Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability

Apache APR-util 'apr_strmatch_precompile()' Integer Underflow Vulnerability

References:

[Apache-SVN] Revision 779880 (Matthew Palmer)
Apache Portable Runtime Homepage (Apache Software Foundation)
APR-util Changelog (Apache Software Foundation)
CVE-2009-0023 Buffer Overflow vulnerability in Apache Portable Runtime Utility ( (Oracle)
PK91241: Z/OS IBM HTTP SERVER FOR WEBSPHERE (POWERED BY APACHE) FIX PACK 6.1.0.2 (IBM)
PM10658: IBM HTTP SERVER 2.0.47 CUMULATIVE INTERIM FIX (IBM)
PK99477: SHIP APAR FIXES FOR H28W700 FIX PACK 7.0.0.7. (IBM)
PK99478: SHIP APAR FIXES FOR H28W700 FIX PACK 7.0.0.7. (IBM)
PK99480: SHIP APAR FIXES FOR H28W700 FIX PACK 7.0.0.7. (IBM)
RHSA-2009:1107 apr-util security update (Red Hat)
RHSA-2009:1160 Important: httpd22 security update (Red Hat)
swg24023947 IBM HTTP Server interim fix for PK91361 (IBM)

Privacy Statement
Copyright 2010, SecurityFocus