USN-5870-1: apr-util vulnerability
14 February 2023
APR-util could be made to crash or run programs as an administrator if it received specially crafted input.
- apr-util - Apache Portable Runtime Utility Library
Ronald Crane discovered that APR-util did not properly handled memory when
encoding or decoding certain input data. An attacker could possibly use
this issue to cause a denial of service, or possibly execute arbitrary
The problem can be corrected by updating your system to the following package versions:
After a standard system update you need to restart any application
using APR-util libraries to make all the necessary changes.