libraries may need to be recompiled. Tools such as revdep-rebuild may assist in identifying some of these packages. References ========== [ 1 ] CVE-2010-1623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1623 [ 2 ] CVE-2011-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0419 [ 3 ] CVE-2011-1928 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1928 [ 4 ] CVE-2012-0840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0840 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201405-24.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . =========================================================== Ubuntu Security Notice USN-1022-1 November 25, 2010 apr-util vulnerability CVE-2010-1623 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 8.04 LTS Ubuntu 9.10 Ubuntu 10.04 LTS Ubuntu 10.10 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 8.04 LTS: libaprutil1 1.2.12+dfsg-3ubuntu0.3 Ubuntu 9.10: libaprutil1 1.3.9+dfsg-1ubuntu1.1 Ubuntu 10.04 LTS: libaprutil1 1.3.9+dfsg-3ubuntu0.10.04.1 Ubuntu 10.10: libaprutil1 1.3.9+dfsg-3ubuntu0.10.10.1 After a standard system update you need to restart any applications using APR-util, such as Subversion and Apache, to make all the necessary changes. Details follow: It was discovered that APR-util did not properly handle memory when destroying APR buckets. Updated packages for Ubuntu 8.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.2.12+dfsg-3ubuntu0.3.diff.gz Size/MD5: 25517 5ab0a19a12052732d91b869565548c76 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.2.12+dfsg-3ubuntu0.3.dsc Size/MD5: 1965 f1cbcf2871f2499ac89b92702f49aaef http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.2.12+dfsg.orig.tar.gz Size/MD5: 658687 4ef3e41037fe0cdd3a0d107335a008eb amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-3ubuntu0.3_amd64.deb Size/MD5: 133350 cac69d70d9460c00c860676a4e436ca9 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-3ubuntu0.3_amd64.deb Size/MD5: 130028 ca5cb25e5d6571d311f972d80cdb1d6a http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1_1.2.12+dfsg-3ubuntu0.3_amd64.deb Size/MD5: 75892 8d88a25c5594351ac30b254f27b0e98e i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-3ubuntu0.3_i386.deb Size/MD5: 126702 b669cea9e1b9247ed1fe850665b0c2de http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-3ubuntu0.3_i386.deb Size/MD5: 119762 9725713c58a631649b3eb55fdbdc8d05 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1_1.2.12+dfsg-3ubuntu0.3_i386.deb Size/MD5: 70684 423dd4dcec3d4545ab50e4b78522d65e lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-3ubuntu0.3_lpia.deb Size/MD5: 128466 6e3a93510bd71d7b5fc12163f18b23da http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-3ubuntu0.3_lpia.deb Size/MD5: 119418 c333612f7d98b1dd5f5f0c96aa402228 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.2.12+dfsg-3ubuntu0.3_lpia.deb Size/MD5: 69902 083ae17eb7999fba2e0c357144536f36 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-3ubuntu0.3_powerpc.deb Size/MD5: 134312 21fdfc8a2122cbfca409dec52e2341eb http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-3ubuntu0.3_powerpc.deb Size/MD5: 130594 68560c82186917536a2395d164c20d1a http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.2.12+dfsg-3ubuntu0.3_powerpc.deb Size/MD5: 80432 598472bea571066aa6aa36886a766f4a sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.2.12+dfsg-3ubuntu0.3_sparc.deb Size/MD5: 120396 6b874ebd7c15156b948cdd06702d067b http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.2.12+dfsg-3ubuntu0.3_sparc.deb Size/MD5: 124464 1cb5843a41ccc54a2ed055ba9703ffc1 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.2.12+dfsg-3ubuntu0.3_sparc.deb Size/MD5: 71386 963f486dd5eccfec137a0173a0558cc4 Updated packages for Ubuntu 9.