AVG-469

Package apr
Status Fixed
Severity Medium
Type information disclosure
Affected 1.6.2-1
Fixed 1.6.3-1
Current 1.6.5-1 [extra]
Ticket None
Created Tue Oct 24 13:51:12 2017
Issue Severity Remote Type Description
CVE-2017-12613 Medium Yes Information disclosure
When apr_exp_time*() or apr_os_exp_time*() functions are invoked with an invalid month field value in APR 1.6.2 and prior, out of bounds memory may be...
Date Advisory Package Description
27 Oct 2017 ASA-201710-32 apr information disclosure
References
https://mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E