CVE-2017-12613 - When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value i

CVE-2017-12613

Summary

When apr_time_exp*() or apr_os_exp_time*() functions are invoked with an invalid month field value in Apache Portable Runtime APR 1.6.2 and prior, out of bounds memory may be accessed in converting this value to an apr_time_exp_t value, potentially revealing the contents of a different static heap value or resulting in program termination, and may represent an information disclosure or denial of service vulnerability to applications which call these APR functions with unvalidated external input.

References

Vulnerable Configurations

cpe:2.3:a:apache:portable_runtime:-:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:-:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:0.9.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.3.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:portable_runtime:1.6.5:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_core_services:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:software_collections:1.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

CVSS

Base:	3.6 (as of 18-04-2022 - 18:16)
Impact:
Exploitability:

CWE

CWE-125

CAPEC

Infiltration of Hardware Development Environment
An attacker, leveraging the ability to manipulate components of primary support systems and tools within the development and production environments, inserts malicious software within the hardware and/or firmware development environment. The infiltration purpose is to alter developed hardware components in a system destined for deployment at the victim's organization, for the purpose of disruption or further compromise.
Overread Buffers
An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:N/A:P

redhat via4

advisories

bugzilla

id	1506523
title	CVE-2017-12613 apr: Out-of-bounds array deref in apr_time_exp*() functions

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 6 is installed
oval oval:com.redhat.rhba:tst:20111656003

AND
comment apr is earlier than 0:1.3.9-5.el6_9.1
oval oval:com.redhat.rhsa:tst:20173270001
comment apr is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110507014
AND
comment apr-devel is earlier than 0:1.3.9-5.el6_9.1
oval oval:com.redhat.rhsa:tst:20173270003
comment apr-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110507016

AND

comment Red Hat Enterprise Linux 7 is installed
oval oval:com.redhat.rhba:tst:20150364027

AND
comment apr is earlier than 0:1.4.8-3.el7_4.1
oval oval:com.redhat.rhsa:tst:20173270006
comment apr is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110507014
AND
comment apr-devel is earlier than 0:1.4.8-3.el7_4.1
oval oval:com.redhat.rhsa:tst:20173270007
comment apr-devel is signed with Red Hat redhatrelease2 key
oval oval:com.redhat.rhsa:tst:20110507016

rhsa

id	RHSA-2017:3270
released	2017-11-28
severity	Important
title	RHSA-2017:3270: apr security update (Important)

rhsa
id RHSA-2017:3475
rhsa
id RHSA-2017:3476
rhsa
id RHSA-2017:3477
rhsa
id RHSA-2018:0316
rhsa
id RHSA-2018:0465
rhsa
id RHSA-2018:0466
rhsa
id RHSA-2018:1253

