Bug#271933: CAN-2004-0786: apr_uri_parse() buffer overflow

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#271933: CAN-2004-0786: apr_uri_parse() buffer overflow
From: Florian Weimer <fw@deneb.enyo.de>
Date: Thu, 16 Sep 2004 10:02:56 +0200
Message-id: <[🔎] E1C7rEG-0001Ob-Pf@deneb.enyo.de>
Reply-to: Florian Weimer <fw@deneb.enyo.de>, 271933@bugs.debian.org

Package: libapr0
Version: 2.0.50-12
Severity: grave
Tags: security
Justification: user security hole

Uniras has reported a vulnerability in apr-util:

<http://www.uniras.gov.uk/vuls/2004/403518/index.htm>

"The identified vulnerability is in the apr-util library; the
apr_uri_parse function in the apr-util library lacks input validation on
IPv6 literal addresses, which can result in a negative length parameter
being passed to memcpy."

It's likely that this bug affects Subversion.

Reply to:

Follow-Ups:
- Bug#271933: marked as done (CAN-2004-0786: apr_uri_parse() buffer overflow)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: それって。。。みれますか？
Next by Date: Bug#271933: marked as done (CAN-2004-0786: apr_uri_parse() buffer overflow)
Previous by thread: それって。。。みれますか？
Next by thread: Bug#271933: marked as done (CAN-2004-0786: apr_uri_parse() buffer overflow)
Index(es):
- Date
- Thread