]> git.ipfire.org Git - thirdparty/apache/httpd.git/commit
projects / thirdparty / apache / httpd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2829dd2) | patch
SECURITY: CVE-2016-8740
authorStefan Eissing <icing@apache.org>
Sun, 4 Dec 2016 22:06:30 +0000 (22:06 +0000)
committerStefan Eissing <icing@apache.org>
Sun, 4 Dec 2016 22:06:30 +0000 (22:06 +0000)
commitc671673db96e286e2321d5babf05c767cb76a1ef
tree3a010f268ebaf21c2baae6bc3c0f673dc8285834tree | snapshot
parent2829dd2368bb169204e28f5baa4e2619b360f80acommit | diff
SECURITY: CVE-2016-8740

mod_http2: properly crafted, endless HTTP/2 CONTINUATION frames could be used to exhaust all server's memory.

Reported by: Naveen Tiwari <naveen.tiwari@asu.edu> and CDF/SEFCOM at Arizona State University

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1772576 13f79535-47bb-0310-9956-ffa450edef68
CHANGES diff | blob | blame | history
modules/http2/h2_session.c diff | blob | blame | history
modules/http2/h2_stream.c diff | blob | blame | history
Mirror of https://github.com/apache/httpd.git