This Security Update fixes a vulnerability where URLs that lead to a HTTP 404 error is uniquely cached, causing a new cache file to be generated for each such error. This behavior can in theory be exploited in a DDOS attack causing possible harm such as increased server load, hard disk usage, and network bandwidth. This update ensures that such errors lead to no cache usage and just displays the error message. We strongly recommend that you install this Security Update as soon as possible.
Patch for eZ Publish: https://github.com/ezsystems/ezpublish-legacy/commit/2e26576924fb65c57ae567e2adc07f57d2dc368f