libapr1: security update

This update fixes:
- CVE-2011-0419 and CVE-2011-1928: unconstrained recursion
when processing patterns
- CVE-2010-1623: a remote DoS (memory leak) in APR's
reqtimeout_filter function

Fixed bugs
bnc#693778
VUL-0: libapr: Unconstrained recursion when processing patterns
bnc#690734
Internal server error on very long URL
bnc#670027
apache doesnt recommend a mpm
bnc#653510
Memory leak in Apache/PHP
CVE#CVE-2011-0419
Stack consumption vulnerability in the fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X
CVE#CVE-2010-1623
Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apache HTTP Server and other software, allows remote attac
CVE#CVE-2011-1928
The fnmatch implementation in apr_fnmatch.c in the Apache Portable Runtime (APR) library 1.4.3 and 1.4.4, and the Apache HTTP Server 2.2.18, allows remote attackers to cause a denial of service (infinite loop) via a URI that does not match unspecified typ
Selected Binaries
openSUSE Build Service is sponsored by