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.3.9+dfsg-1ubuntu1.1.diff.gz Size/MD5: 24099 08dfeb4bd032146120fe600de1b086ee http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.3.9+dfsg-1ubuntu1.1.dsc Size/MD5: 2489 a09274d6888eb4f4bee1099f12b4f443 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.3.9+dfsg.orig.tar.gz Size/MD5: 805980 e19f5abd536d19dd3147b840853117da amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-1ubuntu1.1_amd64.deb Size/MD5: 27994 189a1478ddea8f1ff96990056ec03497 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-1ubuntu1.1_amd64.deb Size/MD5: 229664 a4713968e347ed6a180182f60910ddae http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-1ubuntu1.1_amd64.deb Size/MD5: 151180 bdbe81d205401fcc63f6d7c0937ffe53 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-1ubuntu1.1_amd64.deb Size/MD5: 25548 12b67d0342fe7f3016e7bd5116c8279a http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-1ubuntu1.1_amd64.deb Size/MD5: 90760 31bdfbb9ff8e61082be16d68ab64cd0e http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-1ubuntu1.1_amd64.deb Size/MD5: 28470 6035323490d52ffa4d8fda38504642ad http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-1ubuntu1.1_amd64.deb Size/MD5: 30806 e41ab0599999126e8a9680eac158259c http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-1ubuntu1.1_amd64.deb Size/MD5: 34764 d7440b4ded1fef5f6b0fa6812438e16f http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-1ubuntu1.1_amd64.deb Size/MD5: 30382 9d7092ca4a57760d35a987b5559375a8 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-1ubuntu1.1_i386.deb Size/MD5: 27064 3aac6787f8a22c9f874d806e58ec7165 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-1ubuntu1.1_i386.deb Size/MD5: 223328 d5a55f57ef31181e556bc522bb27e055 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-1ubuntu1.1_i386.deb Size/MD5: 140250 334b96a8eaf8c8d212691c221e1c41f7 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-1ubuntu1.1_i386.deb Size/MD5: 25074 88e2a6fd28bfcd436813c50e4add904e http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-1ubuntu1.1_i386.deb Size/MD5: 85436 93d9e4be73a9e69ce9f559d88ecfa94b http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-1ubuntu1.1_i386.deb Size/MD5: 27508 76120f1cc21207fa035fbe0a995c074c http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-1ubuntu1.1_i386.deb Size/MD5: 29592 a35a28a8bceab38877c5025138f82c89 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-1ubuntu1.1_i386.deb Size/MD5: 33580 1dcedc477f3e6c3f0a16dc616d75e56d http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-1ubuntu1.1_i386.deb Size/MD5: 29096 865686d088d22c1666728aa409e23b02 armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-1ubuntu1.1_armel.deb Size/MD5: 25826 479cf27f0e3e30745fe52e63c5df316f http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-1ubuntu1.1_armel.deb Size/MD5: 219702 ce0f47daa3c3a794b4dc20edc8a32f24 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-1ubuntu1.1_armel.deb Size/MD5: 142958 4c3f4b2de1a9c8ba74ee068be798c5e4 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-1ubuntu1.1_armel.deb Size/MD5: 24450 d127ad935df811f08089613986b7bd1f http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-1ubuntu1.1_armel.deb Size/MD5: 81468 297ccb1a0afa32c54b9b57207e5a2e31 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-1ubuntu1.1_armel.deb Size/MD5: 26328 8029c4d84dded2b4c89e662ad80b9a8c http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-1ubuntu1.1_armel.deb Size/MD5: 28008 88c4a160bde6713cc3f6c151a45f1f1a http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-1ubuntu1.1_armel.deb Size/MD5: 32146 ea54e2a5ebd4a7079cd19cc2b81f6b1d http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-1ubuntu1.1_armel.deb Size/MD5: 27654 f3a40a0255c97760494a31eb74b3b7df lpia architecture (Low Power Intel Architecture): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-1ubuntu1.1_lpia.deb Size/MD5: 26998 21f4cbeade099c02ac9609f3c76a67a1 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-1ubuntu1.1_lpia.deb Size/MD5: 225440 470509688e8734bacfd37b0bed76883f http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-1ubuntu1.1_lpia.deb Size/MD5: 140106 863b90bba8b9b8017a661761a784f4b0 