/[Apache-SVN]
ViewVC logotype

Revision 1772576

Jump to revision: Previous Next
Author: icing
Date: Sun Dec 4 22:06:30 2016 UTC (7 years, 4 months ago)
Changed paths: 3
Log Message: 
SECURITY: CVE-2016-8740

mod_http2: properly crafted, endless HTTP/2 CONTINUATION frames could be used to exhaust all server's memory.

Reported by: Naveen Tiwari <naveen.tiwari@asu.edu> and CDF/SEFCOM at Arizona State University

Changed paths

Path Details
Directoryhttpd/httpd/trunk/CHANGES modified , text changed
Directoryhttpd/httpd/trunk/modules/http2/h2_session.c modified , text changed
Directoryhttpd/httpd/trunk/modules/http2/h2_stream.c modified , text changed
infrastructure at apache.org
 ViewVC Help
Powered by ViewVC 1.1.26