Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 4 Jun 2016 12:10:56 -0500
From: Brandon Perry <bperry.volatile@...il.com>
To: oss-security@...ts.openwall.com
Subject: Libtorrent http_parser.cpp denial of service

Helo list,

I recently opened a bug on libtorrent regarding malformed HTTP or UPnP responses that has been fixed on branch RC_1_1. The maintainer also mentioned backporting the fix to RC_1_0.

https://github.com/arvidn/libtorrent/issues/780 <https://github.com/arvidn/libtorrent/issues/780>

https://github.com/arvidn/libtorrent/pull/782 <https://github.com/arvidn/libtorrent/pull/782>

[ CONTENT OF TYPE text/html SKIPPED ]

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