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-1ubuntu1.1_lpia.deb Size/MD5: 25026 7f390e327714a3b1800aea4133e113cb http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-1ubuntu1.1_lpia.deb Size/MD5: 83822 6f1448c33680e993da492d4f0815cdc7 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-1ubuntu1.1_lpia.deb Size/MD5: 27440 b852831ec0d051026751ad8099f2b8c0 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-1ubuntu1.1_lpia.deb Size/MD5: 29552 be39eeb126e5f4cb06cd945ca3ee9c16 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-1ubuntu1.1_lpia.deb Size/MD5: 33332 368ee196e4b7030d8c48c35e4e524c76 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-1ubuntu1.1_lpia.deb Size/MD5: 28968 a56c2acae0bb29554527eaa4a8ece830 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 27476 6a7541dacc10967baf5ad003a5d238d5 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 236816 e79c98b4d0c36382a5d6db099c5e6765 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 150526 33154efb1592c52d944e9d558e4df069 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 25458 40d9e7560ccd18f66c1e8b730f0479f6 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 90666 3c331490640c6e4a56ead25ce53bbebf http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 28084 61edbd461a17f7b0ab4cb0fd87e21b84 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 30314 84d37c84c9922846334dc796a8b6e68f http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 34054 3aa6dd13d05e9b14f305650f24136730 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-1ubuntu1.1_powerpc.deb Size/MD5: 29922 b86fca9bc794b93edb31369f8e8d57dc sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-1ubuntu1.1_sparc.deb Size/MD5: 26328 8148b175e45a5615e46e58310ca575eb http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-1ubuntu1.1_sparc.deb Size/MD5: 202424 546a84ea93ee3f500efe5a93c54cebd9 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-1ubuntu1.1_sparc.deb Size/MD5: 143174 736e0ba582013ae82739884ee0c99b94 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-1ubuntu1.1_sparc.deb Size/MD5: 25124 cc34640c8dfb0228517b74a39aa56403 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-1ubuntu1.1_sparc.deb Size/MD5: 83754 716b45ea1b4dded24b06d485ed862a88 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-1ubuntu1.1_sparc.deb Size/MD5: 26882 23555b0cc3384ccdc1f8eec8b3a459ac http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-1ubuntu1.1_sparc.deb Size/MD5: 28554 cf9ebbaa2100b929493404b0776f0f90 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-1ubuntu1.1_sparc.deb Size/MD5: 32406 555255da5f95124d900fd3fd3a5053c0 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-1ubuntu1.1_sparc.deb Size/MD5: 28106 d779233cc8ac6a67e3c38e9bd5dc0341 Updated packages for Ubuntu 10.04 LTS: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.3.9+dfsg-3ubuntu0.10.04.1.diff.gz Size/MD5: 24686 a3882e4d634c1e1f13887cd50b2357a1 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.3.9+dfsg-3ubuntu0.10.04.1.dsc Size/MD5: 2527 1bca08cf01a8a86f11e39121155f9e18 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.3.9+dfsg.orig.tar.gz Size/MD5: 805980 e19f5abd536d19dd3147b840853117da amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-3ubuntu0.10.04.1_amd64.deb Size/MD5: 28232 ed4252144e7b89af3dfc36d0a997de1d http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-3ubuntu0.10.04.1_amd64.deb Size/MD5: 231300 41e493ad5d51e16751071fc08f890e56 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-3ubuntu0.10.04.1_amd64.deb Size/MD5: 549210 92b22ffeb0b5dbfb1265a59f7fd30589 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-3ubuntu0.10.04.1_amd64.deb Size/MD5: 25776 cd8752a07fd81e375124d838e0bbefd1 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-3ubuntu0.10.04.1_amd64.deb Size/MD5: 91056 f2fa882580882b287410de4bae19b89c http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-3ubuntu0.10.04.1_amd64.deb Size/MD5: 28714 e5e4ad6de157a1b766e6196ba1192728 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-3ubuntu0.10.04.1_amd64.deb