Gentoo Linux Security Advisory GLSA 200803-20 - Will Drewry (Google Security) reported a vulnerability in the regular expression engine when using back references to capture \0 characters (CVE-2007-4770). He also found that the backtracking stack size is not limited, possibly allowing for a heap-based buffer overflow (CVE-2007-4771). Versions less than 3.8.1-r1 are affected.
f981efd5f730cb09f5be1a034695e4cb9c063e51327d95b36499e0704ff91262