Date: Sat, 4 Jun 2016 12:10:56 -0500 From: Brandon Perry <bperry.volatile@...il.com> To: oss-security@...ts.openwall.com Subject: Libtorrent http_parser.cpp denial of service Helo list, I recently opened a bug on libtorrent regarding malformed HTTP or UPnP responses that has been fixed on branch RC_1_1. The maintainer also mentioned backporting the fix to RC_1_0. https://github.com/arvidn/libtorrent/issues/780 <https://github.com/arvidn/libtorrent/issues/780> https://github.com/arvidn/libtorrent/pull/782 <https://github.com/arvidn/libtorrent/pull/782> [ CONTENT OF TYPE text/html SKIPPED ] [ CONTENT OF TYPE application/pgp-signature SKIPPED ]
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