apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject svn propchange: r1098188 - svn:log
Date Thu, 12 May 2011 05:06:02 GMT
Author: wrowe
Revision: 1098188
Modified property: svn:log

Modified: svn:log at Thu May 12 05:06:02 2011
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Thu May 12 05:06:02 2011
@@ -1,8 +1,8 @@
 Security: CVE-2011-0419
 Reported by: Maksymilian Arciemowicz <cxib securityreason.com>
 
-Stack overflow was possible due to unconstrained, recursive invocation
-of apr_fnmatch, as apr_fnmatch processed '*' wildcards.
+Excessive CPU consumption was possible due to the unconstrained, recursive 
+invocation of apr_fnmatch, as apr_fnmatch processed '*' wildcards.
 
 Introduce new apr_fnmatch implementation.  This delivers optimizations 
 in some common cases, without the underlying weakness of recursion 


Mime
View raw message