Size/MD5: 31052 35088fcb737ccded77abcf781e9dc425 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-3ubuntu0.10.04.1_amd64.deb Size/MD5: 35012 18898a8209671bb75c77380796ddd9b9 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-3ubuntu0.10.04.1_amd64.deb Size/MD5: 30618 e299f1a8c66c072e38ddfb9926bc118c i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-3ubuntu0.10.04.1_i386.deb Size/MD5: 27316 6920423a5a91823a42ca6678effb72c8 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-3ubuntu0.10.04.1_i386.deb Size/MD5: 224470 62049078e3bf1e9e57c1f985a642df9e http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-3ubuntu0.10.04.1_i386.deb Size/MD5: 537712 1ac3a6ca5920eb550820ca805f6463a6 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-3ubuntu0.10.04.1_i386.deb Size/MD5: 25314 017623115301410e63d9ece99da36cd8 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-3ubuntu0.10.04.1_i386.deb Size/MD5: 85600 e0d0dc22dfa691b825dee8bc8fe36df7 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-3ubuntu0.10.04.1_i386.deb Size/MD5: 27750 b0ac4553d0d8e770a30e5352ec47a7b1 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-3ubuntu0.10.04.1_i386.deb Size/MD5: 29832 a83664c3c816015e03acb96209982a46 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-3ubuntu0.10.04.1_i386.deb Size/MD5: 33774 4e0e8523acbf0b6f113442ad33615159 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-3ubuntu0.10.04.1_i386.deb Size/MD5: 29322 8b3b97ae59f966991a1d85359704310f armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-3ubuntu0.10.04.1_armel.deb Size/MD5: 26342 15333c3867f443286a8f7a63d5c44d39 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-3ubuntu0.10.04.1_armel.deb Size/MD5: 226554 3f6bbeb73a25a67d781e4840148989fa http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-3ubuntu0.10.04.1_armel.deb Size/MD5: 577452 28ea65e58066812956e0672fd75371f4 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-3ubuntu0.10.04.1_armel.deb Size/MD5: 25172 3fd804a00c8777a0ddf5b78c6ce54e99 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-3ubuntu0.10.04.1_armel.deb Size/MD5: 80194 e88b53ef1d93e9cdc2e5623f2519982a http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-3ubuntu0.10.04.1_armel.deb Size/MD5: 26916 99dc714a2aae594bbf4db96910133f69 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-3ubuntu0.10.04.1_armel.deb Size/MD5: 28454 155d15d7012f11b19216e66b315a2c7e http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-3ubuntu0.10.04.1_armel.deb Size/MD5: 32614 63ed789fb8c1a8cb07f9f9270ad358e4 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-3ubuntu0.10.04.1_armel.deb Size/MD5: 28154 adbfd1ba22fbd665a764818960f36b72 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-3ubuntu0.10.04.1_powerpc.deb Size/MD5: 27730 19bd239884bb82e12c7264a12a16adc2 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-3ubuntu0.10.04.1_powerpc.deb Size/MD5: 238112 08dac3b03459f8a6ca42b51eb4b071b0 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-3ubuntu0.10.04.1_powerpc.deb Size/MD5: 548644 a8497f16e213dc911552b79988450329 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-3ubuntu0.10.04.1_powerpc.deb Size/MD5: 25702 170845964a5007289538dd8a3d989254 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-3ubuntu0.10.04.1_powerpc.deb Size/MD5: 90892 8a5c7d6cba9db0b1d605276c438541f9 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-3ubuntu0.10.04.1_powerpc.deb Size/MD5: 28336 b8d592d5bcdcf26e4d8bb66be90f7581 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-3ubuntu0.10.04.1_powerpc.deb Size/MD5: 30576 7f86366ad1a9f6bcf8e89202912c49ca http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-3ubuntu0.10.04.1_powerpc.deb Size/MD5: 34292 89e3700597a1d1715500103b97252392 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-3ubuntu0.10.04.1_powerpc.deb Size/MD5: 30172 aa087a0171447bdcee540cfed983eebf sparc architecture (Sun SPARC/UltraSPARC): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-3ubuntu0.10.04.1_sparc.deb Size/MD5: 