| Log Message: |
Security: CVE-2011-0419
Reported by: Maksymilian Arciemowicz <cxib securityreason.com>
Excessive CPU consumption was possible due to the unconstrained, recursive
invocation of apr_fnmatch, as apr_fnmatch processed '*' wildcards.
Introduce new apr_fnmatch implementation. This delivers optimizations
in some common cases, without the underlying weakness of recursion
present in older implementations.
Submitted by: William Rowe
|