Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 4 Jun 2016 12:10:56 -0500
From: Brandon Perry <bperry.volatile@...il.com>
To: oss-security@...ts.openwall.com
Subject: Libtorrent http_parser.cpp denial of service

Helo list,

I recently opened a bug on libtorrent regarding malformed HTTP or UPnP responses that has been fixed on branch RC_1_1. The maintainer also mentioned backporting the fix to RC_1_0.

https://github.com/arvidn/libtorrent/issues/780 <https://github.com/arvidn/libtorrent/issues/780>

https://github.com/arvidn/libtorrent/pull/782 <https://github.com/arvidn/libtorrent/pull/782>

Content of type "text/html" skipped

Download attachment "signature.asc" of type "application/pgp-signature" (843 bytes)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