26704 905c70742edfd0a728996d5b7e9b2c94 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-3ubuntu0.10.04.1_sparc.deb Size/MD5: 205658 d682f79532172b49933a495041b6e0f5 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-3ubuntu0.10.04.1_sparc.deb Size/MD5: 544014 8c5a5dab02729cac59f71c3e632c347a http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-3ubuntu0.10.04.1_sparc.deb Size/MD5: 25500 71c9d13a584eb2bc2fb8ffc76b9c4727 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-3ubuntu0.10.04.1_sparc.deb Size/MD5: 87018 a03a1d0a01267d034acf14b3284c0c18 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-3ubuntu0.10.04.1_sparc.deb Size/MD5: 27304 95682866b15456f31d09dbf611bf2571 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-3ubuntu0.10.04.1_sparc.deb Size/MD5: 28978 56a7ee693f5a6c8855283b791e19d597 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-3ubuntu0.10.04.1_sparc.deb Size/MD5: 33144 24592435b94545e73d8eb93bb0b3000d http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-3ubuntu0.10.04.1_sparc.deb Size/MD5: 28440 8cff31f98818edd4897660619701adb0 Updated packages for Ubuntu 10.10: Source archives: http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.3.9+dfsg-3ubuntu0.10.10.1.diff.gz Size/MD5: 24951 bec1436c0fe5b42d1518707314662b07 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.3.9+dfsg-3ubuntu0.10.10.1.dsc Size/MD5: 2527 52e041dc6c9e6f8d1f84390bc1cae47d http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/apr-util_1.3.9+dfsg.orig.tar.gz Size/MD5: 805980 e19f5abd536d19dd3147b840853117da amd64 architecture (Athlon64, Opteron, EM64T Xeon): http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-3ubuntu0.10.10.1_amd64.deb Size/MD5: 28108 16754bc80776397934ef0134addf5e8c http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-3ubuntu0.10.10.1_amd64.deb Size/MD5: 231162 3848adad9ec2b61b5ce420333b076eb8 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-3ubuntu0.10.10.1_amd64.deb Size/MD5: 596004 a0070ac70811d4ff2dcdbbf546d5b0c4 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-3ubuntu0.10.10.1_amd64.deb Size/MD5: 25696 c636860329173b72d8a071d0cc0518d1 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-3ubuntu0.10.10.1_amd64.deb Size/MD5: 89886 ee3dae0131a4f2a25553f3d266278c25 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-3ubuntu0.10.10.1_amd64.deb Size/MD5: 28556 96d14c03ebd06ee24d2e82425c877822 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-3ubuntu0.10.10.1_amd64.deb Size/MD5: 30844 df5caa7ec3ad8db1d5279fcb71b96bf9 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-3ubuntu0.10.10.1_amd64.deb Size/MD5: 34832 c336171da25b904f9a901ec02cafbd50 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-3ubuntu0.10.10.1_amd64.deb Size/MD5: 30484 581dbac22ffc41d44521705e5c3396a2 i386 architecture (x86 compatible Intel/AMD): http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-3ubuntu0.10.10.1_i386.deb Size/MD5: 27200 1b68bd334e2ce184e01dc302142a6e47 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-3ubuntu0.10.10.1_i386.deb Size/MD5: 223824 a463174ac5570ad6a33e054b285b4dc0 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-3ubuntu0.10.10.1_i386.deb Size/MD5: 542126 f1a99dac4c2bedbde4045e78824ca9f6 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-3ubuntu0.10.10.1_i386.deb Size/MD5: 25218 0060476c56a2297e7ef8a3a22b54c8b9 http://security.ubuntu.com/ubuntu/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-3ubuntu0.10.10.1_i386.deb Size/MD5: 84260 4c833f7c6dc2d91d143b9ec35cdedb62 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-3ubuntu0.10.10.1_i386.deb Size/MD5: 27610 098a8a433761733aa12f0b003c5aed4a http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-3ubuntu0.10.10.1_i386.deb Size/MD5: 29606 211bccbb159b83eeaeb3ca57df3a12fd http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-3ubuntu0.10.10.1_i386.deb Size/MD5: 33550 1f865b05e35c9353942a60c7fd7276e8 http://security.ubuntu.com/ubuntu/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-3ubuntu0.10.10.1_i386.deb