Fri, 4 Nov 2011

2:03 PM - CVE-2011-3336

 I just patched  CVE-2011-3336

This could be used as a denial of service attack against FTP servers or anything else that uses regular expressions from libc.  A "bad" regex can consume massive amounts of memory.

The fix has been committed to CURRENT.  I want to test this further before applying it to 0.3, but if you have a public facing system, you may wish to grab the following file and rebuild libc:;content-type=text%2Fplain

The patch does pass the regression tests, but I'm not certain the memory limit calculation is correct. Our implementation is a bit different than NetBSD's as it supports wide characters.