rpms

apr-0:1.3.9-5.el6_9.1
apr-0:1.4.8-3.el7_4.1
apr-debuginfo-0:1.3.9-5.el6_9.1
apr-debuginfo-0:1.4.8-3.el7_4.1
apr-devel-0:1.3.9-5.el6_9.1
apr-devel-0:1.4.8-3.el7_4.1
jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7
jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7
jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7
jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7
jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7
jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7
jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7
jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7
jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7
jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7
jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7
jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7
jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7
jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7
jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7
jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6
jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6
jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6
jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6
jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6
jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6
jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6
jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6
jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6
jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6
jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6
jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6
jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6
jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6
jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6
httpd24-apr-0:1.5.1-1.el6.1
httpd24-apr-debuginfo-0:1.5.1-1.el6.1
httpd24-apr-devel-0:1.5.1-1.el6.1
mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el6
mod_cluster-0:1.3.8-2.Final_redhat_2.1.ep7.el7
mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el6
mod_cluster-tomcat7-0:1.3.8-2.Final_redhat_2.1.ep7.el7
mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el6
mod_cluster-tomcat8-0:1.3.8-2.Final_redhat_2.1.ep7.el7
tomcat-native-0:1.2.8-11.redhat_11.ep7.el6
tomcat-native-0:1.2.8-11.redhat_11.ep7.el7
tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el6
tomcat-native-debuginfo-0:1.2.8-11.redhat_11.ep7.el7
tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el6
tomcat-vault-0:1.1.6-1.Final_redhat_1.1.ep7.el7
tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el6
tomcat-vault-tomcat7-0:1.1.6-1.Final_redhat_1.1.ep7.el7
tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el6
tomcat-vault-tomcat8-0:1.1.6-1.Final_redhat_1.1.ep7.el7
tomcat7-0:7.0.70-25.ep7.el6
tomcat7-0:7.0.70-25.ep7.el7
tomcat7-admin-webapps-0:7.0.70-25.ep7.el6
tomcat7-admin-webapps-0:7.0.70-25.ep7.el7
tomcat7-docs-webapp-0:7.0.70-25.ep7.el6
tomcat7-docs-webapp-0:7.0.70-25.ep7.el7
tomcat7-el-2.2-api-0:7.0.70-25.ep7.el6
tomcat7-el-2.2-api-0:7.0.70-25.ep7.el7
tomcat7-javadoc-0:7.0.70-25.ep7.el6
tomcat7-javadoc-0:7.0.70-25.ep7.el7
tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el6
tomcat7-jsp-2.2-api-0:7.0.70-25.ep7.el7
tomcat7-jsvc-0:7.0.70-25.ep7.el6
tomcat7-jsvc-0:7.0.70-25.ep7.el7
tomcat7-lib-0:7.0.70-25.ep7.el6
tomcat7-lib-0:7.0.70-25.ep7.el7
tomcat7-log4j-0:7.0.70-25.ep7.el6
tomcat7-log4j-0:7.0.70-25.ep7.el7
tomcat7-selinux-0:7.0.70-25.ep7.el6
tomcat7-selinux-0:7.0.70-25.ep7.el7
tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el6
tomcat7-servlet-3.0-api-0:7.0.70-25.ep7.el7
tomcat7-webapps-0:7.0.70-25.ep7.el6
tomcat7-webapps-0:7.0.70-25.ep7.el7
tomcat8-0:8.0.36-29.ep7.el6
tomcat8-0:8.0.36-29.ep7.el7
tomcat8-admin-webapps-0:8.0.36-29.ep7.el6
tomcat8-admin-webapps-0:8.0.36-29.ep7.el7
tomcat8-docs-webapp-0:8.0.36-29.ep7.el6
tomcat8-docs-webapp-0:8.0.36-29.ep7.el7
tomcat8-el-2.2-api-0:8.0.36-29.ep7.el6
tomcat8-el-2.2-api-0:8.0.36-29.ep7.el7
tomcat8-javadoc-0:8.0.36-29.ep7.el6
tomcat8-javadoc-0:8.0.36-29.ep7.el7
tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el6
tomcat8-jsp-2.3-api-0:8.0.36-29.ep7.el7
tomcat8-jsvc-0:8.0.36-29.ep7.el6
tomcat8-jsvc-0:8.0.36-29.ep7.el7
tomcat8-lib-0:8.0.36-29.ep7.el6
tomcat8-lib-0:8.0.36-29.ep7.el7
tomcat8-log4j-0:8.0.36-29.ep7.el6
tomcat8-log4j-0:8.0.36-29.ep7.el7
tomcat8-selinux-0:8.0.36-29.ep7.el6
tomcat8-selinux-0:8.0.36-29.ep7.el7
tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el6
tomcat8-servlet-3.1-api-0:8.0.36-29.ep7.el7
tomcat8-webapps-0:8.0.36-29.ep7.el6
tomcat8-webapps-0:8.0.36-29.ep7.el7
apr-0:1.3.9-5.el6_4.1
apr-0:1.3.9-5.el6_5.1
apr-0:1.3.9-5.el6_6.1
apr-0:1.3.9-5.el6_7.1
apr-0:1.4.8-3.el7_2.1
apr-0:1.4.8-3.el7_3.1
apr-debuginfo-0:1.3.9-5.el6_4.1
apr-debuginfo-0:1.3.9-5.el6_5.1
apr-debuginfo-0:1.3.9-5.el6_6.1
apr-debuginfo-0:1.3.9-5.el6_7.1
apr-debuginfo-0:1.4.8-3.el7_2.1
apr-debuginfo-0:1.4.8-3.el7_3.1
apr-devel-0:1.3.9-5.el6_4.1
apr-devel-0:1.3.9-5.el6_5.1
apr-devel-0:1.3.9-5.el6_6.1
apr-devel-0:1.3.9-5.el6_7.1
apr-devel-0:1.4.8-3.el7_2.1
apr-devel-0:1.4.8-3.el7_3.1

refmap via4

bid	101560
confirm	http://www.apache.org/dist/apr/Announcement1.x.html https://svn.apache.org/viewvc?view=revision&revision=1807976
mlist	[announce] 20171023 Apache Portable Runtime APR 1.6.3, APR-util 1.6.1 and APR-iconv 1.2.2 Released [debian-lts-announce] 20171106 [SECURITY] [DLA 1162-1] apr security update
sectrack	1042004

Last major update

18-04-2022 - 18:16

Published

24-10-2017 - 01:29

Last modified

18-04-2022 - 18:16