Size/MD5: 29182 76a6f5b4557fd4a6d6b730be8fdaccab armel architecture (ARM Architecture): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-3ubuntu0.10.10.1_armel.deb Size/MD5: 25890 5aa11cf6abf73ea6d9ebce50b9e196c4 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-3ubuntu0.10.10.1_armel.deb Size/MD5: 225702 d4720114c88ac08245172c39dbd08f6b http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-3ubuntu0.10.10.1_armel.deb Size/MD5: 592304 48d95d2151e8b54cfe06f65a157bef6b http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-3ubuntu0.10.10.1_armel.deb Size/MD5: 24560 bc43ae177de2ef69238ff5ed24d7717d http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-3ubuntu0.10.10.1_armel.deb Size/MD5: 83228 274fd7e62b3b94c6217d839740641ad9 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-3ubuntu0.10.10.1_armel.deb Size/MD5: 26284 5f76b3e9abb5b6d1c8c3b2c6390e14a0 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-3ubuntu0.10.10.1_armel.deb Size/MD5: 27990 b77ce9bde3ffa72e3a2851aa70beb206 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-3ubuntu0.10.10.1_armel.deb Size/MD5: 32132 d9ecfcc40a1412177bed37917f470fbe http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-3ubuntu0.10.10.1_armel.deb Size/MD5: 27616 551d150b2e516da96c14d83aca04b174 powerpc architecture (Apple Macintosh G3/G4/G5): http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbd-sqlite3_1.3.9+dfsg-3ubuntu0.10.10.1_powerpc.deb Size/MD5: 27618 1155ec62c9a437320478cc8802dcfd38 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dbg_1.3.9+dfsg-3ubuntu0.10.10.1_powerpc.deb Size/MD5: 238024 817bf879d8c9477e28c99e7bec33ce87 http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-dev_1.3.9+dfsg-3ubuntu0.10.10.1_powerpc.deb Size/MD5: 552930 aa324c5be7419bc06422fdc3a63b1f1c http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1-ldap_1.3.9+dfsg-3ubuntu0.10.10.1_powerpc.deb Size/MD5: 25622 dac066b00d1c43708e9c074a3aacb62b http://ports.ubuntu.com/pool/main/a/apr-util/libaprutil1_1.3.9+dfsg-3ubuntu0.10.10.1_powerpc.deb Size/MD5: 89706 ac28e25a0c02f57214c805774a4f71d9 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-freetds_1.3.9+dfsg-3ubuntu0.10.10.1_powerpc.deb Size/MD5: 28178 2f67c6e40aa41bcb4942d12fb672a6e6 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-mysql_1.3.9+dfsg-3ubuntu0.10.10.1_powerpc.deb Size/MD5: 30396 7aaed9bff283b2e95b4b1a7595933fda http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-odbc_1.3.9+dfsg-3ubuntu0.10.10.1_powerpc.deb Size/MD5: 34100 46326761d58e264b770fd50bbf06fa25 http://ports.ubuntu.com/pool/universe/a/apr-util/libaprutil1-dbd-pgsql_1.3.9+dfsg-3ubuntu0.10.10.1_powerpc.deb Size/MD5: 30060 54a60afffff7d4706d83224700ea903e . ---------------------------------------------------------------------- Windows Applications Insecure Library Loading The Official, Verified Secunia List: http://secunia.com/advisories/windows_insecure_library_loading/ The list is continuously updated as we confirm the vulnerability reports so check back regularly too see if any of your apps are affected. ---------------------------------------------------------------------- TITLE: Apache HTTP Server APR-util Multiple Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA41811 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41811/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41811 RELEASE DATE: 2010-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/41811/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/41811/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=41811 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Apache HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to application using vulnerable APR-utils code. For more information: SA41701 SOLUTION: Update to version 2.2.17. ORIGINAL ADVISORY: http://www.apache.org/dist/httpd/Announcement2.2.html http://www.apache.org/dist/httpd/CHANGES_2.2.17 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

network

TYPE

Unknown

EXTERNAL IDS