A denial of service attack against apr_brigade_split_line was discovered in apr-util . Packages for 2008.0 and 2009.0 are provided as of the Extended Maintenance Program