Comment 8 for bug 811422

halfdog (halfdog) wrote :

CVE-2011-3607 is fixed upstream in trunk, but not yet released: http://svn.apache.org/viewvc?view=revision&revision=1198940

Another CVE-2011-4415 was assigned by mitre to the resource consumption, NULL-dereference issue