Max Kellermann reported a NULL pointer dereference flaw in libapreq2, a generic Apache request library, allowing a remote attacker to cause a denial of service against an application using the library (application crash) if an invalid nested “multipart” body is processed.
1.6.7 Fix potential crash when reloading config. Client library: * Don’t use / in autogenerated client ids, to avoid confusing with topics. * Fix mosquitto_max_inflight_messages_set() and mosquitto_int_option(…, MOSQ_OPT_*_MAX, …) behaviour. * Fix regression on use of
1.6.7 Fix potential crash when reloading config. Client library: * Don’t use / in autogenerated client ids, to avoid confusing with topics. * Fix mosquitto_max_inflight_messages_set() and mosquitto_int_option(…, MOSQ_OPT_*_MAX, …) behaviour. * Fix regression on use of
1.6.7 Fix potential crash when reloading config. Client library: * Don’t use / in autogenerated client ids, to avoid confusing with topics. * Fix mosquitto_max_inflight_messages_set() and mosquitto_int_option(…, MOSQ_OPT_*_MAX, …) behaviour. * Fix regression on use of
Several security issues were fixed in the Linux kernel.
59 queries. 8.5 mb Memory usage. 1.267 seconds.