SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe Apache Portable Runtime Project reports :
Note especially a security fix to APR 1.4.4, excessive CPU consumption was possible due to an unconstrained, recursive invocation of apr_fnmatch, as apr_fnmatch processed '*' wildcards. Reimplement apr_fnmatch() from scratch using a non-recursive algorithm now has improved compliance with the fnmatch() spec. (William Rowe)
SolutionUpdate the affected package.