Launchpad CVE tracker

CVE 2012-0840

tables/apr_hash.c in the Apache Portable Runtime (APR) library through 1.4.5 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table.

Related bugs and status

CVE-2012-0840 (Candidate) is related to these bugs:

Bug #957727: apr: update to 1.4.6 to fix svn fsfs repository corruption

		In	Importance	Status
957727	apr: update to 1.4.6 to fix svn fsfs repository corruption	apr (Ubuntu)	Medium	Fix Released
957727	apr: update to 1.4.6 to fix svn fsfs repository corruption	APR	Undecided	New
957727	apr: update to 1.4.6 to fix svn fsfs repository corruption	apr (Ubuntu Precise)	Medium	Fix Released
957727	apr: update to 1.4.6 to fix svn fsfs repository corruption	apr (Ubuntu Lucid)	Undecided	Won't Fix
957727	apr: update to 1.4.6 to fix svn fsfs repository corruption	apr (Ubuntu Maverick)	Undecided	Won't Fix
957727	apr: update to 1.4.6 to fix svn fsfs repository corruption	apr (Ubuntu Oneiric)	Undecided	Won't Fix
957727	apr: update to 1.4.6 to fix svn fsfs repository corruption	apr (Ubuntu Natty)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-0840

References